review.tizen.org Git - platform/kernel/linux-amlogic.git/commit

author	Theodore Ts'o <tytso@mit.edu>
	Mon, 7 May 2018 15:37:58 +0000 (11:37 -0400)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 17 Jul 2018 09:37:54 +0000 (11:37 +0200)
commit	e3cf1cc9ed9230560e61306e13c88eccb5189c1b
tree	529065b622a2c64c91db1f343c9aa72cdc798e73	tree \| snapshot
parent	40352e791c0c407ae260c294e04d81bd989e00a5	commit \| diff

loop: add recursion validation to LOOP_CHANGE_FD

commit d2ac838e4cd7e5e9891ecc094d626734b0245c99 upstream.

Refactor the validation code used in LOOP_SET_FD so it is also used in
LOOP_CHANGE_FD. Otherwise it is possible to construct a set of loop
devices that all refer to each other. This can lead to a infinite
loop in starting with "while (is_loop_device(f)) .." in loop_set_fd().

Fix this by refactoring out the validation code and using it for
LOOP_CHANGE_FD as well as LOOP_SET_FD.

Reported-by: syzbot+4349872271ece473a7c91190b68b4bac7c5dbc87@syzkaller.appspotmail.com
Reported-by: syzbot+40bd32c4d9a3cc12a339@syzkaller.appspotmail.com
Reported-by: syzbot+769c54e66f994b041be7@syzkaller.appspotmail.com
Reported-by: syzbot+0a89a9ce473936c57065@syzkaller.appspotmail.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>