forked from ~ljy/RK356X_SDK_RELEASE

blame | history | patch | commit | commitdiff
hc
2024-05-14 bedbef8ad3e75a304af6361af235302bcc61d06b 
 kernel/drivers/block/nbd.c
....@@ -1624,7 +1624,7 @@
16241624 		return -EIO;
16251625 
16261626 	dir = debugfs_create_dir(nbd_name(nbd), nbd_dbg_dir);
1627
-	if (!dir) {
1627
+	if (IS_ERR(dir)) {
16281628 		dev_err(nbd_to_dev(nbd), "Failed to create debugfs dir for '%s'\n",
16291629 			nbd_name(nbd));
16301630 		return -EIO;
....@@ -1650,7 +1650,7 @@
16501650 	struct dentry *dbg_dir;
16511651 
16521652 	dbg_dir = debugfs_create_dir("nbd", NULL);
1653
-	if (!dbg_dir)
1653
+	if (IS_ERR(dbg_dir))
16541654 		return -EIO;
16551655 
16561656 	nbd_dbg_dir = dbg_dir;
....@@ -1723,7 +1723,8 @@
17231723 		if (err == -ENOSPC)
17241724 			err = -EEXIST;
17251725 	} else {
1726
-		err = idr_alloc(&nbd_index_idr, nbd, 0, 0, GFP_KERNEL);
1726
+		err = idr_alloc(&nbd_index_idr, nbd, 0,
1727
+				(MINORMASK >> part_shift) + 1, GFP_KERNEL);
17271728 		if (err >= 0)
17281729 			index = err;
17291730 	}
....@@ -1865,8 +1866,19 @@
18651866 	if (!netlink_capable(skb, CAP_SYS_ADMIN))
18661867 		return -EPERM;
18671868 
1868
-	if (info->attrs[NBD_ATTR_INDEX])
1869
+	if (info->attrs[NBD_ATTR_INDEX]) {
18691870 		index = nla_get_u32(info->attrs[NBD_ATTR_INDEX]);
1871
+
1872
+		/*
1873
+		 * Too big first_minor can cause duplicate creation of
1874
+		 * sysfs files/links, since index << part_shift might overflow, or
1875
+		 * MKDEV() expect that the max bits of first_minor is 20.
1876
+		 */
1877
+		if (index < 0 || index > MINORMASK >> part_shift) {
1878
+			printk(KERN_ERR "nbd: illegal input index %d\n", index);
1879
+			return -EINVAL;
1880
+		}
1881
+	}
18701882 	if (!info->attrs[NBD_ATTR_SOCKETS]) {
18711883 		printk(KERN_ERR "nbd: must specify at least one socket\n");
18721884 		return -EINVAL;