From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 38F48EB64DC for ; Tue, 11 Jul 2023 11:49:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 90FB26B0071; Tue, 11 Jul 2023 07:49:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8BE846B0074; Tue, 11 Jul 2023 07:49:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 786BC6B0075; Tue, 11 Jul 2023 07:49:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 654756B0071 for ; Tue, 11 Jul 2023 07:49:14 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 360DF1C7D23 for ; Tue, 11 Jul 2023 11:49:14 +0000 (UTC) X-FDA: 80999160228.07.51BEBD3 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf16.hostedemail.com (Postfix) with ESMTP id 000C6180011 for ; Tue, 11 Jul 2023 11:49:11 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=AQaBdNI6; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf16.hostedemail.com: domain of david@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=david@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689076152; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ox1ybSLl45XwKkwvaJMisJ5/+NEAsrD7J+jcJG30/JQ=; b=fY60sCee87LTGMOXVZkWfeIAHS0tmw+2rFHsnqucOje2FdUsSsIEQXAR29S77mJwfr1/FO XDttiT+c4PQjn/LayegM+5q329RqJ4ZQBUEdeKRGYbGV1gl5b/IgWWuVqCoMGAwWxSqaal SdJ5Z+wQckuSDNKyb9Xmem22goCBXsc= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=AQaBdNI6; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf16.hostedemail.com: domain of david@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=david@redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689076152; a=rsa-sha256; cv=none; b=Jrv43sx8nQKhEnja7xvbkP70iXkEVDXAw+Mj6Tk0rpyC6YHdm77Jt6S0AYOOJ6n0w37QFv P1mrLNYZQDQEJ3Lxg5k3o1KOEXQ98nYZkd1Cq17Nh7a6wGePjn6WLOu/255K2+Qxfa8I6N V9zZPoxbL4/IobxVW3YWf+8CfFEP+fI= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1689076151; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ox1ybSLl45XwKkwvaJMisJ5/+NEAsrD7J+jcJG30/JQ=; b=AQaBdNI6PnPj0Gb0TGw5XmSsQZ4M/ID3LOZVmDGa12hvKpyfgSIs51McaD71LQB05edois Of8nzbn9QgP7pB8bXXJ6kv8QIJomxtatR4/o2YjoW0JMZ9uIkOWsPTFwfd+MFW1wW9ttzS d0i9u8Kk4DRtM4Wi4pkTBeR2tZWtlzc= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-539-3FdGJ_5xM46ngb-esFapvg-1; Tue, 11 Jul 2023 07:49:09 -0400 X-MC-Unique: 3FdGJ_5xM46ngb-esFapvg-1 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-3143c9a3519so3923770f8f.2 for ; Tue, 11 Jul 2023 04:49:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689076149; x=1691668149; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ox1ybSLl45XwKkwvaJMisJ5/+NEAsrD7J+jcJG30/JQ=; b=KZu9Zfni6uxub5fEdMQ1ikdQN5paOr2DUGgr3o2934PJ0kkFdAtgo9AXCqxT0VMQV/ gR0onidmO6E3Y7njxckC/oy5Fi6dKbkPKDnTT7joG4XK8LwcVKCLj/hx4elBOr/JdRtm h+Yfrqvrf835uDwyGQunSVnXvt+KzBGiQPNtxx5OTtWIK6lsDwHqFqHd6YOtI2oIXjaS FV7CzmXbx4dwKe0v9SUsbQ87CTKr8bs6WjzYmazmNS0692vPU9KYOSyUS5WA2+0AJcS3 pvjuVmKt4lso1VcqSno4rU0v5JfIgUpmkvQVQeDVvhYzfP3dZ/b2Q2H/iWX4h/SVrt3f ZLrA== X-Gm-Message-State: ABy/qLb9iADhgvje7/TSrbbUAPE0vwdtmQLo0CDbyA7HFlxsUQNLi59w CUNRP6rOuR4xHAaNjwiFxsEpHZYJau/ZXvNd/HDZBhWmfFuFzr7zs46mUq6T9bFtA59imHzb3aw c9Rykxtupav8= X-Received: by 2002:adf:f9c9:0:b0:314:2132:a277 with SMTP id w9-20020adff9c9000000b003142132a277mr17501677wrr.9.1689076148758; Tue, 11 Jul 2023 04:49:08 -0700 (PDT) X-Google-Smtp-Source: APBJJlFZd89iKuySO+cfoLjyf2v2YUsX/u5t8p1LFxTJwVXW3pD745O+xFed6Np91H3kYcR2bhyjDw== X-Received: by 2002:adf:f9c9:0:b0:314:2132:a277 with SMTP id w9-20020adff9c9000000b003142132a277mr17501654wrr.9.1689076148389; Tue, 11 Jul 2023 04:49:08 -0700 (PDT) Received: from ?IPV6:2003:cb:c745:4000:13ad:ed64:37e6:115d? (p200300cbc745400013aded6437e6115d.dip0.t-ipconnect.de. [2003:cb:c745:4000:13ad:ed64:37e6:115d]) by smtp.gmail.com with ESMTPSA id b7-20020a05600c11c700b003fc015ae1e1sm2386296wmi.3.2023.07.11.04.49.07 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Jul 2023 04:49:07 -0700 (PDT) Message-ID: <65f4c60a-9534-56dc-099f-ee7a96e0ccaf@redhat.com> Date: Tue, 11 Jul 2023 13:49:06 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [PATCH] hugetlbfs: Fix integer overflow check in hugetlbfs_file_mmap() To: Linke Li , linux-mm@kvack.org Cc: llvm@lists.linux.dev, linux-kernel@vger.kernel.org, trix@redhat.com, ndesaulniers@google.com, nathan@kernel.org, muchun.song@linux.dev, mike.kravetz@oracle.com, Linke Li References: From: David Hildenbrand Organization: Red Hat In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 000C6180011 X-Stat-Signature: eiraziyzx63ramtkta6b5fcgr9gsm8pu X-Rspam-User: X-HE-Tag: 1689076151-878542 X-HE-Meta: U2FsdGVkX1+r17ACVYVkD62UbK9OZnb4th8LRyElHqv/0fhv62Ggnc2JwZsTqC5BE/ZAIdQLWBcWjSaqMUMczMKb8xG3U+p0JxnAgoe0AyvA8tx8N7rvB3t86jWA18e+wXA1belK6Vv/COuTqzcdJmVfPbcVgNPf5boIx1Do2CBV4AeEUJXok36zEMbO+g0/mfEilgjecOhQvJtAk04tNknxv1v169ol3anyJrkCCKSKxs5s/twylgsa18gL2QeGPPEb8rbPjfmCA+cXfZfsJl/xgtbn1LYt0MH3vS2ND7TG/wXA/JE1bthG5IFr4iO3x7KVeIUlaJQeUfbEPDPQfM4fMG5g3A1XRF4nS8kmhq4IG99oVXhQnIy90zj5Zyoo+Eb+34W3EoTEwcrHfLvRohp6zdUXj3JNSvLrMC2nks96wYSket54yYBw7ap69XL4AoUUoMalDsGtzcm06fHgBfGFXfz7lSFc273Bxy96CFHbqjsYQhrADTx5RdtBNOyDAXOq7QW1J686lNH6aOxqG3ikUvMlw0kjVDApkqnmeDIaaQwQ+DIBV+qK8raYnxfc+TEej1FyAd7U5OZVW0WBh+Gt820wKOt1gvDtlIr28BWBWPclKbw6Mu99wJLYhVpAMmLlKuI2nVGCUeWG8C4Zs9/RdlfekSyyOsTRbEY9w+r4+QOUtTZyR23XF8PbI3fmKfGLDszBZTS6mj/he6jqiyb0ALihJve5sAz5u6SpIV77ABUSp5jxKSaRGMQd71BEwGvCa+BeoZJLYHIkR3qtr95lPfnw8GVyb2MXz+UY9OGSnYzRCj8HvMxUEVdbxQzEoGkoVDQq7XcGMDvB7F6K+OzACXnml8VKuABcS2bWDmTyvhR1LipeSKUhoPMe6c3GxlC4F9a+F0yYbBcGNVuCmO0qdvAZRaU1aN5Wa4Gc4n8m1FfX1qAMCLSLrd6g2W9eolt6YDjjHIrsdRKBomV ydmz3F1N 11/7jX3xC7ZijeDqU9zTR5T1rSk1LSqq0NP+oJ3+F//T7c3crixd5Tg/nNlATV45KE1/omgbIxr3IEXewxv+VksnzDTZXguQZwWlqDzhORBRCnk31mP54PxwkoazWjT0ESjmmELz2Da8yNkv2eG7NVjIk2lz2ZYjUVtAaEYleuPcFJg9tJJJzBsZx7Cv5pMM5iX1sqhhpLz2n8tIffJ20kMPpsTT2F9GrI+b3Od4DDslJ2/DDb4B9+Bm+F9UlXKuLtrVt2T17OJjS/w5F5kKUcEN/f2LDKxlMrCtjr7RS7brGzMwcn2yQGkJkmlW6xDgU42dqtgXao+WWENyVUbr3Q6bfWKePx6VBlYFSOoWGS7vPsIk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 10.07.23 10:32, Linke Li wrote: > From: Linke Li > > vma_len = (loff_t)(vma->vm_end - vma->vm_start); > len = vma_len + ((loff_t)vma->vm_pgoff << PAGE_SHIFT); > /* check for overflow */ > if (len < vma_len) > return -EINVAL; > > The existing code includes an integer overflow check, which indicates > that the variable len has the potential to overflow, leading to undefined > behavior according to the C standard. However, both GCC and Clang > compilers may eliminate this overflow check based on the assumption > that there will be no undefined behavior. Although the Linux kernel > disables these optimizations by using the -fno-strict-overflow option, > there is still a risk if the compilers make mistakes in the future. So we're adding code to handle eventual future compiler bugs? That sounds wrong, but maybe I misunderstood the problem you are trying to solve? -- Cheers, David / dhildenb