From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC365EB64DD for ; Thu, 20 Jul 2023 14:13:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5BAE0280117; Thu, 20 Jul 2023 10:13:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 56BBD28004C; Thu, 20 Jul 2023 10:13:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4344C280117; Thu, 20 Jul 2023 10:13:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 349CA28004C for ; Thu, 20 Jul 2023 10:13:45 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id C1E5F8012B for ; Thu, 20 Jul 2023 14:13:44 +0000 (UTC) X-FDA: 81032183568.07.A6A73CB Received: from mail-lj1-f172.google.com (mail-lj1-f172.google.com [209.85.208.172]) by imf12.hostedemail.com (Postfix) with ESMTP id 7362D4001E for ; Thu, 20 Jul 2023 14:13:40 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b=HSBJvB5C; dmarc=pass (policy=none) header.from=linaro.org; spf=pass (imf12.hostedemail.com: domain of dan.carpenter@linaro.org designates 209.85.208.172 as permitted sender) smtp.mailfrom=dan.carpenter@linaro.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689862420; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ERQ0Qu3T6Bz3k+ywQiOUif0b4ZsQ7lChxmwFwBw8hTs=; b=xtvoZySKPYBj6rw5DiWzyTMYb/386XjwYfJo54B/NesDjrvH6m8afy3s+3nWx6prbCqw5g ODYy41Atz1pcUonRgOa0pnZsj70Xl1uOXfYMNa353vNGzz7hvXX1UaxWEjOJmIhnqVmPHD QgC3pwKxkx7c4hZWY2mk44zCH8SY1QI= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b=HSBJvB5C; dmarc=pass (policy=none) header.from=linaro.org; spf=pass (imf12.hostedemail.com: domain of dan.carpenter@linaro.org designates 209.85.208.172 as permitted sender) smtp.mailfrom=dan.carpenter@linaro.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689862420; a=rsa-sha256; cv=none; b=VjN/crlXhJlocVnU7I2vU7M1RUgtu/3k4P723Op0qrlE6lVMrawL+3A8hvICaRaPN71OwD gpML7ibEbZk6bjaf/jW31K8XZUBJXEdv8HX1+VJDYGPxP5+B+2bdRG9/5oO6XXd9HBF+em D54BFvvKweQEl+hfr/yl/GFHrPc6Pbk= Received: by mail-lj1-f172.google.com with SMTP id 38308e7fff4ca-2b93fba1f62so12411051fa.1 for ; Thu, 20 Jul 2023 07:13:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1689862418; x=1690467218; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=ERQ0Qu3T6Bz3k+ywQiOUif0b4ZsQ7lChxmwFwBw8hTs=; b=HSBJvB5Cd67p4JvLMey/aDWMBCFn6p1aofMqSm7puXk2Ghe97RK1IUwyT6UeEcagmt B8vCUMxGdt03qsSm2JDLEOeYj6H9FosR8gPhmQ6SoMRYcvbEpSs+O/vOG8h0AQkFlAaz R4cDr1oN0ubZLBRmJWWgGUlzR4z932clQBBY3uJ9ywJIW8WCU0korUD/d1k0Ml8dzzTc r6q4hd4x/meKCqpCDr6JrjKIo+NozsTwnXXaI14miR1xwv9klqL99XDDcY70E6oqsbO4 pIv5z8jI58a6jpZkME/nitDks7wnthn9AsUerus6IeW2wwvLxVbuqUqDxOhnpkAU4JZw IrIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689862418; x=1690467218; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=ERQ0Qu3T6Bz3k+ywQiOUif0b4ZsQ7lChxmwFwBw8hTs=; b=HCiXSmcMQhkmv38wQZ1naEHCGZL4Bv4YoT0yi/p7SF7UMGvwlFJdPdM+lerMhTIbGn vwC0rnKgX+d5QsVzDt06rto9q2Be1CKtoTV3h0toW3jGExSYFAXIhWMhz6nakog541mN BlxpOEObC/kr1woP1k25lCWWgAX8TJ1DTSf/cbEPizbYchfEIKggD10BfYIJ6XrdZ5IL 0ESEVeFj2xcakSKuP97e+f5d9BDKefgMsJKcsC6oOMBE39QC/o5oKIjnWMsQpggFrELI djd5q2BgB8ALunPlgi4wcr7xwwJDaMFKbHBAhVJHoUCrgu1FtClBghVDwd8k/K5hqpD3 LANA== X-Gm-Message-State: ABy/qLYIrK5AekhRdSSGmmZOSkZMPsp0wKQvXXJcDDchOJTGwuW0uICI xevUSsbWW4BJEa4RJAvDJnyM4w== X-Google-Smtp-Source: APBJJlHBphGKstGk7EBxhAe0LG1t1rqwF3LxHgC2TQIHknyOF/bOOSmH41DtrjQ6hKYblqDd4QJoEw== X-Received: by 2002:a2e:9695:0:b0:2b6:dc55:c3c7 with SMTP id q21-20020a2e9695000000b002b6dc55c3c7mr2066251lji.20.1689862418392; Thu, 20 Jul 2023 07:13:38 -0700 (PDT) Received: from localhost ([102.36.222.112]) by smtp.gmail.com with ESMTPSA id n15-20020a1c720f000000b003fc0505be19sm1270545wmc.37.2023.07.20.07.13.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 20 Jul 2023 07:13:35 -0700 (PDT) Date: Thu, 20 Jul 2023 17:13:33 +0300 From: Dan Carpenter To: Linke Li Cc: linux-mm@kvack.org, mike.kravetz@oracle.com, muchun.song@linux.dev, nathan@kernel.org, ndesaulniers@google.com, trix@redhat.com, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, Linke Li Subject: Re: [PATCH v2] hugetlbfs: Fix integer overflow check in hugetlbfs_file_mmap() Message-ID: <5630f9d8-660f-46ec-8e44-91b00e301bb2@kadam.mountain> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 7362D4001E X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: igr43oxxtkncjy11c1eoqpr5nzrg7t5n X-HE-Tag: 1689862420-984512 X-HE-Meta: U2FsdGVkX1+bJK4p7iwYFitPzu9zH+fyFowuzcPG4ZVi3wwOIutj2i5TqfN0lsMMeM1t2tUw0PYfZDl1HJQJ5ksoVhP/3SLMEUG2f56N3g1Y/nP3YYkQMSO6/VzuxYpGST7VX7bJtzBRldhmE6nC24g4qlkcDo3iN1/C77k33Gy2YKsyeADDuTM1u0ApIQOi0NoyMjPxMS3K7wiWpSgQIMQfJsoDvbk3sVB3i8ujWlWoIF+MZkelqOPqAT4J7OUZiYVRO/jaM1i5bcvJtsSgVroF67ARKAOAPWokiVxY/u8vIvG+niGWY1nBNVGa2SU5OKAi/0DtdNgRHKU1nTf4RRBNHuvRY1uYMu3YlrBnRBIdXT1/UVzxCXqSVf6XzL3k5mF51K7x9GF/CFm83DwrLE5qyHWAzaPtrJvg8iO4BsnkosFr82CbUzQyS1vXtcQLkkXeS4oMKOgTSgX3Uwbz6sNF1io0cORMU5KVoACpc7XxVu4I5jXa+XqUxDjNT/X2DGTFZC8URptJLyDcCBJkt8RzkL/MeI/2zASGf/gM/tafcaSbd+Jx2j1QAtdn8A0pgarxNsF7HAMkvwIUIB/MFYdiqHtW9fxFjAjpPAkAFpbaqov9I3LcA3Gtci+ebBKIHfjtZpX5N4e7H/ylydbDGxV1veiMVPtb4FtIT+0mPZC4+1dACESLcAvgtDCEL08anytXSa99fMv6JUDsFUojHIwSGfnASyiYGpmAh1J1g8Hr+kIjEKdZoPPf08dOFHQ13lURvPvlrK/7nG2ij4shhmWKqBKM4VSEKZ/RO/O3M7UAAf/0q94cIIucSJGcov2fYDg7PwtVQXxSIwgRFBxoXtFrxldj9PyE+bPcohc7TwknJa6ueCQscKUK6PqoiYx42Fi+OJstj92eDO6TwL2lboGBJ4GISR2so4sTPvkSVPFAKCsAY2VGJeEV1DdRySu1Tkhrb83Ar9sZqmS87Vs 78BNYKcw D0uKgPvJDtralfB3ClCVqqjKJigCUjQ96u6ZKrBZMB+nnKQzb0yJv0kawJTCwT46Iu5WW2mwUCQ/kFev7Nwy4IrZ2TWzlEKdNhyBLDEvZ3SKAg3jULoU+HFsT834Tqu56IG7SMS5DdhgaGKQD48x3kzcdgya0e1fcPvo4NyOhLNh6I678sOP77QQG5q9f2gwowc1i9asUNySF0YI+to2YRNREEUWEyjALkpw7BcRqFqDeZcXB6+OzohFelHtcXLi4TxYJ4Se7vL4U/Ix9f8SsCZ4JzIq91vdc5tlgnik+IJIiAFB+MvYBNPga/6kJhavn4HhbzQv91SrHHSCuguzSkUApP4R0jJPJs+N1mNZV9pCgbPHJNqb/kuCQZpq3epKHwkry X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Jul 20, 2023 at 09:49:39PM +0800, Linke Li wrote: > From: Linke Li > > ``` > vma_len = (loff_t)(vma->vm_end - vma->vm_start); > len = vma_len + ((loff_t)vma->vm_pgoff << PAGE_SHIFT); > /* check for overflow */ > if (len < vma_len) > return -EINVAL; > ``` > > There is a signed integer overflow in the code, which is undefined > behavior according to the C stacnard. Although kernel disables some > optimizations by using the "-fno-strict-overflow" option, there is > still a risk. It's not a risk. Better to say, "although this works, it's still a bit ugly and static checkers will complain". I wouldn't have commented on the commit message except that this patch checkpatch warning so you're going to have to redo it anyway. Run scripts/checkpatch.pl on your patches before sending them. WARNING: please, no spaces at the start of a line #49: FILE: fs/hugetlbfs/inode.c:158: + if (check_add_overflow(vma_len, (loff_t)vma->vm_pgoff << PAGE_SHIFT, &len))$ WARNING: suspect code indent for conditional statements (4, 16) #49: FILE: fs/hugetlbfs/inode.c:158: + if (check_add_overflow(vma_len, (loff_t)vma->vm_pgoff << PAGE_SHIFT, &len)) return -EINVAL; total: 0 errors, 2 warnings, 10 lines checked regards, dan carpenter