eventpoll: abstract out parameter sanity checking

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Add a helper that checks the validity of the file descriptor and
other parameters passed in to epoll_wait().

Signed-off-by: Jens Axboe <axboe@kernel.dk>
Link: https://lore.kernel.org/r/20250219172552.1565603-2-axboe@kernel.dk
Signed-off-by: Christian Brauner <brauner@kernel.org>

authored by

Jens Axboe and committed by

Christian Brauner 1 year ago 6b47d35d 2014c95a

+25 -14

1 changed file

expand all

eventpoll.c

+25 -14

fs/eventpoll.c

··· 2445 2445 return do_epoll_ctl(epfd, op, fd, &epds, false); 2446 2446 } 2447 2447 2448 + static int ep_check_params(struct file *file, struct epoll_event __user *evs, 2449 + int maxevents) 2450 + { 2451 + /* The maximum number of event must be greater than zero */ 2452 + if (maxevents <= 0 || maxevents > EP_MAX_EVENTS) 2453 + return -EINVAL; 2454 + 2455 + /* Verify that the area passed by the user is writeable */ 2456 + if (!access_ok(evs, maxevents * sizeof(struct epoll_event))) 2457 + return -EFAULT; 2458 + 2459 + /* 2460 + * We have to check that the file structure underneath the fd 2461 + * the user passed to us _is_ an eventpoll file. 2462 + */ 2463 + if (!is_file_epoll(file)) 2464 + return -EINVAL; 2465 + 2466 + return 0; 2467 + } 2468 + 2448 2469 /* 2449 2470 * Implement the event wait interface for the eventpoll file. It is the kernel 2450 2471 * part of the user space epoll_wait(2). ··· 2474 2453 int maxevents, struct timespec64 *to) 2475 2454 { 2476 2455 struct eventpoll *ep; 2477 - 2478 - /* The maximum number of event must be greater than zero */ 2479 - if (maxevents <= 0 || maxevents > EP_MAX_EVENTS) 2480 - return -EINVAL; 2481 - 2482 - /* Verify that the area passed by the user is writeable */ 2483 - if (!access_ok(events, maxevents * sizeof(struct epoll_event))) 2484 - return -EFAULT; 2456 + int ret; 2485 2457 2486 2458 /* Get the "struct file *" for the eventpoll file */ 2487 2459 CLASS(fd, f)(epfd); 2488 2460 if (fd_empty(f)) 2489 2461 return -EBADF; 2490 2462 2491 - /* 2492 - * We have to check that the file structure underneath the fd 2493 - * the user passed to us _is_ an eventpoll file. 2494 - */ 2495 - if (!is_file_epoll(fd_file(f))) 2496 - return -EINVAL; 2463 + ret = ep_check_params(fd_file(f), events, maxevents); 2464 + if (unlikely(ret)) 2465 + return ret; 2497 2466 2498 2467 /* 2499 2468 * At this point it is safe to assume that the "private_data" contains