git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Dmitry Monakhov <dmonakhov@openvz.org>
	Tue, 8 Nov 2011 00:20:06 +0000 (11:20 +1100)
committer	Stephen Rothwell <sfr@canb.auug.org.au>
	Wed, 16 Nov 2011 01:47:00 +0000 (12:47 +1100)
commit	f8dde9ce5775c6ebbc1afc5a6ef8c50ef7528a3c
tree	f7fa328286a665a34d22d06f428c1d9e3e5e14d7	tree \| snapshot
parent	ed1cf50d53e59bb7028a00b2f403c3c53f2f91b5	commit \| diff

loop: cleanup set_status interface

1) Anyone who has read access to loopdev has permission to call set_status
   and may change important parameters such as lo_offset, lo_sizelimit and
   so on, which contradicts to read access pattern and definitely equals
   to write access pattern.
2) Add lo_offset over i_size check to prevent blkdev_size overflow.
   ##Testcase_bagin
   #dd if=/dev/zero of=./file bs=1k count=1
   #losetup /dev/loop0 ./file
   /* userspace_application */
   struct loop_info64 loinf;
   fd = open("/dev/loop0", O_RDONLY);
   ioctl(fd, LOOP_GET_STATUS64, &loinf);
   /* Set offset to any value which is bigger than i_size, and sizelimit
    * to nonzero value*/
   loinf.lo_offset = 4096*1024;
   loinf.lo_sizelimit = 1024;
   ioctl(fd, LOOP_SET_STATUS64, &loinf);
   /* After this loop device will have size similar to 0x7fffffffffxxxx */
   #blockdev --getsz /dev/loop0
   ##OUTPUT: 36028797018955968
   ##Testcase_end

Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Cc: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>