From patchwork Thu Jan 30 00:27:27 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gerhard Heift <gerhard@heift.name>
X-Patchwork-Id: 3555391
Return-Path: <linux-btrfs-owner@kernel.org>
X-Original-To: patchwork-linux-btrfs@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.19.201])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 1BEE6C02DC
	for <patchwork-linux-btrfs@patchwork.kernel.org>;
	Thu, 30 Jan 2014 00:28:10 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 32A4A201B9
	for <patchwork-linux-btrfs@patchwork.kernel.org>;
	Thu, 30 Jan 2014 00:28:09 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 8E7E82018E
	for <patchwork-linux-btrfs@patchwork.kernel.org>;
	Thu, 30 Jan 2014 00:28:07 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752317AbaA3A1z (ORCPT
	<rfc822;patchwork-linux-btrfs@patchwork.kernel.org>);
	Wed, 29 Jan 2014 19:27:55 -0500
Received: from mail-ea0-f173.google.com ([209.85.215.173]:39875 "EHLO
	mail-ea0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752211AbaA3A1t (ORCPT
	<rfc822;linux-btrfs@vger.kernel.org>);
	Wed, 29 Jan 2014 19:27:49 -0500
Received: by mail-ea0-f173.google.com with SMTP id d10so1256626eaj.18
	for <linux-btrfs@vger.kernel.org>;
	Wed, 29 Jan 2014 16:27:48 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=S5webSWnA4UYrV1gUP/euRLOgQf0fU4y7EaA6eotYRM=;
	b=QXPQJX/j8v8HtlZhmPVRnXopBL6gPeGAf6FJoWFTKkXniM02VZoxnDty6nq4w0hLpQ
	sFyxJ6AABQl4+kTMBLix8mjc7l33C2DyYOIeAwCAmq4WCU+PaGedOtSr+mxKxybHd2E6
	Nqp6Tx1JF58ZUX0q0hAiy3ptIHw24JHay3w5MxhzeQgszA15hA+NNb6dz2kyJG+D/Gac
	wqLRlb8HrF5TkC9Njsc8UZo2tI8Rv12zLgYjSfcoT/9begikdF2Xh2LxC81ZR/XSTWDa
	8vWVInCidjpXH1rejVkgCr5KOVmNbJBGqAXXDxmQ9CC2ZRg1cLdusDAc4QxSYHslaZEr
	qPkw==
X-Gm-Message-State: 
 ALoCoQnBbQBcQwYjvpvfnreuR3r7Q+jsWW8JCRMtvilbfge8lyC+bEGjli8RzKkQOnsAXvpAyrzb
X-Received: by 10.15.61.7 with SMTP id h7mr8657783eex.49.1391041668400;
	Wed, 29 Jan 2014 16:27:48 -0800 (PST)
Received: from localhost (host-115-115.kawo1.rwth-aachen.de.
	[134.130.115.115]) by mx.google.com with ESMTPSA id
	k41sm15291668eey.0.2014.01.29.16.27.47
	for <linux-btrfs@vger.kernel.org>
	(version=TLSv1.2 cipher=RC4-SHA bits=128/128);
	Wed, 29 Jan 2014 16:27:47 -0800 (PST)
From: Gerhard Heift <gerhard@heift.name>
To: linux-btrfs@vger.kernel.org
Subject: [PATCH RFCv3 2/6] btrfs: copy_to_sk returns EOVERFLOW for too small
	buffer
Date: Thu, 30 Jan 2014 01:27:27 +0100
Message-Id: <1391041651-15689-3-git-send-email-Gerhard@Heift.Name>
X-Mailer: git-send-email 1.8.5.3
In-Reply-To: <1391041651-15689-1-git-send-email-Gerhard@Heift.Name>
References: <1391041651-15689-1-git-send-email-Gerhard@Heift.Name>
Sender: linux-btrfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-btrfs.vger.kernel.org>
X-Mailing-List: linux-btrfs@vger.kernel.org
X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

In copy_to_sk, if an item is too large for the given buffer, it now returns
-EOVERFLOW instead of copying a search_header with len = 0. For backward
compatibility for the first item it still copies such a header to the buffer,
but not any other following items, which could have fitted.

tree_search changes -EOVERFLOW back to 0 to behave similiar to the way it
behaved before this patch.

Signed-off-by: Gerhard Heift <Gerhard@Heift.Name>
---
 fs/btrfs/ioctl.c | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index 6aa79e0..04e1a98 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -1887,8 +1887,20 @@ static noinline int copy_to_sk(struct btrfs_root *root,
 		if (!key_in_sk(key, sk))
 			continue;
 
-		if (sizeof(sh) + item_len > buf_size)
+		if (sizeof(sh) + item_len > buf_size) {
+			if (*num_found) {
+				ret = 1;
+				goto overflow;
+			}
+
+			/*
+			 * return one empty item back for v1, which does not
+			 * handle -EOVERFLOW
+			 */
+
 			item_len = 0;
+			ret = -EOVERFLOW;
+		}
 
 		if (sizeof(sh) + item_len + *sk_offset > buf_size) {
 			ret = 1;
@@ -1914,6 +1926,9 @@ static noinline int copy_to_sk(struct btrfs_root *root,
 		}
 		(*num_found)++;
 
+		if (ret) /* -EOVERFLOW from above */
+			goto overflow;
+
 		if (*num_found >= sk->nr_items)
 			break;
 	}
@@ -1990,7 +2005,8 @@ static noinline int search_ioctl(struct inode *inode,
 			break;
 
 	}
-	ret = 0;
+	if (ret > 0)
+		ret = 0;
 err:
 	sk->nr_items = num_found;
 	btrfs_free_path(path);
@@ -2013,6 +2029,14 @@ static noinline int btrfs_ioctl_tree_search(struct file *file,
 
 	inode = file_inode(file);
 	ret = search_ioctl(inode, &args->key, sizeof(args->buf), args->buf);
+
+	/*
+	 * In the origin implementation an overflow is handled by returning a
+	 * search header with a len of zero, so reset ret.
+	 */
+	if (ret == -EOVERFLOW)
+		ret = 0;
+
 	if (ret == 0 && copy_to_user(argp, args, sizeof(*args)))
 		ret = -EFAULT;
 	kfree(args);