[PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers

These patches make the kernel pass 64-bit inode numbers internally when
communicating to userspace, even on a 32-bit system.  They are required
because some filesystems have intrinsic 64-bit inode numbers: NFS3+ and XFS
for example.  The 64-bit inode numbers are then propagated to userspace
automatically where the arch supports it.

Problems have been seen with userspace (eg: ld.so) using the 64-bit inode
number returned by stat64() or getdents64() to differentiate files, and
failing because the 64-bit inode number space was compressed to 32-bits, and
so overlaps occur.

This patch:

Make filldir_t take a 64-bit inode number and struct kstat carry a 64-bit
inode number so that 64-bit inode numbers can be passed back to userspace.

The stat functions then returns the full 64-bit inode number where
available and where possible.  If it is not possible to represent the inode
number supplied by the filesystem in the field provided by userspace, then
error EOVERFLOW will be issued.

Similarly, the getdents/readdir functions now pass the full 64-bit inode
number to userspace where possible, returning EOVERFLOW instead when a
directory entry is encountered that can't be properly represented.

Note that this means that some inodes will not be stat'able on a 32-bit
system with old libraries where they were before - but it does mean that
there will be no ambiguity over what a 32-bit inode number refers to.

Note similarly that directory scans may be cut short with an error on a
32-bit system with old libraries where the scan would work before for the
same reasons.

It is judged unlikely that this situation will occur because modern glibc
uses 64-bit capable versions of stat and getdents class functions
exclusively, and that older systems are unlikely to encounter
unrepresentable inode numbers anyway.

[akpm: alpha build fix]
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
David Howells 2006-10-03 01:13:46 -07:00 committed by Linus Torvalds
parent 1d32849b14
commit afefdbb28a
23 changed files with 152 additions and 45 deletions

View File

@ -111,22 +111,26 @@ struct osf_dirent_callback {
static int static int
osf_filldir(void *__buf, const char *name, int namlen, loff_t offset, osf_filldir(void *__buf, const char *name, int namlen, loff_t offset,
ino_t ino, unsigned int d_type) u64 ino, unsigned int d_type)
{ {
struct osf_dirent __user *dirent; struct osf_dirent __user *dirent;
struct osf_dirent_callback *buf = (struct osf_dirent_callback *) __buf; struct osf_dirent_callback *buf = (struct osf_dirent_callback *) __buf;
unsigned int reclen = ROUND_UP(NAME_OFFSET + namlen + 1); unsigned int reclen = ROUND_UP(NAME_OFFSET + namlen + 1);
unsigned int d_ino;
buf->error = -EINVAL; /* only used if we fail */ buf->error = -EINVAL; /* only used if we fail */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
if (buf->basep) { if (buf->basep) {
if (put_user(offset, buf->basep)) if (put_user(offset, buf->basep))
return -EFAULT; return -EFAULT;
buf->basep = NULL; buf->basep = NULL;
} }
dirent = buf->dirent; dirent = buf->dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
if (copy_to_user(dirent->d_name, name, namlen) || if (copy_to_user(dirent->d_name, name, namlen) ||

View File

@ -125,6 +125,7 @@ sys32_execve (char __user *name, compat_uptr_t __user *argv, compat_uptr_t __use
int cp_compat_stat(struct kstat *stat, struct compat_stat __user *ubuf) int cp_compat_stat(struct kstat *stat, struct compat_stat __user *ubuf)
{ {
compat_ino_t ino;
int err; int err;
if ((u64) stat->size > MAX_NON_LFS || if ((u64) stat->size > MAX_NON_LFS ||
@ -132,11 +133,15 @@ int cp_compat_stat(struct kstat *stat, struct compat_stat __user *ubuf)
!old_valid_dev(stat->rdev)) !old_valid_dev(stat->rdev))
return -EOVERFLOW; return -EOVERFLOW;
ino = stat->ino;
if (sizeof(ino) < sizeof(stat->ino) && ino != stat->ino)
return -EOVERFLOW;
if (clear_user(ubuf, sizeof(*ubuf))) if (clear_user(ubuf, sizeof(*ubuf)))
return -EFAULT; return -EFAULT;
err = __put_user(old_encode_dev(stat->dev), &ubuf->st_dev); err = __put_user(old_encode_dev(stat->dev), &ubuf->st_dev);
err |= __put_user(stat->ino, &ubuf->st_ino); err |= __put_user(ino, &ubuf->st_ino);
err |= __put_user(stat->mode, &ubuf->st_mode); err |= __put_user(stat->mode, &ubuf->st_mode);
err |= __put_user(stat->nlink, &ubuf->st_nlink); err |= __put_user(stat->nlink, &ubuf->st_nlink);
err |= __put_user(high2lowuid(stat->uid), &ubuf->st_uid); err |= __put_user(high2lowuid(stat->uid), &ubuf->st_uid);
@ -1222,16 +1227,20 @@ struct readdir32_callback {
}; };
static int static int
filldir32 (void *__buf, const char *name, int namlen, loff_t offset, ino_t ino, filldir32 (void *__buf, const char *name, int namlen, loff_t offset, u64 ino,
unsigned int d_type) unsigned int d_type)
{ {
struct compat_dirent __user * dirent; struct compat_dirent __user * dirent;
struct getdents32_callback * buf = (struct getdents32_callback *) __buf; struct getdents32_callback * buf = (struct getdents32_callback *) __buf;
int reclen = ROUND_UP(offsetof(struct compat_dirent, d_name) + namlen + 1, 4); int reclen = ROUND_UP(offsetof(struct compat_dirent, d_name) + namlen + 1, 4);
u32 d_ino;
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
buf->error = -EFAULT; /* only used if we fail.. */ buf->error = -EFAULT; /* only used if we fail.. */
dirent = buf->previous; dirent = buf->previous;
if (dirent) if (dirent)
@ -1239,7 +1248,7 @@ filldir32 (void *__buf, const char *name, int namlen, loff_t offset, ino_t ino,
return -EFAULT; return -EFAULT;
dirent = buf->current_dir; dirent = buf->current_dir;
buf->previous = dirent; buf->previous = dirent;
if (put_user(ino, &dirent->d_ino) if (put_user(d_ino, &dirent->d_ino)
|| put_user(reclen, &dirent->d_reclen) || put_user(reclen, &dirent->d_reclen)
|| copy_to_user(dirent->d_name, name, namlen) || copy_to_user(dirent->d_name, name, namlen)
|| put_user(0, dirent->d_name + namlen)) || put_user(0, dirent->d_name + namlen))
@ -1287,17 +1296,21 @@ out:
} }
static int static int
fillonedir32 (void * __buf, const char * name, int namlen, loff_t offset, ino_t ino, fillonedir32 (void * __buf, const char * name, int namlen, loff_t offset, u64 ino,
unsigned int d_type) unsigned int d_type)
{ {
struct readdir32_callback * buf = (struct readdir32_callback *) __buf; struct readdir32_callback * buf = (struct readdir32_callback *) __buf;
struct old_linux32_dirent __user * dirent; struct old_linux32_dirent __user * dirent;
u32 d_ino;
if (buf->count) if (buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
buf->count++; buf->count++;
dirent = buf->dirent; dirent = buf->dirent;
if (put_user(ino, &dirent->d_ino) if (put_user(d_ino, &dirent->d_ino)
|| put_user(offset, &dirent->d_offset) || put_user(offset, &dirent->d_offset)
|| put_user(namlen, &dirent->d_namlen) || put_user(namlen, &dirent->d_namlen)
|| copy_to_user(dirent->d_name, name, namlen) || copy_to_user(dirent->d_name, name, namlen)

View File

@ -77,6 +77,8 @@ int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf)
memset(&tmp, 0, sizeof(tmp)); memset(&tmp, 0, sizeof(tmp));
tmp.st_dev = new_encode_dev(stat->dev); tmp.st_dev = new_encode_dev(stat->dev);
tmp.st_ino = stat->ino; tmp.st_ino = stat->ino;
if (sizeof(tmp.st_ino) < sizeof(stat->ino) && tmp.st_ino != stat->ino)
return -EOVERFLOW;
tmp.st_mode = stat->mode; tmp.st_mode = stat->mode;
tmp.st_nlink = stat->nlink; tmp.st_nlink = stat->nlink;
SET_UID(tmp.st_uid, stat->uid); SET_UID(tmp.st_uid, stat->uid);

View File

@ -1739,12 +1739,13 @@ struct irix_dirent32_callback {
#define ROUND_UP32(x) (((x)+sizeof(u32)-1) & ~(sizeof(u32)-1)) #define ROUND_UP32(x) (((x)+sizeof(u32)-1) & ~(sizeof(u32)-1))
static int irix_filldir32(void *__buf, const char *name, static int irix_filldir32(void *__buf, const char *name,
int namlen, loff_t offset, ino_t ino, unsigned int d_type) int namlen, loff_t offset, u64 ino, unsigned int d_type)
{ {
struct irix_dirent32 __user *dirent; struct irix_dirent32 __user *dirent;
struct irix_dirent32_callback *buf = __buf; struct irix_dirent32_callback *buf = __buf;
unsigned short reclen = ROUND_UP32(NAME_OFFSET32(dirent) + namlen + 1); unsigned short reclen = ROUND_UP32(NAME_OFFSET32(dirent) + namlen + 1);
int err = 0; int err = 0;
u32 d_ino;
#ifdef DEBUG_GETDENTS #ifdef DEBUG_GETDENTS
printk("\nirix_filldir32[reclen<%d>namlen<%d>count<%d>]", printk("\nirix_filldir32[reclen<%d>namlen<%d>count<%d>]",
@ -1753,12 +1754,15 @@ static int irix_filldir32(void *__buf, const char *name,
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) if (dirent)
err = __put_user(offset, &dirent->d_off); err = __put_user(offset, &dirent->d_off);
dirent = buf->current_dir; dirent = buf->current_dir;
err |= __put_user(dirent, &buf->previous); err |= __put_user(dirent, &buf->previous);
err |= __put_user(ino, &dirent->d_ino); err |= __put_user(d_ino, &dirent->d_ino);
err |= __put_user(reclen, &dirent->d_reclen); err |= __put_user(reclen, &dirent->d_reclen);
err |= copy_to_user((char __user *)dirent->d_name, name, namlen) ? -EFAULT : 0; err |= copy_to_user((char __user *)dirent->d_name, name, namlen) ? -EFAULT : 0;
err |= __put_user(0, &dirent->d_name[namlen]); err |= __put_user(0, &dirent->d_name[namlen]);
@ -1837,7 +1841,7 @@ struct irix_dirent64_callback {
#define ROUND_UP64(x) (((x)+sizeof(u64)-1) & ~(sizeof(u64)-1)) #define ROUND_UP64(x) (((x)+sizeof(u64)-1) & ~(sizeof(u64)-1))
static int irix_filldir64(void *__buf, const char *name, static int irix_filldir64(void *__buf, const char *name,
int namlen, loff_t offset, ino_t ino, unsigned int d_type) int namlen, loff_t offset, u64 ino, unsigned int d_type)
{ {
struct irix_dirent64 __user *dirent; struct irix_dirent64 __user *dirent;
struct irix_dirent64_callback * buf = __buf; struct irix_dirent64_callback * buf = __buf;

View File

@ -77,17 +77,21 @@ static int filldir(void * __buf, const char * name, int namlen, loff_t offset,
{ {
struct hpux_dirent * dirent; struct hpux_dirent * dirent;
struct getdents_callback * buf = (struct getdents_callback *) __buf; struct getdents_callback * buf = (struct getdents_callback *) __buf;
ino_t d_ino;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1);
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) if (dirent)
put_user(offset, &dirent->d_off); put_user(offset, &dirent->d_off);
dirent = buf->current_dir; dirent = buf->current_dir;
buf->previous = dirent; buf->previous = dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
copy_to_user(dirent->d_name, name, namlen); copy_to_user(dirent->d_name, name, namlen);

View File

@ -237,14 +237,19 @@ int sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user
int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf) int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf)
{ {
compat_ino_t ino;
int err; int err;
if (stat->size > MAX_NON_LFS || !new_valid_dev(stat->dev) || if (stat->size > MAX_NON_LFS || !new_valid_dev(stat->dev) ||
!new_valid_dev(stat->rdev)) !new_valid_dev(stat->rdev))
return -EOVERFLOW; return -EOVERFLOW;
ino = stat->ino;
if (sizeof(ino) < sizeof(stat->ino) && ino != stat->ino)
return -EOVERFLOW;
err = put_user(new_encode_dev(stat->dev), &statbuf->st_dev); err = put_user(new_encode_dev(stat->dev), &statbuf->st_dev);
err |= put_user(stat->ino, &statbuf->st_ino); err |= put_user(ino, &statbuf->st_ino);
err |= put_user(stat->mode, &statbuf->st_mode); err |= put_user(stat->mode, &statbuf->st_mode);
err |= put_user(stat->nlink, &statbuf->st_nlink); err |= put_user(stat->nlink, &statbuf->st_nlink);
err |= put_user(0, &statbuf->st_reserved1); err |= put_user(0, &statbuf->st_reserved1);
@ -312,16 +317,20 @@ filldir32 (void *__buf, const char *name, int namlen, loff_t offset, ino_t ino,
struct linux32_dirent __user * dirent; struct linux32_dirent __user * dirent;
struct getdents32_callback * buf = (struct getdents32_callback *) __buf; struct getdents32_callback * buf = (struct getdents32_callback *) __buf;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1, 4); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1, 4);
u32 d_ino;
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) if (dirent)
put_user(offset, &dirent->d_off); put_user(offset, &dirent->d_off);
dirent = buf->current_dir; dirent = buf->current_dir;
buf->previous = dirent; buf->previous = dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
copy_to_user(dirent->d_name, name, namlen); copy_to_user(dirent->d_name, name, namlen);
put_user(0, dirent->d_name + namlen); put_user(0, dirent->d_name + namlen);
@ -371,12 +380,16 @@ fillonedir32 (void * __buf, const char * name, int namlen, loff_t offset, ino_t
{ {
struct readdir32_callback * buf = (struct readdir32_callback *) __buf; struct readdir32_callback * buf = (struct readdir32_callback *) __buf;
struct old_linux32_dirent __user * dirent; struct old_linux32_dirent __user * dirent;
u32 d_ino;
if (buf->count) if (buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
buf->count++; buf->count++;
dirent = buf->dirent; dirent = buf->dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(offset, &dirent->d_offset); put_user(offset, &dirent->d_offset);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
copy_to_user(dirent->d_name, name, namlen); copy_to_user(dirent->d_name, name, namlen);

View File

@ -69,16 +69,20 @@ struct readdir_callback32 {
}; };
static int fillonedir(void * __buf, const char * name, int namlen, static int fillonedir(void * __buf, const char * name, int namlen,
off_t offset, ino_t ino, unsigned int d_type) off_t offset, u64 ino, unsigned int d_type)
{ {
struct readdir_callback32 * buf = (struct readdir_callback32 *) __buf; struct readdir_callback32 * buf = (struct readdir_callback32 *) __buf;
struct old_linux_dirent32 __user * dirent; struct old_linux_dirent32 __user * dirent;
ino_t d_ino;
if (buf->count) if (buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
buf->count++; buf->count++;
dirent = buf->dirent; dirent = buf->dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(offset, &dirent->d_offset); put_user(offset, &dirent->d_offset);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
copy_to_user(dirent->d_name, name, namlen); copy_to_user(dirent->d_name, name, namlen);
@ -120,15 +124,20 @@ asmlinkage long ppc32_select(u32 n, compat_ulong_t __user *inp,
int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf) int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf)
{ {
compat_ino_t ino;
long err; long err;
if (stat->size > MAX_NON_LFS || !new_valid_dev(stat->dev) || if (stat->size > MAX_NON_LFS || !new_valid_dev(stat->dev) ||
!new_valid_dev(stat->rdev)) !new_valid_dev(stat->rdev))
return -EOVERFLOW; return -EOVERFLOW;
ino = stat->ino;
if (sizeof(ino) < sizeof(stat->ino) && ino != stat->ino)
return -EOVERFLOW;
err = access_ok(VERIFY_WRITE, statbuf, sizeof(*statbuf)) ? 0 : -EFAULT; err = access_ok(VERIFY_WRITE, statbuf, sizeof(*statbuf)) ? 0 : -EFAULT;
err |= __put_user(new_encode_dev(stat->dev), &statbuf->st_dev); err |= __put_user(new_encode_dev(stat->dev), &statbuf->st_dev);
err |= __put_user(stat->ino, &statbuf->st_ino); err |= __put_user(ino, &statbuf->st_ino);
err |= __put_user(stat->mode, &statbuf->st_mode); err |= __put_user(stat->mode, &statbuf->st_mode);
err |= __put_user(stat->nlink, &statbuf->st_nlink); err |= __put_user(stat->nlink, &statbuf->st_nlink);
err |= __put_user(stat->uid, &statbuf->st_uid); err |= __put_user(stat->uid, &statbuf->st_uid);

View File

@ -357,11 +357,16 @@ asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long high, unsigned
int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf) int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf)
{ {
compat_ino_t ino;
int err; int err;
if (!old_valid_dev(stat->dev) || !old_valid_dev(stat->rdev)) if (!old_valid_dev(stat->dev) || !old_valid_dev(stat->rdev))
return -EOVERFLOW; return -EOVERFLOW;
ino = stat->ino;
if (sizeof(ino) < sizeof(stat->ino) && ino != stat->ino)
return -EOVERFLOW;
err = put_user(old_encode_dev(stat->dev), &statbuf->st_dev); err = put_user(old_encode_dev(stat->dev), &statbuf->st_dev);
err |= put_user(stat->ino, &statbuf->st_ino); err |= put_user(stat->ino, &statbuf->st_ino);
err |= put_user(stat->mode, &statbuf->st_mode); err |= put_user(stat->mode, &statbuf->st_mode);

View File

@ -325,21 +325,25 @@ struct sunos_dirent_callback {
#define ROUND_UP(x) (((x)+sizeof(long)-1) & ~(sizeof(long)-1)) #define ROUND_UP(x) (((x)+sizeof(long)-1) & ~(sizeof(long)-1))
static int sunos_filldir(void * __buf, const char * name, int namlen, static int sunos_filldir(void * __buf, const char * name, int namlen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct sunos_dirent __user *dirent; struct sunos_dirent __user *dirent;
struct sunos_dirent_callback * buf = __buf; struct sunos_dirent_callback * buf = __buf;
unsigned long d_ino;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1);
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) if (dirent)
put_user(offset, &dirent->d_off); put_user(offset, &dirent->d_off);
dirent = buf->curr; dirent = buf->curr;
buf->previous = dirent; buf->previous = dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
copy_to_user(dirent->d_name, name, namlen); copy_to_user(dirent->d_name, name, namlen);
@ -406,19 +410,23 @@ struct sunos_direntry_callback {
}; };
static int sunos_filldirentry(void * __buf, const char * name, int namlen, static int sunos_filldirentry(void * __buf, const char * name, int namlen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct sunos_direntry __user *dirent; struct sunos_direntry __user *dirent;
struct sunos_direntry_callback *buf = __buf; struct sunos_direntry_callback *buf = __buf;
unsigned long d_ino;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1);
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
dirent = buf->curr; dirent = buf->curr;
buf->previous = dirent; buf->previous = dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
copy_to_user(dirent->d_name, name, namlen); copy_to_user(dirent->d_name, name, namlen);

View File

@ -337,12 +337,17 @@ asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long high, unsigned
int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf) int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf)
{ {
compat_ino_t ino;
int err; int err;
if (stat->size > MAX_NON_LFS || !old_valid_dev(stat->dev) || if (stat->size > MAX_NON_LFS || !old_valid_dev(stat->dev) ||
!old_valid_dev(stat->rdev)) !old_valid_dev(stat->rdev))
return -EOVERFLOW; return -EOVERFLOW;
ino = stat->ino;
if (sizeof(ino) < sizeof(stat->ino) && ino != stat->ino)
return -EOVERFLOW;
err = put_user(old_encode_dev(stat->dev), &statbuf->st_dev); err = put_user(old_encode_dev(stat->dev), &statbuf->st_dev);
err |= put_user(stat->ino, &statbuf->st_ino); err |= put_user(stat->ino, &statbuf->st_ino);
err |= put_user(stat->mode, &statbuf->st_mode); err |= put_user(stat->mode, &statbuf->st_mode);

View File

@ -280,16 +280,20 @@ static int sunos_filldir(void * __buf, const char * name, int namlen,
struct sunos_dirent __user *dirent; struct sunos_dirent __user *dirent;
struct sunos_dirent_callback * buf = (struct sunos_dirent_callback *) __buf; struct sunos_dirent_callback * buf = (struct sunos_dirent_callback *) __buf;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1);
u32 d_ino;
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) if (dirent)
put_user(offset, &dirent->d_off); put_user(offset, &dirent->d_off);
dirent = buf->curr; dirent = buf->curr;
buf->previous = dirent; buf->previous = dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
if (copy_to_user(dirent->d_name, name, namlen)) if (copy_to_user(dirent->d_name, name, namlen))
@ -363,14 +367,18 @@ static int sunos_filldirentry(void * __buf, const char * name, int namlen,
struct sunos_direntry_callback * buf = struct sunos_direntry_callback * buf =
(struct sunos_direntry_callback *) __buf; (struct sunos_direntry_callback *) __buf;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1);
u32 d_ino;
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
dirent = buf->curr; dirent = buf->curr;
buf->previous = dirent; buf->previous = dirent;
put_user(ino, &dirent->d_ino); put_user(d_ino, &dirent->d_ino);
put_user(namlen, &dirent->d_namlen); put_user(namlen, &dirent->d_namlen);
put_user(reclen, &dirent->d_reclen); put_user(reclen, &dirent->d_reclen);
if (copy_to_user(dirent->d_name, name, namlen)) if (copy_to_user(dirent->d_name, name, namlen))

View File

@ -82,12 +82,17 @@ struct sol_stat64 {
static inline int putstat(struct sol_stat __user *ubuf, struct kstat *kbuf) static inline int putstat(struct sol_stat __user *ubuf, struct kstat *kbuf)
{ {
u32 ino;
if (kbuf->size > MAX_NON_LFS || if (kbuf->size > MAX_NON_LFS ||
!sysv_valid_dev(kbuf->dev) || !sysv_valid_dev(kbuf->dev) ||
!sysv_valid_dev(kbuf->rdev)) !sysv_valid_dev(kbuf->rdev))
return -EOVERFLOW; return -EOVERFLOW;
ino = kbuf->ino;
if (sizeof(ino) < sizeof(kbuf->ino) && ino != kbuf->ino)
return -EOVERFLOW;
if (put_user (sysv_encode_dev(kbuf->dev), &ubuf->st_dev) || if (put_user (sysv_encode_dev(kbuf->dev), &ubuf->st_dev) ||
__put_user (kbuf->ino, &ubuf->st_ino) || __put_user (ino, &ubuf->st_ino) ||
__put_user (kbuf->mode, &ubuf->st_mode) || __put_user (kbuf->mode, &ubuf->st_mode) ||
__put_user (kbuf->nlink, &ubuf->st_nlink) || __put_user (kbuf->nlink, &ubuf->st_nlink) ||
__put_user (kbuf->uid, &ubuf->st_uid) || __put_user (kbuf->uid, &ubuf->st_uid) ||

View File

@ -76,6 +76,8 @@
int cp_compat_stat(struct kstat *kbuf, struct compat_stat __user *ubuf) int cp_compat_stat(struct kstat *kbuf, struct compat_stat __user *ubuf)
{ {
compat_ino_t ino;
typeof(ubuf->st_uid) uid = 0; typeof(ubuf->st_uid) uid = 0;
typeof(ubuf->st_gid) gid = 0; typeof(ubuf->st_gid) gid = 0;
SET_UID(uid, kbuf->uid); SET_UID(uid, kbuf->uid);
@ -84,9 +86,12 @@ int cp_compat_stat(struct kstat *kbuf, struct compat_stat __user *ubuf)
return -EOVERFLOW; return -EOVERFLOW;
if (kbuf->size >= 0x7fffffff) if (kbuf->size >= 0x7fffffff)
return -EOVERFLOW; return -EOVERFLOW;
ino = kbuf->ino;
if (sizeof(ino) < sizeof(kbuf->ino) && ino != kbuf->ino)
return -EOVERFLOW;
if (!access_ok(VERIFY_WRITE, ubuf, sizeof(struct compat_stat)) || if (!access_ok(VERIFY_WRITE, ubuf, sizeof(struct compat_stat)) ||
__put_user (old_encode_dev(kbuf->dev), &ubuf->st_dev) || __put_user (old_encode_dev(kbuf->dev), &ubuf->st_dev) ||
__put_user (kbuf->ino, &ubuf->st_ino) || __put_user (ino, &ubuf->st_ino) ||
__put_user (kbuf->mode, &ubuf->st_mode) || __put_user (kbuf->mode, &ubuf->st_mode) ||
__put_user (kbuf->nlink, &ubuf->st_nlink) || __put_user (kbuf->nlink, &ubuf->st_nlink) ||
__put_user (uid, &ubuf->st_uid) || __put_user (uid, &ubuf->st_uid) ||

View File

@ -30,7 +30,7 @@ static int afs_dir_readdir(struct file *file, void *dirent, filldir_t filldir);
static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd); static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd);
static int afs_d_delete(struct dentry *dentry); static int afs_d_delete(struct dentry *dentry);
static int afs_dir_lookup_filldir(void *_cookie, const char *name, int nlen, static int afs_dir_lookup_filldir(void *_cookie, const char *name, int nlen,
loff_t fpos, ino_t ino, unsigned dtype); loff_t fpos, u64 ino, unsigned dtype);
const struct file_operations afs_dir_file_operations = { const struct file_operations afs_dir_file_operations = {
.open = afs_dir_open, .open = afs_dir_open,
@ -409,7 +409,7 @@ static int afs_dir_readdir(struct file *file, void *cookie, filldir_t filldir)
* uniquifier through dtype * uniquifier through dtype
*/ */
static int afs_dir_lookup_filldir(void *_cookie, const char *name, int nlen, static int afs_dir_lookup_filldir(void *_cookie, const char *name, int nlen,
loff_t fpos, ino_t ino, unsigned dtype) loff_t fpos, u64 ino, unsigned dtype)
{ {
struct afs_dir_lookup_cookie *cookie = _cookie; struct afs_dir_lookup_cookie *cookie = _cookie;

View File

@ -914,20 +914,24 @@ struct compat_readdir_callback {
}; };
static int compat_fillonedir(void *__buf, const char *name, int namlen, static int compat_fillonedir(void *__buf, const char *name, int namlen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct compat_readdir_callback *buf = __buf; struct compat_readdir_callback *buf = __buf;
struct compat_old_linux_dirent __user *dirent; struct compat_old_linux_dirent __user *dirent;
compat_ulong_t d_ino;
if (buf->result) if (buf->result)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
buf->result++; buf->result++;
dirent = buf->dirent; dirent = buf->dirent;
if (!access_ok(VERIFY_WRITE, dirent, if (!access_ok(VERIFY_WRITE, dirent,
(unsigned long)(dirent->d_name + namlen + 1) - (unsigned long)(dirent->d_name + namlen + 1) -
(unsigned long)dirent)) (unsigned long)dirent))
goto efault; goto efault;
if ( __put_user(ino, &dirent->d_ino) || if ( __put_user(d_ino, &dirent->d_ino) ||
__put_user(offset, &dirent->d_offset) || __put_user(offset, &dirent->d_offset) ||
__put_user(namlen, &dirent->d_namlen) || __put_user(namlen, &dirent->d_namlen) ||
__copy_to_user(dirent->d_name, name, namlen) || __copy_to_user(dirent->d_name, name, namlen) ||
@ -978,22 +982,26 @@ struct compat_getdents_callback {
}; };
static int compat_filldir(void *__buf, const char *name, int namlen, static int compat_filldir(void *__buf, const char *name, int namlen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct compat_linux_dirent __user * dirent; struct compat_linux_dirent __user * dirent;
struct compat_getdents_callback *buf = __buf; struct compat_getdents_callback *buf = __buf;
compat_ulong_t d_ino;
int reclen = COMPAT_ROUND_UP(NAME_OFFSET(dirent) + namlen + 2); int reclen = COMPAT_ROUND_UP(NAME_OFFSET(dirent) + namlen + 2);
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) { if (dirent) {
if (__put_user(offset, &dirent->d_off)) if (__put_user(offset, &dirent->d_off))
goto efault; goto efault;
} }
dirent = buf->current_dir; dirent = buf->current_dir;
if (__put_user(ino, &dirent->d_ino)) if (__put_user(d_ino, &dirent->d_ino))
goto efault; goto efault;
if (__put_user(reclen, &dirent->d_reclen)) if (__put_user(reclen, &dirent->d_reclen))
goto efault; goto efault;
@ -1064,7 +1072,7 @@ struct compat_getdents_callback64 {
}; };
static int compat_filldir64(void * __buf, const char * name, int namlen, loff_t offset, static int compat_filldir64(void * __buf, const char * name, int namlen, loff_t offset,
ino_t ino, unsigned int d_type) u64 ino, unsigned int d_type)
{ {
struct linux_dirent64 __user *dirent; struct linux_dirent64 __user *dirent;
struct compat_getdents_callback64 *buf = __buf; struct compat_getdents_callback64 *buf = __buf;

View File

@ -315,7 +315,7 @@ struct getdents_callback {
* the name matching the specified inode number. * the name matching the specified inode number.
*/ */
static int filldir_one(void * __buf, const char * name, int len, static int filldir_one(void * __buf, const char * name, int len,
loff_t pos, ino_t ino, unsigned int d_type) loff_t pos, u64 ino, unsigned int d_type)
{ {
struct getdents_callback *buf = __buf; struct getdents_callback *buf = __buf;
int result = 0; int result = 0;

View File

@ -648,7 +648,7 @@ static int fat_readdir(struct file *filp, void *dirent, filldir_t filldir)
} }
static int fat_ioctl_filldir(void *__buf, const char *name, int name_len, static int fat_ioctl_filldir(void *__buf, const char *name, int name_len,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct fat_ioctl_filldir_callback *buf = __buf; struct fat_ioctl_filldir_callback *buf = __buf;
struct dirent __user *d1 = buf->dirent; struct dirent __user *d1 = buf->dirent;

View File

@ -184,7 +184,7 @@ struct dentry_list_arg {
static int static int
nfsd4_build_dentrylist(void *arg, const char *name, int namlen, nfsd4_build_dentrylist(void *arg, const char *name, int namlen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct dentry_list_arg *dla = arg; struct dentry_list_arg *dla = arg;
struct list_head *dentries = &dla->dentries; struct list_head *dentries = &dla->dentries;

View File

@ -69,20 +69,24 @@ struct readdir_callback {
}; };
static int fillonedir(void * __buf, const char * name, int namlen, loff_t offset, static int fillonedir(void * __buf, const char * name, int namlen, loff_t offset,
ino_t ino, unsigned int d_type) u64 ino, unsigned int d_type)
{ {
struct readdir_callback * buf = (struct readdir_callback *) __buf; struct readdir_callback * buf = (struct readdir_callback *) __buf;
struct old_linux_dirent __user * dirent; struct old_linux_dirent __user * dirent;
unsigned long d_ino;
if (buf->result) if (buf->result)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
buf->result++; buf->result++;
dirent = buf->dirent; dirent = buf->dirent;
if (!access_ok(VERIFY_WRITE, dirent, if (!access_ok(VERIFY_WRITE, dirent,
(unsigned long)(dirent->d_name + namlen + 1) - (unsigned long)(dirent->d_name + namlen + 1) -
(unsigned long)dirent)) (unsigned long)dirent))
goto efault; goto efault;
if ( __put_user(ino, &dirent->d_ino) || if ( __put_user(d_ino, &dirent->d_ino) ||
__put_user(offset, &dirent->d_offset) || __put_user(offset, &dirent->d_offset) ||
__put_user(namlen, &dirent->d_namlen) || __put_user(namlen, &dirent->d_namlen) ||
__copy_to_user(dirent->d_name, name, namlen) || __copy_to_user(dirent->d_name, name, namlen) ||
@ -138,22 +142,26 @@ struct getdents_callback {
}; };
static int filldir(void * __buf, const char * name, int namlen, loff_t offset, static int filldir(void * __buf, const char * name, int namlen, loff_t offset,
ino_t ino, unsigned int d_type) u64 ino, unsigned int d_type)
{ {
struct linux_dirent __user * dirent; struct linux_dirent __user * dirent;
struct getdents_callback * buf = (struct getdents_callback *) __buf; struct getdents_callback * buf = (struct getdents_callback *) __buf;
unsigned long d_ino;
int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 2); int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 2);
buf->error = -EINVAL; /* only used if we fail.. */ buf->error = -EINVAL; /* only used if we fail.. */
if (reclen > buf->count) if (reclen > buf->count)
return -EINVAL; return -EINVAL;
d_ino = ino;
if (sizeof(d_ino) < sizeof(ino) && d_ino != ino)
return -EOVERFLOW;
dirent = buf->previous; dirent = buf->previous;
if (dirent) { if (dirent) {
if (__put_user(offset, &dirent->d_off)) if (__put_user(offset, &dirent->d_off))
goto efault; goto efault;
} }
dirent = buf->current_dir; dirent = buf->current_dir;
if (__put_user(ino, &dirent->d_ino)) if (__put_user(d_ino, &dirent->d_ino))
goto efault; goto efault;
if (__put_user(reclen, &dirent->d_reclen)) if (__put_user(reclen, &dirent->d_reclen))
goto efault; goto efault;
@ -222,7 +230,7 @@ struct getdents_callback64 {
}; };
static int filldir64(void * __buf, const char * name, int namlen, loff_t offset, static int filldir64(void * __buf, const char * name, int namlen, loff_t offset,
ino_t ino, unsigned int d_type) u64 ino, unsigned int d_type)
{ {
struct linux_dirent64 __user *dirent; struct linux_dirent64 __user *dirent;
struct getdents_callback64 * buf = (struct getdents_callback64 *) __buf; struct getdents_callback64 * buf = (struct getdents_callback64 *) __buf;

View File

@ -773,7 +773,7 @@ int reiserfs_xattr_del(struct inode *inode, const char *name)
static int static int
reiserfs_delete_xattrs_filler(void *buf, const char *name, int namelen, reiserfs_delete_xattrs_filler(void *buf, const char *name, int namelen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct dentry *xadir = (struct dentry *)buf; struct dentry *xadir = (struct dentry *)buf;
@ -851,7 +851,7 @@ struct reiserfs_chown_buf {
/* XXX: If there is a better way to do this, I'd love to hear about it */ /* XXX: If there is a better way to do this, I'd love to hear about it */
static int static int
reiserfs_chown_xattrs_filler(void *buf, const char *name, int namelen, reiserfs_chown_xattrs_filler(void *buf, const char *name, int namelen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct reiserfs_chown_buf *chown_buf = (struct reiserfs_chown_buf *)buf; struct reiserfs_chown_buf *chown_buf = (struct reiserfs_chown_buf *)buf;
struct dentry *xafile, *xadir = chown_buf->xadir; struct dentry *xafile, *xadir = chown_buf->xadir;
@ -1036,7 +1036,7 @@ struct reiserfs_listxattr_buf {
static int static int
reiserfs_listxattr_filler(void *buf, const char *name, int namelen, reiserfs_listxattr_filler(void *buf, const char *name, int namelen,
loff_t offset, ino_t ino, unsigned int d_type) loff_t offset, u64 ino, unsigned int d_type)
{ {
struct reiserfs_listxattr_buf *b = (struct reiserfs_listxattr_buf *)buf; struct reiserfs_listxattr_buf *b = (struct reiserfs_listxattr_buf *)buf;
int len = 0; int len = 0;

View File

@ -140,6 +140,8 @@ static int cp_old_stat(struct kstat *stat, struct __old_kernel_stat __user * sta
memset(&tmp, 0, sizeof(struct __old_kernel_stat)); memset(&tmp, 0, sizeof(struct __old_kernel_stat));
tmp.st_dev = old_encode_dev(stat->dev); tmp.st_dev = old_encode_dev(stat->dev);
tmp.st_ino = stat->ino; tmp.st_ino = stat->ino;
if (sizeof(tmp.st_ino) < sizeof(stat->ino) && tmp.st_ino != stat->ino)
return -EOVERFLOW;
tmp.st_mode = stat->mode; tmp.st_mode = stat->mode;
tmp.st_nlink = stat->nlink; tmp.st_nlink = stat->nlink;
if (tmp.st_nlink != stat->nlink) if (tmp.st_nlink != stat->nlink)
@ -210,6 +212,8 @@ static int cp_new_stat(struct kstat *stat, struct stat __user *statbuf)
tmp.st_dev = new_encode_dev(stat->dev); tmp.st_dev = new_encode_dev(stat->dev);
#endif #endif
tmp.st_ino = stat->ino; tmp.st_ino = stat->ino;
if (sizeof(tmp.st_ino) < sizeof(stat->ino) && tmp.st_ino != stat->ino)
return -EOVERFLOW;
tmp.st_mode = stat->mode; tmp.st_mode = stat->mode;
tmp.st_nlink = stat->nlink; tmp.st_nlink = stat->nlink;
if (tmp.st_nlink != stat->nlink) if (tmp.st_nlink != stat->nlink)
@ -347,6 +351,8 @@ static long cp_new_stat64(struct kstat *stat, struct stat64 __user *statbuf)
tmp.st_rdev = huge_encode_dev(stat->rdev); tmp.st_rdev = huge_encode_dev(stat->rdev);
#endif #endif
tmp.st_ino = stat->ino; tmp.st_ino = stat->ino;
if (sizeof(tmp.st_ino) < sizeof(stat->ino) && tmp.st_ino != stat->ino)
return -EOVERFLOW;
#ifdef STAT64_HAS_BROKEN_ST_INO #ifdef STAT64_HAS_BROKEN_ST_INO
tmp.__st_ino = stat->ino; tmp.__st_ino = stat->ino;
#endif #endif

View File

@ -1049,7 +1049,7 @@ int generic_osync_inode(struct inode *, struct address_space *, int);
* This allows the kernel to read directories into kernel space or * This allows the kernel to read directories into kernel space or
* to have different dirent layouts depending on the binary type. * to have different dirent layouts depending on the binary type.
*/ */
typedef int (*filldir_t)(void *, const char *, int, loff_t, ino_t, unsigned); typedef int (*filldir_t)(void *, const char *, int, loff_t, u64, unsigned);
struct block_device_operations { struct block_device_operations {
int (*open) (struct inode *, struct file *); int (*open) (struct inode *, struct file *);

View File

@ -57,7 +57,7 @@
#include <linux/time.h> #include <linux/time.h>
struct kstat { struct kstat {
unsigned long ino; u64 ino;
dev_t dev; dev_t dev;
umode_t mode; umode_t mode;
unsigned int nlink; unsigned int nlink;