From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB6E8EB64D9 for ; Tue, 20 Jun 2023 01:39:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6A4658D0002; Mon, 19 Jun 2023 21:39:09 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 653298D0001; Mon, 19 Jun 2023 21:39:09 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4F49A8D0002; Mon, 19 Jun 2023 21:39:09 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 3E53A8D0001 for ; Mon, 19 Jun 2023 21:39:09 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 099AFA04BE for ; Tue, 20 Jun 2023 01:39:09 +0000 (UTC) X-FDA: 80921418018.18.2D9106E Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2084.outbound.protection.outlook.com [40.107.244.84]) by imf24.hostedemail.com (Postfix) with ESMTP id E9E93180010 for ; Tue, 20 Jun 2023 01:39:05 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=gtjSBAqg; dmarc=pass (policy=reject) header.from=nvidia.com; spf=pass (imf24.hostedemail.com: domain of jhubbard@nvidia.com designates 40.107.244.84 as permitted sender) smtp.mailfrom=jhubbard@nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1687225146; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=NeEKzbRJwmGfR9vKDZhXtfCMMmg68F4I+Mvl2b6YrRw=; b=5fOPX7aTHpeMoAIIT+qsuZET7qcrLZ5AxHZ35kCjCvVV02eR4Mi8Pp7yW7WhJTvMWA4BS3 RGflMNNLxQ2LhjoUFjuLB0i66BNyHHcogfTQMrI6ahOIqWMLM28l0Xblp6u8TxxrbrUy63 oj6jYIYk2dsS/aoKIfraoaMPyYrkVFE= ARC-Authentication-Results: i=2; imf24.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=gtjSBAqg; dmarc=pass (policy=reject) header.from=nvidia.com; spf=pass (imf24.hostedemail.com: domain of jhubbard@nvidia.com designates 40.107.244.84 as permitted sender) smtp.mailfrom=jhubbard@nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1687225146; a=rsa-sha256; cv=pass; b=EG5AGDyvloCPP7U6nOZX6N4OjsOIqgrk/wDij07+qL6YHbZhNLbDx4POzmM5bC3epdzZc3 Ml5w9uoyJmZR9iqm75hvxcfDk60gOmkpLGQ6YCbkMNUBt7nmamRTrTnJz9C2C3q2ainwQD Gbc5EqHUSy+m1dqRpiOhBBbnpanBGEc= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YVMOmrFSdDBwufUndorxSjpX0MXiO4AStF4JhhPWcn9SXNY0C3mexYI3OwQa/DdXG6ESpDBzqgs4uxs0maidU/wukyhKs/hLQgpTP8a3rteyVQGL3L9vpscidd0TCGDUH5PHM0LzrkpSAEI3j7DsoNHVLWe8vGpyHVS/hHJhb1SshjR20l7Ov/jVjWQlCNVo0SugscRU2GzC4mvVs/FYMstKtd/dn5BtIdkUIPwwO8rG58z4gK4Pdrd3RIukZtbjPDcuDDeOZDRWuAWGrBrASETTfDlVM0MFMq8/fyslOtNlE3JodZe4UD9PpUnFRk9bhIuex0ZYS8aS+frP4ZZcJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NeEKzbRJwmGfR9vKDZhXtfCMMmg68F4I+Mvl2b6YrRw=; b=DgohCIKvotQ+vNNf5831szDvJgYhCHhgy1Yn5yoprkF5ExpRbCUuD5jfFSs5gomAEy/+6ol6I1iTwLDAMdmfTPHSqrz2m4Rx6DwQ7xyv1m4sysB5v9P/IkMGVvskZOXM3rXXUAnDnsMuh1hfGmtD2g5AbZ42cdHBVO1suCspHSLkEgYF9snxJGxriuyMd+3kOpqa9QwkrREzi+D/x0cP4zrs3ZD3bpVvzchQ6hBha4Vc4Z8sUwv7HeZdgEu6fepK/53x5qjHrZ5AJJUVmvNFnfpZ/c3cisu048oY8F11l2s+VSaRvLJQkBnboPqJBxdu0xW2HPGBWg1JJZOla+EOqQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=linux-foundation.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NeEKzbRJwmGfR9vKDZhXtfCMMmg68F4I+Mvl2b6YrRw=; b=gtjSBAqg1OrVkzux52sWEX3aQbaM5kNvWmHtcMY4ZBbGoXezPjLyUy6vQ/aCxGyQIEmq2Rp5J6+4GKri5cUSYPRoLOtUvjHRkhVr1y+04HeA56GRGNjI3r8Kzbct07YObZZmsnAXDImYf/P07dwKGqRTHZgJpxRvDseTd76ADo4u+cR27Uob5ZSs4OmwTEyzROt+q4Ty6KJnlxbzmHjtIk368kVXF1CaIm7WBE1ctZ3tJwjsuod9ouM+734zMqfVtOyTQ5zcUuTrr8iZLix/0PrivKbsrESr1tZKJ7/EnTB4sj6PVcGQalGiIYK7VfjCscVYYCWlD/mfJpLvyBgaQA== Received: from SN7PR04CA0222.namprd04.prod.outlook.com (2603:10b6:806:127::17) by CY5PR12MB6132.namprd12.prod.outlook.com (2603:10b6:930:24::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.37; Tue, 20 Jun 2023 01:39:03 +0000 Received: from SN1PEPF000252A2.namprd05.prod.outlook.com (2603:10b6:806:127:cafe::16) by SN7PR04CA0222.outlook.office365.com (2603:10b6:806:127::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.37 via Frontend Transport; Tue, 20 Jun 2023 01:39:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by SN1PEPF000252A2.mail.protection.outlook.com (10.167.242.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.27 via Frontend Transport; Tue, 20 Jun 2023 01:39:03 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 19 Jun 2023 18:38:50 -0700 Received: from [10.110.48.28] (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 19 Jun 2023 18:38:50 -0700 Message-ID: <2d0faf24-dc17-fc96-623f-6cc08c646573@nvidia.com> Date: Mon, 19 Jun 2023 18:38:49 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [PATCH] mm/gup: Do not return 0 from pin_user_pages_fast() for bad args Content-Language: en-US To: Jason Gunthorpe , Andrew Morton , , Lorenzo Stoakes CC: References: <0-v1-3d5ed1f20d50+104-gup_overflow_jgg@nvidia.com> From: John Hubbard In-Reply-To: <0-v1-3d5ed1f20d50+104-gup_overflow_jgg@nvidia.com> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A2:EE_|CY5PR12MB6132:EE_ X-MS-Office365-Filtering-Correlation-Id: 3622945d-ffa9-448a-7a77-08db712f210e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qGSsbwlIpLqWxtaldKgp1cUj/3YrmnjwIAJGcwZ6/pFZnvf0kzG3fXvebXVPgt0UXV7dJ+90HYj3LW1VQQY/GwHzljKARd+ES3EBsXMp3vKMfvOVrNTJxNPVCS/EjL2AXBHqWzjd7OAw4JTJY9+J6Tne4JfkHrKCwNQ7zyYE7ondZ5sKigeJdM7zy0m+rQdnKZDrzBLbTPh65quEPEQ9E9IAfDEiKSbMBfxlG4E0fqhrwQKqrhEcvSJQ33QotWP6cxPthKe0/G3CR14LqBUQJ+RF1U1IzdTNYm5vt02LjB2hf9rCfJaoa4vLU8jMOk3cCNKRv3dcFlHcfQWFtwH1Tf1674NzF0Ct046e7Dzh3ALbpMCCOFaV03NnsDyvzbRbDjIjPGfrmbhFehlADErv8E1I2NpwaRt4JG+X71F4ceZBPF9fQAOYX2jhEWlPmUke92WDzpxwUvmNNmS9SH2Nj4W8w9aFrvvuSHoGO8DgTsImu4hFF8sSk6cc0OLrSGKsCci8GSWYXA3hgyy1c7HC9aIxVnN5laDxQCLj+KdDGrmVRGr05NbN+bs+HatLrAkOVHd/OTmFSiHbRi5cN8vxSqRt1ohZpPMrTwQECDqbioZ/eZMVqKX9Vu8OUyp9BQrmtA3oDfXryhJUNkvbDZS0vtj8vuz1L/k/hxwMEc2awEyw2LRElt5mHL8EqcOKMix+XljT/z/s2555v9jXZ2SA2Z9luIHWyu71Nw102cwsipqfqhB0sa5FiM60rU+nOcoDh7x6jqKw41LjZZpqQG4VQjrlXvFWt131cI1jafd3GKu7Lnq6KGlp+90P0mRCPjic X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(396003)(136003)(376002)(39860400002)(346002)(451199021)(36840700001)(40470700004)(46966006)(82310400005)(31696002)(31686004)(336012)(47076005)(426003)(86362001)(83380400001)(41300700001)(8936002)(8676002)(5660300002)(316002)(70206006)(70586007)(36860700001)(2616005)(82740400003)(7636003)(356005)(53546011)(26005)(40460700003)(40480700001)(966005)(186003)(16526019)(478600001)(110136005)(16576012)(4326008)(2906002)(36756003)(43740500002);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2023 01:39:03.3805 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3622945d-ffa9-448a-7a77-08db712f210e X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6132 X-Rspamd-Queue-Id: E9E93180010 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: o6fbhp8qz5485yw3j4c8ttuf498bmaab X-HE-Tag: 1687225145-793772 X-HE-Meta: U2FsdGVkX19IZvDIM5RnaNTIMlcicD0U8cznkbay6B0NhAPdAWXtoDXZA93ioShSDZdlo06He8KJRfDcwSlN+VT4Nqne2v/eGCZwxRMyVHwFgZxMWBaPhQ2e9LiYyUqCdhq2liefvH9w+PTDymVENYiACNvASyQX1FqP3RE55SXR9ieDXo8tMcAnBIoYdIkpSUjXzDyPRubehXu+oUQIw+j0geqw7Td2q0akwjB40jtMs7fGq/emMRmnk1rDsyZakcUqdy1DvlmM4Xw1FAhbK/jBOE7hP7uRGjRWqAWRifC68RRMIxm3GMujD6ADHYWfGwI+gorHHz8JOKMQ16HcHVhjAahhnGYnMYV77MtAsoSnoLtdI2ZygjrW3VOH0NyMFk1Z95C2VFM7wfXEVYl7Fhbya3n9JF6kRBDk9pJtO8EFs44ixBz4IC8dg3EP2Yel0/l0nefGd8FUfVgSJJ9yDNGcxrGQFhHLk8ZWzXTPrfpuXk8ZEskUmthJpEOnnzPer4YOaFG9Bn4kh3Wqo1qxHRNksWpHSOgnlAZZJDD5W+D+vcK5ocv6tTxGi7KfUgVvE7qjH5yfRn7RtH3VqagMdfD52HeplVbMeXeWoBYfE2LV45tVA7F2jEde7qmpfVzTsBdUH0evGk7aSUvO1/WbnnEC3Nc3tv/KpPZevSKYwWcM009Q2cafSKWETfqJikSFBUlvIBTR6dktfGuAKwo4c5nE+dg2bk933NS4lPHQUDE4JwFqMSYep9dIofKpkkwWhSxn/ZpJvWdOwkwq5Wr5WJpHZ8xBrWoHyzZlRrost2mX6PzwA50LQaWKF2TA6imsSIYBzD66ohCvKFBHT/v0BGB0w6wunb5lMATvr7hQWPtqmCIjAAdjLdxP2oVMbdu0g2/vBNTnemwLaOCdH6TzeaAZLEfI3X8QZPn06sNOmZN76/GWVy0VVnkOMRS9IaeM9Jo11gbpO9xveCAAvvA pJB2xxza pwaUT1S8Qg/DCJqeTgxIxHl7HizDAJm8mp9ffQkhQqdDJtz45ahU3rOZSNaGVeMUf9S2hnYCcbzPJIdgbYs2PZFOBA6KeZYae0sgHJacpXv6CbZ2/icEh8SciC911iuaZLF0nWt7vEgA/Mapdag/IFwmuydhZYx4cTugazTltOGlwhLdzIwkvMaY1Q2zsh5BfvmTrhDUveDYPPiWL9bqAGUdY49vT1L8dtDmjJc0T4qFf8aIyD4vryEgc+Brww6U/HXNjFy47wN0LZbaMLsp4VWFq4t2rpcz+6kVON35kMRRJBJghZ3y6/KzJfcHBwgxJC78m6ZnFmAt0zsp4nal9Pjjr+SpUBGySgRlso01l11wA76ZqgBjbF2JGJDwUuZAniBVr0HfkiGrr8+VYJyU5sSqaJrZ9TP26Elt/ZQDVv4GR8U6vzG/3CzlsdWa7EA48hZMYJ1GfcR4l4OWPPJCxcl6I4ZtR+bk5np/dQp0OHnsuwf4Lfoj49ofPE1RuT75Iv5tZqI2gtsXaZMnbNH+gYFdHIHQm/I2FaC3nlVtiHxycWF36IOTfBb1PNp+O3rVuknBOttnlMCnA4JuYfrB1ibyPdzkyYooDytsS4hJwwfqDYGHRzm7BFP8P65LLwggLiH+WLOPkFLq/ig3iUst9CzAxAw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 6/19/23 11:27, Jason Gunthorpe wrote: > These routines are not intended to return zero, the callers cannot do > anything sane with a 0 return. They should return an error which means > future calls to GUP will not succeed, or they should return some non-zero > number of pinned pages which means GUP should be called again. > > If start + nr_pages overflows it should return -EOVERFLOW to signal the > arguments are invalid. > > Syzkaller keeps tripping on this when fuzzing GUP arguments. > > Reported-by: syzbot+353c7be4964c6253f24a@syzkaller.appspotmail.com > Closes: https://lore.kernel.org/all/000000000000094fdd05faa4d3a4@google.com > Signed-off-by: Jason Gunthorpe > --- > mm/gup.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Reviewed-by: John Hubbard thanks, -- John Hubbard NVIDIA > diff --git a/mm/gup.c b/mm/gup.c > index bbe4162365933e..36c587fec574fd 100644 > --- a/mm/gup.c > +++ b/mm/gup.c > @@ -2969,7 +2969,7 @@ static int internal_get_user_pages_fast(unsigned long start, > start = untagged_addr(start) & PAGE_MASK; > len = nr_pages << PAGE_SHIFT; > if (check_add_overflow(start, len, &end)) > - return 0; > + return -EOVERFLOW; > if (end > TASK_SIZE_MAX) > return -EFAULT; > if (unlikely(!access_ok((void __user *)start, len))) > > base-commit: b3eacbbcd0dab69ed4c44cbd2d2d72b016762b17