From 53ac39fdb301e022a4ba477ee114cdab56045ac9 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig Date: Wed, 26 Feb 2020 17:30:41 -0800 Subject: xfs: lift cursor copy in/out into xfs_ioc_attr_list Lift the common code to copy the cursor from and to user space into xfs_ioc_attr_list. Note that this means we copy in twice now as the cursor is in the middle of the conaining structure, but we never touch the memory for the original copy. Doing so keeps the cursor handling isolated in the common helper. Signed-off-by: Christoph Hellwig Reviewed-by: Dave Chinner Reviewed-by: Chandan Rajendra Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong --- fs/xfs/xfs_ioctl32.c | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) (limited to 'fs/xfs/xfs_ioctl32.c') diff --git a/fs/xfs/xfs_ioctl32.c b/fs/xfs/xfs_ioctl32.c index 17e14916757b..c1771e728117 100644 --- a/fs/xfs/xfs_ioctl32.c +++ b/fs/xfs/xfs_ioctl32.c @@ -352,35 +352,24 @@ xfs_compat_handlereq_to_dentry( STATIC int xfs_compat_attrlist_by_handle( struct file *parfilp, - void __user *arg) + compat_xfs_fsop_attrlist_handlereq_t __user *p) { - int error; - attrlist_cursor_kern_t *cursor; - compat_xfs_fsop_attrlist_handlereq_t __user *p = arg; compat_xfs_fsop_attrlist_handlereq_t al_hreq; struct dentry *dentry; + int error; if (!capable(CAP_SYS_ADMIN)) return -EPERM; - if (copy_from_user(&al_hreq, arg, - sizeof(compat_xfs_fsop_attrlist_handlereq_t))) + if (copy_from_user(&al_hreq, p, sizeof(al_hreq))) return -EFAULT; dentry = xfs_compat_handlereq_to_dentry(parfilp, &al_hreq.hreq); if (IS_ERR(dentry)) return PTR_ERR(dentry); - cursor = (attrlist_cursor_kern_t *)&al_hreq.pos; error = xfs_ioc_attr_list(XFS_I(d_inode(dentry)), compat_ptr(al_hreq.buffer), al_hreq.buflen, - al_hreq.flags, cursor); - if (error) - goto out_dput; - - if (copy_to_user(&p->pos, cursor, sizeof(attrlist_cursor_kern_t))) - error = -EFAULT; - -out_dput: + al_hreq.flags, &p->pos); dput(dentry); return error; } -- cgit v1.2.3