diff options
| author | Jeff Layton <jlayton@kernel.org> | 2026-03-04 10:32:42 -0500 |
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2026-03-06 14:31:28 +0100 |
| commit | 0b2600f81cefcdfcda58d50df7be8fd48ada8ce2 (patch) | |
| tree | c372fc873b29e01e4262c2cdc19bef7c85e0321c /security | |
| parent | d84c70c6eab10e56d22c394e3a250c1c6fde8d6e (diff) | |
treewide: change inode->i_ino from unsigned long to u64
On 32-bit architectures, unsigned long is only 32 bits wide, which
causes 64-bit inode numbers to be silently truncated. Several
filesystems (NFS, XFS, BTRFS, etc.) can generate inode numbers that
exceed 32 bits, and this truncation can lead to inode number collisions
and other subtle bugs on 32-bit systems.
Change the type of inode->i_ino from unsigned long to u64 to ensure that
inode numbers are always represented as 64-bit values regardless of
architecture. Update all format specifiers treewide from %lu/%lx to
%llu/%llx to match the new type, along with corresponding local variable
types.
This is the bulk treewide conversion. Earlier patches in this series
handled trace events separately to allow trace field reordering for
better struct packing on 32-bit.
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Link: https://patch.msgid.link/20260304-iino-u64-v3-12-2257ad83d372@kernel.org
Acked-by: Damien Le Moal <dlemoal@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jan Kara <jack@suse.cz>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/apparmorfs.c | 4 | ||||
| -rw-r--r-- | security/integrity/integrity_audit.c | 2 | ||||
| -rw-r--r-- | security/ipe/audit.c | 2 | ||||
| -rw-r--r-- | security/lsm_audit.c | 10 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 10 | ||||
| -rw-r--r-- | security/smack/smack_lsm.c | 12 |
6 files changed, 20 insertions, 20 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 2f84bd23edb6..7b645f40e71c 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -149,7 +149,7 @@ static int aafs_count; static int aafs_show_path(struct seq_file *seq, struct dentry *dentry) { - seq_printf(seq, "%s:[%lu]", AAFS_NAME, d_inode(dentry)->i_ino); + seq_printf(seq, "%s:[%llu]", AAFS_NAME, d_inode(dentry)->i_ino); return 0; } @@ -2644,7 +2644,7 @@ static int policy_readlink(struct dentry *dentry, char __user *buffer, char name[32]; int res; - res = snprintf(name, sizeof(name), "%s:[%lu]", AAFS_NAME, + res = snprintf(name, sizeof(name), "%s:[%llu]", AAFS_NAME, d_inode(dentry)->i_ino); if (res > 0 && res < sizeof(name)) res = readlink_copy(buffer, buflen, name, strlen(name)); diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c index 0ec5e4c22cb2..d8d9e5ff1cd2 100644 --- a/security/integrity/integrity_audit.c +++ b/security/integrity/integrity_audit.c @@ -62,7 +62,7 @@ void integrity_audit_message(int audit_msgno, struct inode *inode, if (inode) { audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); } audit_log_format(ab, " res=%d errno=%d", !result, errno); audit_log_end(ab); diff --git a/security/ipe/audit.c b/security/ipe/audit.c index 3f0deeb54912..93fb59fbddd6 100644 --- a/security/ipe/audit.c +++ b/security/ipe/audit.c @@ -153,7 +153,7 @@ void ipe_audit_match(const struct ipe_eval_ctx *const ctx, if (inode) { audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); } else { audit_log_format(ab, " dev=? ino=?"); } diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 7d623b00495c..737f5a263a8f 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@ -202,7 +202,7 @@ void audit_log_lsm_data(struct audit_buffer *ab, if (inode) { audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); } break; } @@ -215,7 +215,7 @@ void audit_log_lsm_data(struct audit_buffer *ab, if (inode) { audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); } break; } @@ -228,7 +228,7 @@ void audit_log_lsm_data(struct audit_buffer *ab, if (inode) { audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); } audit_log_format(ab, " ioctlcmd=0x%hx", a->u.op->cmd); @@ -246,7 +246,7 @@ void audit_log_lsm_data(struct audit_buffer *ab, if (inode) { audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); } break; } @@ -265,7 +265,7 @@ void audit_log_lsm_data(struct audit_buffer *ab, } audit_log_format(ab, " dev="); audit_log_untrustedstring(ab, inode->i_sb->s_id); - audit_log_format(ab, " ino=%lu", inode->i_ino); + audit_log_format(ab, " ino=%llu", inode->i_ino); rcu_read_unlock(); break; } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d8224ea113d1..8f38de4d223e 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1400,7 +1400,7 @@ static int inode_doinit_use_xattr(struct inode *inode, struct dentry *dentry, if (rc < 0) { kfree(context); if (rc != -ENODATA) { - pr_warn("SELinux: %s: getxattr returned %d for dev=%s ino=%ld\n", + pr_warn("SELinux: %s: getxattr returned %d for dev=%s ino=%llu\n", __func__, -rc, inode->i_sb->s_id, inode->i_ino); return rc; } @@ -1412,13 +1412,13 @@ static int inode_doinit_use_xattr(struct inode *inode, struct dentry *dentry, def_sid, GFP_NOFS); if (rc) { char *dev = inode->i_sb->s_id; - unsigned long ino = inode->i_ino; + u64 ino = inode->i_ino; if (rc == -EINVAL) { - pr_notice_ratelimited("SELinux: inode=%lu on dev=%s was found to have an invalid context=%s. This indicates you may need to relabel the inode or the filesystem in question.\n", + pr_notice_ratelimited("SELinux: inode=%llu on dev=%s was found to have an invalid context=%s. This indicates you may need to relabel the inode or the filesystem in question.\n", ino, dev, context); } else { - pr_warn("SELinux: %s: context_to_sid(%s) returned %d for dev=%s ino=%ld\n", + pr_warn("SELinux: %s: context_to_sid(%s) returned %d for dev=%s ino=%llu\n", __func__, context, -rc, dev, ino); } } @@ -3477,7 +3477,7 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name, &newsid); if (rc) { pr_err("SELinux: unable to map context to SID" - "for (%s, %lu), rc=%d\n", + "for (%s, %llu), rc=%d\n", inode->i_sb->s_id, inode->i_ino, -rc); return; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 98af9d7b9434..2eb3368a3632 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -182,7 +182,7 @@ static int smk_bu_inode(struct inode *inode, int mode, int rc) char acc[SMK_NUM_ACCESS_TYPE + 1]; if (isp->smk_flags & SMK_INODE_IMPURE) - pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n", + pr_info("Smack Unconfined Corruption: inode=(%s %llu) %s\n", inode->i_sb->s_id, inode->i_ino, current->comm); if (rc <= 0) @@ -195,7 +195,7 @@ static int smk_bu_inode(struct inode *inode, int mode, int rc) smk_bu_mode(mode, acc); - pr_info("Smack %s: (%s %s %s) inode=(%s %ld) %s\n", smk_bu_mess[rc], + pr_info("Smack %s: (%s %s %s) inode=(%s %llu) %s\n", smk_bu_mess[rc], tsp->smk_task->smk_known, isp->smk_inode->smk_known, acc, inode->i_sb->s_id, inode->i_ino, current->comm); return 0; @@ -214,7 +214,7 @@ static int smk_bu_file(struct file *file, int mode, int rc) char acc[SMK_NUM_ACCESS_TYPE + 1]; if (isp->smk_flags & SMK_INODE_IMPURE) - pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n", + pr_info("Smack Unconfined Corruption: inode=(%s %llu) %s\n", inode->i_sb->s_id, inode->i_ino, current->comm); if (rc <= 0) @@ -223,7 +223,7 @@ static int smk_bu_file(struct file *file, int mode, int rc) rc = 0; smk_bu_mode(mode, acc); - pr_info("Smack %s: (%s %s %s) file=(%s %ld %pD) %s\n", smk_bu_mess[rc], + pr_info("Smack %s: (%s %s %s) file=(%s %llu %pD) %s\n", smk_bu_mess[rc], sskp->smk_known, smk_of_inode(inode)->smk_known, acc, inode->i_sb->s_id, inode->i_ino, file, current->comm); @@ -244,7 +244,7 @@ static int smk_bu_credfile(const struct cred *cred, struct file *file, char acc[SMK_NUM_ACCESS_TYPE + 1]; if (isp->smk_flags & SMK_INODE_IMPURE) - pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n", + pr_info("Smack Unconfined Corruption: inode=(%s %llu) %s\n", inode->i_sb->s_id, inode->i_ino, current->comm); if (rc <= 0) @@ -253,7 +253,7 @@ static int smk_bu_credfile(const struct cred *cred, struct file *file, rc = 0; smk_bu_mode(mode, acc); - pr_info("Smack %s: (%s %s %s) file=(%s %ld %pD) %s\n", smk_bu_mess[rc], + pr_info("Smack %s: (%s %s %s) file=(%s %llu %pD) %s\n", smk_bu_mess[rc], sskp->smk_known, smk_of_inode(inode)->smk_known, acc, inode->i_sb->s_id, inode->i_ino, file, current->comm); |