From: Bart Van Assche <bart.vanassche@wdc.com>
Date: Wed, 30 Aug 2017 11:42:09 -0700
Subject: [PATCH] bfq: Check kstrtoul() return value
Git-commit: 2f79136ba2df07ce7563158f7948c4ce770f8132
Patch-mainline: v4.14-rc1
References: bsc#1104967,FATE#325924
Make sysfs writes fail for invalid numbers instead of storing
uninitialized data copied from the stack. This patch removes
all uninitialized_var() occurrences from the BFQ source code.
Acked-by: Paolo Valente <paolo.valente@linaro.org>
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Acked-by: Hannes Reinecke <hare@suse.com>
---
block/bfq-iosched.c | 52 +++++++++++++++++++++++++++++++++++++---------------
1 file changed, 37 insertions(+), 15 deletions(-)
diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c
index 856f4199a470..0f286cd5da95 100644
--- a/block/bfq-iosched.c
+++ b/block/bfq-iosched.c
@@ -4802,13 +4802,15 @@ static ssize_t bfq_var_show(unsigned int var, char *page)
return sprintf(page, "%u\n", var);
}
-static void bfq_var_store(unsigned long *var, const char *page)
+static int bfq_var_store(unsigned long *var, const char *page)
{
unsigned long new_val;
int ret = kstrtoul(page, 10, &new_val);
- if (ret == 0)
- *var = new_val;
+ if (ret)
+ return ret;
+ *var = new_val;
+ return 0;
}
#define SHOW_FUNCTION(__FUNC, __VAR, __CONV) \
@@ -4849,8 +4851,12 @@ static ssize_t \
__FUNC(struct elevator_queue *e, const char *page, size_t count) \
{ \
struct bfq_data *bfqd = e->elevator_data; \
- unsigned long uninitialized_var(__data); \
- bfq_var_store(&__data, (page)); \
+ unsigned long __data; \
+ int ret; \
+ \
+ ret = bfq_var_store(&__data, (page)); \
+ if (ret) \
+ return ret; \
if (__data < (MIN)) \
__data = (MIN); \
else if (__data > (MAX)) \
@@ -4877,8 +4883,12 @@ STORE_FUNCTION(bfq_slice_idle_store, &bfqd->bfq_slice_idle, 0, INT_MAX, 2);
static ssize_t __FUNC(struct elevator_queue *e, const char *page, size_t count)\
{ \
struct bfq_data *bfqd = e->elevator_data; \
- unsigned long uninitialized_var(__data); \
- bfq_var_store(&__data, (page)); \
+ unsigned long __data; \
+ int ret; \
+ \
+ ret = bfq_var_store(&__data, (page)); \
+ if (ret) \
+ return ret; \
if (__data < (MIN)) \
__data = (MIN); \
else if (__data > (MAX)) \
@@ -4894,9 +4904,12 @@ static ssize_t bfq_max_budget_store(struct elevator_queue *e,
const char *page, size_t count)
{
struct bfq_data *bfqd = e->elevator_data;
- unsigned long uninitialized_var(__data);
+ unsigned long __data;
+ int ret;
- bfq_var_store(&__data, (page));
+ ret = bfq_var_store(&__data, (page));
+ if (ret)
+ return ret;
if (__data == 0)
bfqd->bfq_max_budget = bfq_calc_max_budget(bfqd);
@@ -4919,9 +4932,12 @@ static ssize_t bfq_timeout_sync_store(struct elevator_queue *e,
const char *page, size_t count)
{
struct bfq_data *bfqd = e->elevator_data;
- unsigned long uninitialized_var(__data);
+ unsigned long __data;
+ int ret;
- bfq_var_store(&__data, (page));
+ ret = bfq_var_store(&__data, (page));
+ if (ret)
+ return ret;
if (__data < 1)
__data = 1;
@@ -4939,9 +4955,12 @@ static ssize_t bfq_strict_guarantees_store(struct elevator_queue *e,
const char *page, size_t count)
{
struct bfq_data *bfqd = e->elevator_data;
- unsigned long uninitialized_var(__data);
+ unsigned long __data;
+ int ret;
- bfq_var_store(&__data, (page));
+ ret = bfq_var_store(&__data, (page));
+ if (ret)
+ return ret;
if (__data > 1)
__data = 1;
@@ -4958,9 +4977,12 @@ static ssize_t bfq_low_latency_store(struct elevator_queue *e,
const char *page, size_t count)
{
struct bfq_data *bfqd = e->elevator_data;
- unsigned long uninitialized_var(__data);
+ unsigned long __data;
+ int ret;
- bfq_var_store(&__data, (page));
+ ret = bfq_var_store(&__data, (page));
+ if (ret)
+ return ret;
if (__data > 1)
__data = 1;
--
2.16.4