projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fbe99f1)
9P: Cast to loff_t before multiplying
authorMatthew Wilcox (Oracle) <willy@infradead.org>
Sun, 4 Oct 2020 18:04:22 +0000 (19:04 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 5 Nov 2020 10:07:03 +0000 (11:07 +0100)
commit f5f7ab168b9a60e12a4b8f2bb6fcc91321dc23c1 upstream.

On 32-bit systems, this multiplication will overflow for files larger
than 4GB.

Link: http://lkml.kernel.org/r/20201004180428.14494-2-willy@infradead.org
Cc: stable@vger.kernel.org
Fixes: fb89b45cdfdc ("9P: introduction of a new cache=mmap model.")
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: Dominique Martinet <asmadeus@codewreck.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/9p/vfs_file.c patch | blob | blame | history

diff --git a/fs/9p/vfs_file.c b/fs/9p/vfs_file.c
index 2651192f0166709a01cc69138a36af49e972b99b..13e126f578514e4eadb5bac4d0b88d2c6658e3ba 100644 (file)
--- a/fs/9p/vfs_file.c
+++ b/fs/9p/vfs_file.c
@@ -624,9 +624,9 @@ static void v9fs_mmap_vm_close(struct vm_area_struct *vma)
        struct writeback_control wbc = {
                .nr_to_write = LONG_MAX,
                .sync_mode = WB_SYNC_ALL,
-               .range_start = vma->vm_pgoff * PAGE_SIZE,
+               .range_start = (loff_t)vma->vm_pgoff * PAGE_SIZE,
                 /* absolute end, byte at end included */
-               .range_end = vma->vm_pgoff * PAGE_SIZE +
+               .range_end = (loff_t)vma->vm_pgoff * PAGE_SIZE +
                        (vma->vm_end - vma->vm_start - 1),
        };