Bug 94791 - syscall fanotify_mark overflow.
Summary: syscall fanotify_mark overflow.
Status: NEW
Alias: None
Product: File System
Classification: Unclassified
Component: ext4 (show other bugs)
Hardware: All Linux
: P1 normal
Assignee: fs_ext4@kernel-bugs.osdl.org
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-12 09:40 UTC by Guowei Du
Modified: 2016-03-20 09:49 UTC (History)
4 users (show)

See Also:
Kernel Version: 4.x
Subsystem:
Regression: No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Guowei Du 2015-03-12 09:40:44 UTC 
file:
     fanotify_usr.c:
     syscall function fanotify_mark,below code will overflow on 32-bit system.

/* we only use the lower 32 bits as of right now. */
if ( mask & ((__u64)0xffffffff << 32))
        return -EINVAL;


include/linux/syscalls.h:
 asmlinkage long sys_fanotify_mark(int fanotify_fd, unsigned int flags, u64 mask, int fd, const char __usr *pathname);


u64 mask ,should convert to unsigned int mask???
Comment 1 Tim Pickersgill 2015-11-24 16:14:57 UTC 
A __u64 value is an unsigned long long, a 64-bit integer, regardless of system bitness. Not sure how/why this would overflow on a 32-bit system. What symptoms are you seeing?

We're using fanotify_mark() on 32-bit systems without seeing any issue here.
Comment 2 Tim Pickersgill 2015-12-01 11:07:30 UTC 
Not an ext4 issue, I'd suggest that this be reclassified as "Other" and assigned to "fs_other@kernel-bugs.osdl.org" or Eric Paris (eparis@redhat.com)
Comment 3 Tim Pickersgill 2015-12-01 14:08:55 UTC 
Tinkering with Eric Paris's fanotify-example (http://git.infradead.org/users/eparis/fanotify-example.git), to forcibly set higher bits in the mask passed to fanotify_mark(), the call correctly returns -EINVAL on both 32- and 64-bit kernels.

Suggest this bug should be rejected unless a failing example can be provided.
Note You need to log in before you can comment on or make changes to this bug.