* [PATCH] Btrfs: do not overwrite error return value in the balance ioctl
@ 2018-12-14 19:45 fdmanana
2018-12-17 8:25 ` Anand Jain
2019-01-08 11:42 ` [PATCH v2] " fdmanana
0 siblings, 2 replies; 6+ messages in thread
From: fdmanana @ 2018-12-14 19:45 UTC (permalink / raw)
To: linux-btrfs
From: Filipe Manana <fdmanana@suse.com>
If the call to btrfs_balance() failed we would overwrite the error
returned to user space with -EFAULT if the call to copy_to_user() failed
as well. Fix that by calling copy_to_user() only if btrfs_balance()
returned success.
Signed-off-by: Filipe Manana <fdmanana@suse.com>
---
fs/btrfs/ioctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index abe45fd97ab5..4ad7288f77d0 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -4707,7 +4707,7 @@ static long btrfs_ioctl_balance(struct file *file, void __user *arg)
ret = btrfs_balance(fs_info, bctl, bargs);
bctl = NULL;
- if (arg) {
+ if (ret == 0 && arg) {
if (copy_to_user(arg, bargs, sizeof(*bargs)))
ret = -EFAULT;
}
--
2.11.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] Btrfs: do not overwrite error return value in the balance ioctl
2018-12-14 19:45 [PATCH] Btrfs: do not overwrite error return value in the balance ioctl fdmanana
@ 2018-12-17 8:25 ` Anand Jain
2018-12-17 9:24 ` Filipe Manana
2019-01-08 11:42 ` [PATCH v2] " fdmanana
1 sibling, 1 reply; 6+ messages in thread
From: Anand Jain @ 2018-12-17 8:25 UTC (permalink / raw)
To: fdmanana; +Cc: linux-btrfs
On 12/15/2018 03:45 AM, fdmanana@kernel.org wrote:
> From: Filipe Manana <fdmanana@suse.com>
>
> If the call to btrfs_balance() failed we would overwrite the error
> returned to user space with -EFAULT if the call to copy_to_user() failed
> as well. Fix that by calling copy_to_user() only if btrfs_balance()
> returned success.
>
> Signed-off-by: Filipe Manana <fdmanana@suse.com>
> ---
> fs/btrfs/ioctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
> index abe45fd97ab5..4ad7288f77d0 100644
> --- a/fs/btrfs/ioctl.c
> +++ b/fs/btrfs/ioctl.c
> @@ -4707,7 +4707,7 @@ static long btrfs_ioctl_balance(struct file *file, void __user *arg)
> ret = btrfs_balance(fs_info, bctl, bargs);
> bctl = NULL;
>
> - if (arg) {
> + if (ret == 0 && arg) {
> if (copy_to_user(arg, bargs, sizeof(*bargs)))
> ret = -EFAULT;
> }
>
This changes the BTRFS_IOC_BALANCE_V2 semantics.
Originally, if BTRFS_IOC_BALANCE_V2 is failed/canceled we do update
bargs [1] and copy to user land, but after this patch we copy only
if the ioctl is successful. I doubt if David is OK with that.
[1]
----------
3717 int btrfs_balance(struct btrfs_fs_info *fs_info,
3718 struct btrfs_balance_control *bctl,
3719 struct btrfs_ioctl_balance_args *bargs)
3720 {
::
3855 ret = __btrfs_balance(fs_info);
3856
3857 mutex_lock(&fs_info->balance_mutex);
3858 clear_bit(BTRFS_FS_BALANCE_RUNNING, &fs_info->flags);
3859
3860 if (bargs) {
3861 memset(bargs, 0, sizeof(*bargs));
3862 btrfs_update_ioctl_balance_args(fs_info, bargs);
3863 }
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Btrfs: do not overwrite error return value in the balance ioctl
2018-12-17 8:25 ` Anand Jain
@ 2018-12-17 9:24 ` Filipe Manana
2019-01-02 18:28 ` David Sterba
0 siblings, 1 reply; 6+ messages in thread
From: Filipe Manana @ 2018-12-17 9:24 UTC (permalink / raw)
To: Anand Jain; +Cc: linux-btrfs
On Mon, Dec 17, 2018 at 8:25 AM Anand Jain <anand.jain@oracle.com> wrote:
>
>
>
> On 12/15/2018 03:45 AM, fdmanana@kernel.org wrote:
> > From: Filipe Manana <fdmanana@suse.com>
> >
> > If the call to btrfs_balance() failed we would overwrite the error
> > returned to user space with -EFAULT if the call to copy_to_user() failed
> > as well. Fix that by calling copy_to_user() only if btrfs_balance()
> > returned success.
> >
> > Signed-off-by: Filipe Manana <fdmanana@suse.com>
> > ---
> > fs/btrfs/ioctl.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
> > index abe45fd97ab5..4ad7288f77d0 100644
> > --- a/fs/btrfs/ioctl.c
> > +++ b/fs/btrfs/ioctl.c
> > @@ -4707,7 +4707,7 @@ static long btrfs_ioctl_balance(struct file *file, void __user *arg)
> > ret = btrfs_balance(fs_info, bctl, bargs);
> > bctl = NULL;
> >
> > - if (arg) {
> > + if (ret == 0 && arg) {
> > if (copy_to_user(arg, bargs, sizeof(*bargs)))
> > ret = -EFAULT;
> > }
> >
>
> This changes the BTRFS_IOC_BALANCE_V2 semantics.
>
> Originally, if BTRFS_IOC_BALANCE_V2 is failed/canceled we do update
> bargs [1] and copy to user land, but after this patch we copy only
> if the ioctl is successful. I doubt if David is OK with that.
I thought about that. But that logic, if it's really in use by someone
(something) out there then they must be treating -EFAULT differently
from any other error.
Because if copy_to_user() fails it means it didn't copy all bytes it
was so supposed to (its return value is number of bytes not copied),
so the arguments structure ends up in an inconsistent state.
>
> [1]
> ----------
> 3717 int btrfs_balance(struct btrfs_fs_info *fs_info,
> 3718 struct btrfs_balance_control *bctl,
> 3719 struct btrfs_ioctl_balance_args *bargs)
> 3720 {
> ::
>
> 3855 ret = __btrfs_balance(fs_info);
> 3856
> 3857 mutex_lock(&fs_info->balance_mutex);
> 3858 clear_bit(BTRFS_FS_BALANCE_RUNNING, &fs_info->flags);
> 3859
> 3860 if (bargs) {
> 3861 memset(bargs, 0, sizeof(*bargs));
> 3862 btrfs_update_ioctl_balance_args(fs_info, bargs);
> 3863 }
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Btrfs: do not overwrite error return value in the balance ioctl
2018-12-17 9:24 ` Filipe Manana
@ 2019-01-02 18:28 ` David Sterba
0 siblings, 0 replies; 6+ messages in thread
From: David Sterba @ 2019-01-02 18:28 UTC (permalink / raw)
To: Filipe Manana; +Cc: Anand Jain, linux-btrfs
On Mon, Dec 17, 2018 at 09:24:43AM +0000, Filipe Manana wrote:
> On Mon, Dec 17, 2018 at 8:25 AM Anand Jain <anand.jain@oracle.com> wrote:
> >
> >
> >
> > On 12/15/2018 03:45 AM, fdmanana@kernel.org wrote:
> > > From: Filipe Manana <fdmanana@suse.com>
> > >
> > > If the call to btrfs_balance() failed we would overwrite the error
> > > returned to user space with -EFAULT if the call to copy_to_user() failed
> > > as well. Fix that by calling copy_to_user() only if btrfs_balance()
> > > returned success.
> > >
> > > Signed-off-by: Filipe Manana <fdmanana@suse.com>
> > > ---
> > > fs/btrfs/ioctl.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
> > > index abe45fd97ab5..4ad7288f77d0 100644
> > > --- a/fs/btrfs/ioctl.c
> > > +++ b/fs/btrfs/ioctl.c
> > > @@ -4707,7 +4707,7 @@ static long btrfs_ioctl_balance(struct file *file, void __user *arg)
> > > ret = btrfs_balance(fs_info, bctl, bargs);
> > > bctl = NULL;
> > >
> > > - if (arg) {
> > > + if (ret == 0 && arg) {
> > > if (copy_to_user(arg, bargs, sizeof(*bargs)))
> > > ret = -EFAULT;
> > > }
> > >
> >
> > This changes the BTRFS_IOC_BALANCE_V2 semantics.
> >
> > Originally, if BTRFS_IOC_BALANCE_V2 is failed/canceled we do update
> > bargs [1] and copy to user land, but after this patch we copy only
> > if the ioctl is successful. I doubt if David is OK with that.
>
> I thought about that. But that logic, if it's really in use by someone
> (something) out there then they must be treating -EFAULT differently
> from any other error.
> Because if copy_to_user() fails it means it didn't copy all bytes it
> was so supposed to (its return value is number of bytes not copied),
> so the arguments structure ends up in an inconsistent state.
The balance ioctl as used in btrfs-progs expects valid contents of the
bargs even if the ioctl returns negative value, with errno set to
ECANCELED:
https://github.com/kdave/btrfs-progs/blob/master/cmds-balance.c#L458
So the condition would need to take that into account
if ((ret == 0 || ret == -ECANCELED) && arg)
I haven't found any other error that would need to be whitelisted here.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] Btrfs: do not overwrite error return value in the balance ioctl
2018-12-14 19:45 [PATCH] Btrfs: do not overwrite error return value in the balance ioctl fdmanana
2018-12-17 8:25 ` Anand Jain
@ 2019-01-08 11:42 ` fdmanana
2019-01-08 15:58 ` David Sterba
1 sibling, 1 reply; 6+ messages in thread
From: fdmanana @ 2019-01-08 11:42 UTC (permalink / raw)
To: linux-btrfs
From: Filipe Manana <fdmanana@suse.com>
If the call to btrfs_balance() failed we would overwrite the error
returned to user space with -EFAULT if the call to copy_to_user() failed
as well. Fix that by calling copy_to_user() only if btrfs_balance()
returned success or was canceled.
Signed-off-by: Filipe Manana <fdmanana@suse.com>
---
V2: Considered the case where balance is canceled.
fs/btrfs/ioctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index d0da86ac53bf..8dbb4ed07da1 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -4768,7 +4768,7 @@ static long btrfs_ioctl_balance(struct file *file, void __user *arg)
ret = btrfs_balance(fs_info, bctl, bargs);
bctl = NULL;
- if (arg) {
+ if ((ret == 0 || ret == -ECANCELED) && arg) {
if (copy_to_user(arg, bargs, sizeof(*bargs)))
ret = -EFAULT;
}
--
2.11.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v2] Btrfs: do not overwrite error return value in the balance ioctl
2019-01-08 11:42 ` [PATCH v2] " fdmanana
@ 2019-01-08 15:58 ` David Sterba
0 siblings, 0 replies; 6+ messages in thread
From: David Sterba @ 2019-01-08 15:58 UTC (permalink / raw)
To: fdmanana; +Cc: linux-btrfs
On Tue, Jan 08, 2019 at 11:42:01AM +0000, fdmanana@kernel.org wrote:
> From: Filipe Manana <fdmanana@suse.com>
>
> If the call to btrfs_balance() failed we would overwrite the error
> returned to user space with -EFAULT if the call to copy_to_user() failed
> as well. Fix that by calling copy_to_user() only if btrfs_balance()
> returned success or was canceled.
>
> Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-01-08 15:58 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-14 19:45 [PATCH] Btrfs: do not overwrite error return value in the balance ioctl fdmanana
2018-12-17 8:25 ` Anand Jain
2018-12-17 9:24 ` Filipe Manana
2019-01-02 18:28 ` David Sterba
2019-01-08 11:42 ` [PATCH v2] " fdmanana
2019-01-08 15:58 ` David Sterba
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).