[-next,V2] proc: support file->f_pos checking in mem_lseek

Message ID	20231109102658.2075547-1-wozizhi@huawei.com (mailing list archive)
State	New
Headers	show Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 24F94D27D for <linux-fsdevel@vger.kernel.org>; Thu, 9 Nov 2023 02:32:25 +0000 (UTC) From: WoZ1zh1 <wozizhi@huawei.com> To: <viro@zeniv.linux.org.uk>, <brauner@kernel.org>, <akpm@linux-foundation.org>, <oleg@redhat.com>, <jlayton@kernel.org>, <dchinner@redhat.com>, <cyphar@cyphar.com>, <shr@devkernel.io> CC: <linux-kernel@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>, <wozizhi@huawei.com>, <yangerkun@huawei.com> Subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek Date: Thu, 9 Nov 2023 18:26:58 +0800 Message-ID: <20231109102658.2075547-1-wozizhi@huawei.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	[-next,V2] proc: support file->f_pos checking in mem_lseek \| expand [-next,V2] proc: support file->f_pos checking in mem_lseek

Message ID

20231109102658.2075547-1-wozizhi@huawei.com (mailing list archive)

State

New

Headers

From: WoZ1zh1 <wozizhi@huawei.com>
To: <viro@zeniv.linux.org.uk>, <brauner@kernel.org>,
	<akpm@linux-foundation.org>, <oleg@redhat.com>, <jlayton@kernel.org>,
	<dchinner@redhat.com>, <cyphar@cyphar.com>, <shr@devkernel.io>
CC: <linux-kernel@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>,
	<wozizhi@huawei.com>, <yangerkun@huawei.com>
Subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
Date: Thu, 9 Nov 2023 18:26:58 +0800
Message-ID: <20231109102658.2075547-1-wozizhi@huawei.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain

Series

[-next,V2] proc: support file->f_pos checking in mem_lseek | expand

Commit Message

Zizhi Wo Nov. 9, 2023, 10:26 a.m. UTC

In mem_lseek, file->f_pos may overflow. And it's not a problem that
mem_open set file mode with FMODE_UNSIGNED_OFFSET(memory_lseek). However,
another file use mem_lseek do lseek can have not FMODE_UNSIGNED_OFFSET
(kpageflags_proc_ops/proc_pagemap_operations...), so in order to prevent
file->f_pos updated to an abnormal number, fix it by checking overflow and
FMODE_UNSIGNED_OFFSET.

Signed-off-by: WoZ1zh1 <wozizhi@huawei.com>
---
 fs/proc/base.c     | 30 ++++++++++++++++++++++--------
 fs/read_write.c    |  5 -----
 include/linux/fs.h |  5 ++++-
 3 files changed, 26 insertions(+), 14 deletions(-)

Comments

Al Viro Nov. 9, 2023, 2:40 a.m. UTC | #1

On Thu, Nov 09, 2023 at 06:26:58PM +0800, WoZ1zh1 wrote:
> In mem_lseek, file->f_pos may overflow. And it's not a problem that
> mem_open set file mode with FMODE_UNSIGNED_OFFSET(memory_lseek). However,
> another file use mem_lseek do lseek can have not FMODE_UNSIGNED_OFFSET
> (kpageflags_proc_ops/proc_pagemap_operations...), so in order to prevent
> file->f_pos updated to an abnormal number, fix it by checking overflow and
> FMODE_UNSIGNED_OFFSET.

Umm...  Is there any reasons why all of those shouldn't get FMODE_UNSIGNED_OFFSET
as well?

kernel test robot Nov. 9, 2023, 6:13 a.m. UTC | #2

Hi WoZ1zh1,

kernel test robot noticed the following build warnings:

[auto build test WARNING on next-20231108]

url:    https://github.com/intel-lab-lkp/linux/commits/WoZ1zh1/proc-support-file-f_pos-checking-in-mem_lseek/20231109-103353
base:   next-20231108
patch link:    https://lore.kernel.org/r/20231109102658.2075547-1-wozizhi%40huawei.com
patch subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
config: arc-randconfig-001-20231109 (https://download.01.org/0day-ci/archive/20231109/202311091307.k2L6reDL-lkp@intel.com/config)
compiler: arc-elf-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231109/202311091307.k2L6reDL-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311091307.k2L6reDL-lkp@intel.com/

All warnings (new ones prefixed by >>):

   fs/proc/base.c: In function 'mem_lseek':
>> fs/proc/base.c:911:24: warning: this statement may fall through [-Wimplicit-fallthrough=]
     911 |                 offset += file->f_pos;
         |                 ~~~~~~~^~~~~~~~~~~~~~
   fs/proc/base.c:912:9: note: here
     912 |         case SEEK_SET:
         |         ^~~~


vim +911 fs/proc/base.c

   903	
   904	loff_t mem_lseek(struct file *file, loff_t offset, int orig)
   905	{
   906		loff_t ret = 0;
   907	
   908		spin_lock(&file->f_lock);
   909		switch (orig) {
   910		case SEEK_CUR:
 > 911			offset += file->f_pos;
   912		case SEEK_SET:
   913			/* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
   914			if ((unsigned long long)offset >= -MAX_ERRNO)
   915				ret = -EOVERFLOW;
   916			break;
   917		default:
   918			ret = -EINVAL;
   919		}
   920		if (!ret) {
   921			if (offset < 0 && !(unsigned_offsets(file))) {
   922				ret = -EINVAL;
   923			} else {
   924				file->f_pos = offset;
   925				ret = file->f_pos;
   926				force_successful_syscall_return();
   927			}
   928		}
   929	
   930		spin_unlock(&file->f_lock);
   931		return ret;
   932	}
   933

kernel test robot Nov. 10, 2023, 4:34 a.m. UTC | #3

Hi WoZ1zh1,

kernel test robot noticed the following build warnings:

[auto build test WARNING on next-20231108]

url:    https://github.com/intel-lab-lkp/linux/commits/WoZ1zh1/proc-support-file-f_pos-checking-in-mem_lseek/20231109-103353
base:   next-20231108
patch link:    https://lore.kernel.org/r/20231109102658.2075547-1-wozizhi%40huawei.com
patch subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
config: um-allnoconfig (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/config)
compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project.git 4a5ac14ee968ff0ad5d2cc1ffa0299048db4c88a)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311101239.ihy4cKpf-lkp@intel.com/

All warnings (new ones prefixed by >>):

   In file included from fs/proc/base.c:68:
   In file included from include/linux/swap.h:9:
   In file included from include/linux/memcontrol.h:13:
   In file included from include/linux/cgroup.h:26:
   In file included from include/linux/kernel_stat.h:9:
   In file included from include/linux/interrupt.h:11:
   In file included from include/linux/hardirq.h:11:
   In file included from arch/um/include/asm/hardirq.h:5:
   In file included from include/asm-generic/hardirq.h:17:
   In file included from include/linux/irq.h:20:
   In file included from include/linux/io.h:13:
   In file included from arch/um/include/asm/io.h:24:
   include/asm-generic/io.h:547:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     547 |         val = __raw_readb(PCI_IOBASE + addr);
         |                           ~~~~~~~~~~ ^
   include/asm-generic/io.h:560:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     560 |         val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr));
         |                                                         ~~~~~~~~~~ ^
   include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu'
      37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x))
         |                                                   ^
   In file included from fs/proc/base.c:68:
   In file included from include/linux/swap.h:9:
   In file included from include/linux/memcontrol.h:13:
   In file included from include/linux/cgroup.h:26:
   In file included from include/linux/kernel_stat.h:9:
   In file included from include/linux/interrupt.h:11:
   In file included from include/linux/hardirq.h:11:
   In file included from arch/um/include/asm/hardirq.h:5:
   In file included from include/asm-generic/hardirq.h:17:
   In file included from include/linux/irq.h:20:
   In file included from include/linux/io.h:13:
   In file included from arch/um/include/asm/io.h:24:
   include/asm-generic/io.h:573:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     573 |         val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr));
         |                                                         ~~~~~~~~~~ ^
   include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu'
      35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
         |                                                   ^
   In file included from fs/proc/base.c:68:
   In file included from include/linux/swap.h:9:
   In file included from include/linux/memcontrol.h:13:
   In file included from include/linux/cgroup.h:26:
   In file included from include/linux/kernel_stat.h:9:
   In file included from include/linux/interrupt.h:11:
   In file included from include/linux/hardirq.h:11:
   In file included from arch/um/include/asm/hardirq.h:5:
   In file included from include/asm-generic/hardirq.h:17:
   In file included from include/linux/irq.h:20:
   In file included from include/linux/io.h:13:
   In file included from arch/um/include/asm/io.h:24:
   include/asm-generic/io.h:584:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     584 |         __raw_writeb(value, PCI_IOBASE + addr);
         |                             ~~~~~~~~~~ ^
   include/asm-generic/io.h:594:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     594 |         __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr);
         |                                                       ~~~~~~~~~~ ^
   include/asm-generic/io.h:604:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     604 |         __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr);
         |                                                       ~~~~~~~~~~ ^
   include/asm-generic/io.h:692:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     692 |         readsb(PCI_IOBASE + addr, buffer, count);
         |                ~~~~~~~~~~ ^
   include/asm-generic/io.h:700:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     700 |         readsw(PCI_IOBASE + addr, buffer, count);
         |                ~~~~~~~~~~ ^
   include/asm-generic/io.h:708:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     708 |         readsl(PCI_IOBASE + addr, buffer, count);
         |                ~~~~~~~~~~ ^
   include/asm-generic/io.h:717:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     717 |         writesb(PCI_IOBASE + addr, buffer, count);
         |                 ~~~~~~~~~~ ^
   include/asm-generic/io.h:726:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     726 |         writesw(PCI_IOBASE + addr, buffer, count);
         |                 ~~~~~~~~~~ ^
   include/asm-generic/io.h:735:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
     735 |         writesl(PCI_IOBASE + addr, buffer, count);
         |                 ~~~~~~~~~~ ^
>> fs/proc/base.c:912:2: warning: unannotated fall-through between switch labels [-Wimplicit-fallthrough]
     912 |         case SEEK_SET:
         |         ^
   fs/proc/base.c:912:2: note: insert '__attribute__((fallthrough));' to silence this warning
     912 |         case SEEK_SET:
         |         ^
         |         __attribute__((fallthrough)); 
   fs/proc/base.c:912:2: note: insert 'break;' to avoid fall-through
     912 |         case SEEK_SET:
         |         ^
         |         break; 
   13 warnings generated.


vim +912 fs/proc/base.c

   903	
   904	loff_t mem_lseek(struct file *file, loff_t offset, int orig)
   905	{
   906		loff_t ret = 0;
   907	
   908		spin_lock(&file->f_lock);
   909		switch (orig) {
   910		case SEEK_CUR:
   911			offset += file->f_pos;
 > 912		case SEEK_SET:
   913			/* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
   914			if ((unsigned long long)offset >= -MAX_ERRNO)
   915				ret = -EOVERFLOW;
   916			break;
   917		default:
   918			ret = -EINVAL;
   919		}
   920		if (!ret) {
   921			if (offset < 0 && !(unsigned_offsets(file))) {
   922				ret = -EINVAL;
   923			} else {
   924				file->f_pos = offset;
   925				ret = file->f_pos;
   926				force_successful_syscall_return();
   927			}
   928		}
   929	
   930		spin_unlock(&file->f_lock);
   931		return ret;
   932	}
   933

Zizhi Wo Nov. 10, 2023, 6:23 a.m. UTC | #4

I have missed fallthrough, and will fix it in V3.

Thanks,
Zizhi Wo

在 2023/11/10 12:34, kernel test robot 写道:
> Hi WoZ1zh1,
> 
> kernel test robot noticed the following build warnings:
> 
> [auto build test WARNING on next-20231108]
> 
> url:    https://github.com/intel-lab-lkp/linux/commits/WoZ1zh1/proc-support-file-f_pos-checking-in-mem_lseek/20231109-103353
> base:   next-20231108
> patch link:    https://lore.kernel.org/r/20231109102658.2075547-1-wozizhi%40huawei.com
> patch subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
> config: um-allnoconfig (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/config)
> compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project.git 4a5ac14ee968ff0ad5d2cc1ffa0299048db4c88a)
> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/reproduce)
> 
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@intel.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202311101239.ihy4cKpf-lkp@intel.com/
> 
> All warnings (new ones prefixed by >>):
> 
>     In file included from fs/proc/base.c:68:
>     In file included from include/linux/swap.h:9:
>     In file included from include/linux/memcontrol.h:13:
>     In file included from include/linux/cgroup.h:26:
>     In file included from include/linux/kernel_stat.h:9:
>     In file included from include/linux/interrupt.h:11:
>     In file included from include/linux/hardirq.h:11:
>     In file included from arch/um/include/asm/hardirq.h:5:
>     In file included from include/asm-generic/hardirq.h:17:
>     In file included from include/linux/irq.h:20:
>     In file included from include/linux/io.h:13:
>     In file included from arch/um/include/asm/io.h:24:
>     include/asm-generic/io.h:547:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       547 |         val = __raw_readb(PCI_IOBASE + addr);
>           |                           ~~~~~~~~~~ ^
>     include/asm-generic/io.h:560:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       560 |         val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr));
>           |                                                         ~~~~~~~~~~ ^
>     include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu'
>        37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x))
>           |                                                   ^
>     In file included from fs/proc/base.c:68:
>     In file included from include/linux/swap.h:9:
>     In file included from include/linux/memcontrol.h:13:
>     In file included from include/linux/cgroup.h:26:
>     In file included from include/linux/kernel_stat.h:9:
>     In file included from include/linux/interrupt.h:11:
>     In file included from include/linux/hardirq.h:11:
>     In file included from arch/um/include/asm/hardirq.h:5:
>     In file included from include/asm-generic/hardirq.h:17:
>     In file included from include/linux/irq.h:20:
>     In file included from include/linux/io.h:13:
>     In file included from arch/um/include/asm/io.h:24:
>     include/asm-generic/io.h:573:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       573 |         val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr));
>           |                                                         ~~~~~~~~~~ ^
>     include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu'
>        35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
>           |                                                   ^
>     In file included from fs/proc/base.c:68:
>     In file included from include/linux/swap.h:9:
>     In file included from include/linux/memcontrol.h:13:
>     In file included from include/linux/cgroup.h:26:
>     In file included from include/linux/kernel_stat.h:9:
>     In file included from include/linux/interrupt.h:11:
>     In file included from include/linux/hardirq.h:11:
>     In file included from arch/um/include/asm/hardirq.h:5:
>     In file included from include/asm-generic/hardirq.h:17:
>     In file included from include/linux/irq.h:20:
>     In file included from include/linux/io.h:13:
>     In file included from arch/um/include/asm/io.h:24:
>     include/asm-generic/io.h:584:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       584 |         __raw_writeb(value, PCI_IOBASE + addr);
>           |                             ~~~~~~~~~~ ^
>     include/asm-generic/io.h:594:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       594 |         __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr);
>           |                                                       ~~~~~~~~~~ ^
>     include/asm-generic/io.h:604:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       604 |         __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr);
>           |                                                       ~~~~~~~~~~ ^
>     include/asm-generic/io.h:692:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       692 |         readsb(PCI_IOBASE + addr, buffer, count);
>           |                ~~~~~~~~~~ ^
>     include/asm-generic/io.h:700:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       700 |         readsw(PCI_IOBASE + addr, buffer, count);
>           |                ~~~~~~~~~~ ^
>     include/asm-generic/io.h:708:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       708 |         readsl(PCI_IOBASE + addr, buffer, count);
>           |                ~~~~~~~~~~ ^
>     include/asm-generic/io.h:717:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       717 |         writesb(PCI_IOBASE + addr, buffer, count);
>           |                 ~~~~~~~~~~ ^
>     include/asm-generic/io.h:726:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       726 |         writesw(PCI_IOBASE + addr, buffer, count);
>           |                 ~~~~~~~~~~ ^
>     include/asm-generic/io.h:735:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
>       735 |         writesl(PCI_IOBASE + addr, buffer, count);
>           |                 ~~~~~~~~~~ ^
>>> fs/proc/base.c:912:2: warning: unannotated fall-through between switch labels [-Wimplicit-fallthrough]
>       912 |         case SEEK_SET:
>           |         ^
>     fs/proc/base.c:912:2: note: insert '__attribute__((fallthrough));' to silence this warning
>       912 |         case SEEK_SET:
>           |         ^
>           |         __attribute__((fallthrough));
>     fs/proc/base.c:912:2: note: insert 'break;' to avoid fall-through
>       912 |         case SEEK_SET:
>           |         ^
>           |         break;
>     13 warnings generated.
> 
> 
> vim +912 fs/proc/base.c
> 
>     903	
>     904	loff_t mem_lseek(struct file *file, loff_t offset, int orig)
>     905	{
>     906		loff_t ret = 0;
>     907	
>     908		spin_lock(&file->f_lock);
>     909		switch (orig) {
>     910		case SEEK_CUR:
>     911			offset += file->f_pos;
>   > 912		case SEEK_SET:
>     913			/* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
>     914			if ((unsigned long long)offset >= -MAX_ERRNO)
>     915				ret = -EOVERFLOW;
>     916			break;
>     917		default:
>     918			ret = -EINVAL;
>     919		}
>     920		if (!ret) {
>     921			if (offset < 0 && !(unsigned_offsets(file))) {
>     922				ret = -EINVAL;
>     923			} else {
>     924				file->f_pos = offset;
>     925				ret = file->f_pos;
>     926				force_successful_syscall_return();
>     927			}
>     928		}
>     929	
>     930		spin_unlock(&file->f_lock);
>     931		return ret;
>     932	}
>     933	
>

diff --git a/fs/proc/base.c b/fs/proc/base.c
index dd31e3b6bf77..0fd986e861d9 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -903,18 +903,32 @@  static ssize_t mem_write(struct file *file, const char __user *buf,
 
 loff_t mem_lseek(struct file *file, loff_t offset, int orig)
 {
+	loff_t ret = 0;
+
+	spin_lock(&file->f_lock);
 	switch (orig) {
-	case 0:
-		file->f_pos = offset;
-		break;
-	case 1:
-		file->f_pos += offset;
+	case SEEK_CUR:
+		offset += file->f_pos;
+	case SEEK_SET:
+		/* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
+		if ((unsigned long long)offset >= -MAX_ERRNO)
+			ret = -EOVERFLOW;
 		break;
 	default:
-		return -EINVAL;
+		ret = -EINVAL;
 	}
-	force_successful_syscall_return();
-	return file->f_pos;
+	if (!ret) {
+		if (offset < 0 && !(unsigned_offsets(file))) {
+			ret = -EINVAL;
+		} else {
+			file->f_pos = offset;
+			ret = file->f_pos;
+			force_successful_syscall_return();
+		}
+	}
+
+	spin_unlock(&file->f_lock);
+	return ret;
 }
 
 static int mem_release(struct inode *inode, struct file *file)
diff --git a/fs/read_write.c b/fs/read_write.c
index 4771701c896b..2f456d5a1df5 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -34,11 +34,6 @@  const struct file_operations generic_ro_fops = {
 
 EXPORT_SYMBOL(generic_ro_fops);
 
-static inline bool unsigned_offsets(struct file *file)
-{
-	return file->f_mode & FMODE_UNSIGNED_OFFSET;
-}
-
 /**
  * vfs_setpos - update the file offset for lseek
  * @file:	file structure in question
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 98b7a7a8c42e..dde0756d2350 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2994,7 +2994,10 @@  extern ssize_t iter_file_splice_write(struct pipe_inode_info *,
 extern long do_splice_direct(struct file *in, loff_t *ppos, struct file *out,
 		loff_t *opos, size_t len, unsigned int flags);
 
-
+static inline bool unsigned_offsets(struct file *file)
+{
+	return file->f_mode & FMODE_UNSIGNED_OFFSET;
+}
 extern void
 file_ra_state_init(struct file_ra_state *ra, struct address_space *mapping);
 extern loff_t noop_llseek(struct file *file, loff_t offset, int whence);

[-next,V2] proc: support file->f_pos checking in mem_lseek

Commit Message

Comments

Patch