From: Khazhismel Kumykov <khazhy@google.com>
Date: Thu, 14 Apr 2022 22:40:56 +0000 (-0700)
Subject: block/compat_ioctl: fix range check in BLKGETSIZE
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=4142a864dea06f24195a705573ebfe24601f5c92;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git

block/compat_ioctl: fix range check in BLKGETSIZE

commit ccf16413e520164eb718cf8b22a30438da80ff23 upstream.

kernel ulong and compat_ulong_t may not be same width. Use type directly
to eliminate mismatches.

This would result in truncation rather than EFBIG for 32bit mode for
large disks.

Reviewed-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Khazhismel Kumykov <khazhy@google.com>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Link: https://lore.kernel.org/r/20220414224056.2875681-1-khazhy@google.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/block/compat_ioctl.c b/block/compat_ioctl.c
index 6490b2759bcb..9ef62d42ba5b 100644
--- a/block/compat_ioctl.c
+++ b/block/compat_ioctl.c
@@ -391,7 +391,7 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg)
 		return 0;
 	case BLKGETSIZE:
 		size = i_size_read(bdev->bd_inode);
-		if ((size >> 9) > ~0UL)
+		if ((size >> 9) > ~(compat_ulong_t)0)
 			return -EFBIG;
 		return compat_put_ulong(arg, size >> 9);