From: Wu Fengguang Date: Wed, 10 Mar 2010 23:21:51 +0000 (-0800) Subject: /dev/mem: dont allow seek to last page X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=dcefafb6ac90ece8d68a6c203105f3d313e52da4;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git /dev/mem: dont allow seek to last page So as to return a uniform error -EOVERFLOW instead of a random one: # kmem-seek 0xfffffffffffffff0 seek /dev/kmem: Device or resource busy # kmem-seek 0xfffffffffffffff1 seek /dev/kmem: Block device required Suggested by OGAWA Hirofumi. Cc: OGAWA Hirofumi Reviewed-by: KAMEZAWA Hiroyuki Signed-off-by: Wu Fengguang Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/drivers/char/mem.c b/drivers/char/mem.c index 48788db4e280..e3f5577cbce3 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -708,16 +708,23 @@ static loff_t memory_lseek(struct file * file, loff_t offset, int orig) mutex_lock(&file->f_path.dentry->d_inode->i_mutex); switch (orig) { - case 0: + case SEEK_CUR: + offset += file->f_pos; + if ((unsigned long long)offset < + (unsigned long long)file->f_pos) { + ret = -EOVERFLOW; + break; + } + case SEEK_SET: + /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */ + if ((unsigned long long)offset >= ~0xFFFULL) { + ret = -EOVERFLOW; + break; + } file->f_pos = offset; ret = file->f_pos; force_successful_syscall_return(); break; - case 1: - file->f_pos += offset; - ret = file->f_pos; - force_successful_syscall_return(); - break; default: ret = -EINVAL; }