ceph: add additional range check in ceph_fallocate() (0671e996) · Commits · e / devices / android_kernel_xiaomi_nabu

fs/ceph/file.c

+5 −3

Original line number	Original line	Diff line number	Diff line
	@@ -1728,8 +1728,7 @@ static long ceph_fallocate(struct file *file, int mode,
	struct ceph_file_info *fi = file->private_data;		struct ceph_file_info *fi = file->private_data;
	struct inode *inode = file_inode(file);		struct inode *inode = file_inode(file);
	struct ceph_inode_info *ci = ceph_inode(inode);		struct ceph_inode_info *ci = ceph_inode(inode);
	struct ceph_osd_client *osdc =		struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
	&ceph_inode_to_client(inode)->client->osdc;
	struct ceph_cap_flush *prealloc_cf;		struct ceph_cap_flush *prealloc_cf;
	int want, got = 0;		int want, got = 0;
	int dirty;		int dirty;
	@@ -1737,6 +1736,9 @@ static long ceph_fallocate(struct file *file, int mode,
	loff_t endoff = 0;		loff_t endoff = 0;
	loff_t size;		loff_t size;

			if ((offset + length) > max(i_size_read(inode), fsc->max_file_size))
			return -EFBIG;

	if (mode & ~(FALLOC_FL_KEEP_SIZE \| FALLOC_FL_PUNCH_HOLE))		if (mode & ~(FALLOC_FL_KEEP_SIZE \| FALLOC_FL_PUNCH_HOLE))
	return -EOPNOTSUPP;		return -EOPNOTSUPP;

	@@ -1760,7 +1762,7 @@ static long ceph_fallocate(struct file *file, int mode,
	goto unlock;		goto unlock;
	}		}

	if (ceph_osdmap_flag(osdc, CEPH_OSDMAP_FULL) &&		if (ceph_osdmap_flag(&fsc->client->osdc, CEPH_OSDMAP_FULL) &&
	!(mode & FALLOC_FL_PUNCH_HOLE)) {		!(mode & FALLOC_FL_PUNCH_HOLE)) {
	ret = -ENOSPC;		ret = -ENOSPC;
	goto unlock;		goto unlock;