[PATCH 4/6] switch readdir(2) to unsafe_copy_dirent_name()

From: Al Viro
Date: Thu May 28 2020 - 19:49:31 EST

Next message: Al Viro: "[PATCH 5/6] readdir.c: get compat_filldir() more or less in sync with filldir()"
Previous message: Al Viro: "[PATCHES] uaccess readdir"
In reply to: Al Viro: "[PATCHES] uaccess readdir"
Next in thread: Al Viro: "[PATCH 5/6] readdir.c: get compat_filldir() more or less in sync with filldir()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>

... and the same for its compat counterpart

Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
---
fs/readdir.c | 30 ++++++++++++++++--------------
1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/fs/readdir.c b/fs/readdir.c
index ed6aaad451aa..a9085016a619 100644
--- a/fs/readdir.c
+++ b/fs/readdir.c
@@ -157,17 +157,18 @@ static int fillonedir(struct dir_context *ctx, const char *name, int namlen,
}
buf->result++;
dirent = buf->dirent;
- if (!access_ok(dirent,
+ if (!user_write_access_begin(dirent,
(unsigned long)(dirent->d_name + namlen + 1) -
(unsigned long)dirent))
goto efault;
- if ( __put_user(d_ino, &dirent->d_ino) ||
- __put_user(offset, &dirent->d_offset) ||
- __put_user(namlen, &dirent->d_namlen) ||
- __copy_to_user(dirent->d_name, name, namlen) ||
- __put_user(0, dirent->d_name + namlen))
- goto efault;
+ unsafe_put_user(d_ino, &dirent->d_ino, efault_end);
+ unsafe_put_user(offset, &dirent->d_offset, efault_end);
+ unsafe_put_user(namlen, &dirent->d_namlen, efault_end);
+ unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end);
+ user_write_access_end();
return 0;
+efault_end:
+ user_write_access_end();
efault:
buf->result = -EFAULT;
return -EFAULT;
@@ -424,17 +425,18 @@ static int compat_fillonedir(struct dir_context *ctx, const char *name,
}
buf->result++;
dirent = buf->dirent;
- if (!access_ok(dirent,
+ if (!user_write_access_begin(dirent,
(unsigned long)(dirent->d_name + namlen + 1) -
(unsigned long)dirent))
goto efault;
- if ( __put_user(d_ino, &dirent->d_ino) ||
- __put_user(offset, &dirent->d_offset) ||
- __put_user(namlen, &dirent->d_namlen) ||
- __copy_to_user(dirent->d_name, name, namlen) ||
- __put_user(0, dirent->d_name + namlen))
- goto efault;
+ unsafe_put_user(d_ino, &dirent->d_ino, efault_end);
+ unsafe_put_user(offset, &dirent->d_offset, efault_end);
+ unsafe_put_user(namlen, &dirent->d_namlen, efault_end);
+ unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end);
+ user_write_access_end();
return 0;
+efault_end:
+ user_write_access_end();
efault:
buf->result = -EFAULT;
return -EFAULT;
--
2.11.0

Next message: Al Viro: "[PATCH 5/6] readdir.c: get compat_filldir() more or less in sync with filldir()"
Previous message: Al Viro: "[PATCHES] uaccess readdir"
In reply to: Al Viro: "[PATCHES] uaccess readdir"
Next in thread: Al Viro: "[PATCH 5/6] readdir.c: get compat_filldir() more or less in sync with filldir()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]