From: Zheng Yejian <zhengyejian1@huawei.com> hulk inclusion category: bugfix bugzilla: 51349 CVE: CVE-2021-27365 --------------------------- sysfs_emit and sysfs_emit_at have a constraint that output buffer should be alignment with PAGE_SIZE, but currently we can not guarantee it since 59bb47985c1d ("mm, sl[aou]b: guarantee natural alignment for kmalloc(power-of-two)") is not merged. This may lead to an unexpected warning when execute like: 'cat /sys/class/iscsi_transport/tcp/handle'. As for the necessity of the address alignment constraint, Joe Perches (the code author) wrote that: > It's to make sure it's a PAGE_SIZE aligned buffer. > It's just so it would not be misused/abused in non-sysfs derived cases. So we'll not need to introduce 59bb47985c1d ("mm, sl[aou]b: guarantee natural alignment for kmalloc(power-of-two)") but just remove the address alignment constraint. For more discussions of the issue, see: https://www.spinics.net/lists/stable/msg455428.html Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com> Reviewed-by: zhangyi (F) <yi.zhang@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> Reviewed-by: Zhang Yi <yi.zhang@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> --- fs/sysfs/file.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c index 74de104f8f33f..c678fd5f01bfb 100644 --- a/fs/sysfs/file.c +++ b/fs/sysfs/file.c @@ -574,7 +574,7 @@ int sysfs_emit(char *buf, const char *fmt, ...) va_list args; int len; - if (WARN(!buf || offset_in_page(buf), + if (WARN(!buf, "invalid sysfs_emit: buf:%p\n", buf)) return 0; @@ -602,7 +602,7 @@ int sysfs_emit_at(char *buf, int at, const char *fmt, ...) va_list args; int len; - if (WARN(!buf || offset_in_page(buf) || at < 0 || at >= PAGE_SIZE, + if (WARN(!buf || at < 0 || at >= PAGE_SIZE, "invalid sysfs_emit_at: buf:%p at:%d\n", buf, at)) return 0; -- 2.25.1