From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7A38EB64DD for ; Thu, 13 Jul 2023 07:56:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 43FDE6B0071; Thu, 13 Jul 2023 03:56:11 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3EFE26B0072; Thu, 13 Jul 2023 03:56:11 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2DE8A6B0074; Thu, 13 Jul 2023 03:56:11 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 1E0356B0071 for ; Thu, 13 Jul 2023 03:56:11 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id D6900C014F for ; Thu, 13 Jul 2023 07:56:10 +0000 (UTC) X-FDA: 81005830500.19.8819097 Received: from mail-lf1-f50.google.com (mail-lf1-f50.google.com [209.85.167.50]) by imf24.hostedemail.com (Postfix) with ESMTP id D2F61180005 for ; Thu, 13 Jul 2023 07:56:08 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=bK4trt4U; spf=pass (imf24.hostedemail.com: domain of lilinke99@gmail.com designates 209.85.167.50 as permitted sender) smtp.mailfrom=lilinke99@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689234969; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=aWc1kwBXlooW52GInseesObOXCmA4do/WYm4jVF0oTk=; b=KZ4A2tgg8GPGr5BL/Dc+QeGhcH19P/UePlS2PoyDqe86Drki4zo5PAfbi9il3DjGrB8F6C pUE3VDbA9GIjYPLjc55krD3+V6yx2nq+9ur9NhlfrgDW+OhTra0WPc2b3vZNm5RA4SoUo3 WQdY96HCeveVkXwGjx9g6Y7yS/0henM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689234969; a=rsa-sha256; cv=none; b=YB+1qftQYn3kwAHy9hqu2/8xrCuFkjcaxbqvnavMTw5wxJ3a7GKX2Bjrimwo2bUSu7hIzY 6RAb+Hr5G/qEtgtnQzn1kHWatVw/MOTiMmXFraTmjPzdRXcKjJJrTgfDiLtEfuwWNxq/zC Intykg+DERVEbrlDH3NX5O3AKz7hzVk= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=bK4trt4U; spf=pass (imf24.hostedemail.com: domain of lilinke99@gmail.com designates 209.85.167.50 as permitted sender) smtp.mailfrom=lilinke99@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-lf1-f50.google.com with SMTP id 2adb3069b0e04-4fb960b7c9dso772450e87.0 for ; Thu, 13 Jul 2023 00:56:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1689234967; x=1689839767; h=cc:to:subject:message-id:date:from:sender:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=aWc1kwBXlooW52GInseesObOXCmA4do/WYm4jVF0oTk=; b=bK4trt4UL+dxunXDoQNJl8B3ONBnUGkfUVcPUnObBOSvbL98iRsHLOxU+2S3HfTmJ0 kl0uAZNnG2l7Qa6nlqhRBWsWNaLM+JW6lMrEbl9Bo1+5T5BEQ4G5Nqw8SVF0Sa71PGTK sSn0JDdS2PWX8qQT8KzTwXKyTNJXJsw8xVOQcjAmI3NyhpkdcmUhJZLiRBhku5pqfVuC l90r6lLvgOLSrYEQk9yHpjb8ZpBfbrIaCyCHS1O1wjKOu6sE6S1JCwMRaZE0EQMXB/q4 qlIqTiHx56NaD1dxmmia3d94FY5o9gRf3zGwAMxkehD5dDtlIHXXHao4t+6kW5TQBnmX 4SKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689234967; x=1689839767; h=cc:to:subject:message-id:date:from:sender:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=aWc1kwBXlooW52GInseesObOXCmA4do/WYm4jVF0oTk=; b=cWjzhG8MVKaEIDYwoXVBVytWsiJ5Vwyg4k4z+vh1O3LzFigl+Ja1FI4krFNXVxEqgs D35Y0vRAfMt1v6+FRYQlXdRa1pld+jtnMNtj7s/xQnulMVCTBDzbCY6omB7FUHXhgNys IGGk8pmVzokxIlsHbASRJ+R3QssrfR33NwbneOvVBTF2eyfG7O1fm3Vo6lVmtDuWBGAk qtNl1W+5u1DURJpMU9VGHL/Cy19AwNp1pAttOlv0ZUn1A3KDDEbVHrKGiKE9mlvxjkXj B5EuGYuKk/gR6B9D2C/iClwJuwuG4fLTVPfjd2xP03SzyH4iY8mGmsElwhcehm5J+nAL GBUg== X-Gm-Message-State: ABy/qLY/r/npeDhiXFVUIRsGRMYOWjrHcvcmgG945gqbKpi7tkvb1RJ+ DWBD8mITmgMoqQOkVcji96iTarSP+eSTkEE6Yco= X-Google-Smtp-Source: APBJJlHIFwdXoq3fEeouuZHA3uRgotwmI8xtAA9OvUeQRBGjHbAdQIve77otqj4pB4KAcLWTqy9vCoLfVILX4h+g9FY= X-Received: by 2002:ac2:43c4:0:b0:4f8:5f32:b1da with SMTP id u4-20020ac243c4000000b004f85f32b1damr515861lfl.24.1689234966774; Thu, 13 Jul 2023 00:56:06 -0700 (PDT) MIME-Version: 1.0 References: <65f4c60a-9534-56dc-099f-ee7a96e0ccaf@redhat.com> In-Reply-To: <65f4c60a-9534-56dc-099f-ee7a96e0ccaf@redhat.com> X-Google-Sender-Delegation: cl1ntlov3@gmail.com From: linke li Date: Thu, 13 Jul 2023 15:55:55 +0800 X-Google-Sender-Auth: mLUbCrxKcTjFCSMauTl1sicDTA0 Message-ID: Subject: Re: [PATCH] hugetlbfs: Fix integer overflow check in hugetlbfs_file_mmap() To: David Hildenbrand Cc: Linke Li , linux-mm@kvack.org, llvm@lists.linux.dev, linux-kernel@vger.kernel.org, trix@redhat.com, ndesaulniers@google.com, nathan@kernel.org, muchun.song@linux.dev, mike.kravetz@oracle.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: D2F61180005 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: 7k5e3r4hd75b1n1xn7y5r3y18rmi35wq X-HE-Tag: 1689234968-84652 X-HE-Meta: U2FsdGVkX1/GKdAeN3rr3yohtRcPxAZ1vUeHVqPqth9SD+R8PqndcjdRO2Gz7bYohHhWktFugjbYcPyaq4wBPU9eGjeJk4skhWFvVnwCRONLdSVueSDbRZk9QE90C4kZpetQcuuVJQcnPGETQu3CtZCamP7aN8lJKlEmAnSWFAgeplu3jNjh3hU/4mx2zuYvU7z6h/hSi7t550K+pJQByy2cohMGwayJMnX10kDtrq4712Im/GoHb3hV8TcWyGU/WEC9I/kZUiYAzQ95Qv9OypgbN5slKROLPWyDTPb1NxXaDzW0Sq5VgkJkH1Oo9Ola4uncvqluH6veVJ0MVmT4Ub7oqiMqNbSf5sfNb1QpxaW5WhxKNDUM9HeUTlRWr2cODqDCVdDNeIsq81Oh9ZDXHE0tITUqbqKPZx77FWLO3ia0s8UKYgWztSk5rfTBI9Af5V86xwMKutOA2dh9AbJA2WeN2apRzL5SNXIrwJfNQAnzuwoPNuB3qzS3fk8DZC9+txkLbUP0CuXDHez3nrUNy4bFJHh+sISmCmlsJoQCcFMbpnuf6E50zXqO+wXKy/iFLsJJwQTmCZf++bzlNJYl/DggxE0iUaUjMQDHe4CDFAUv36qL+PNBwoCiMkJqwWjuq+30DPgOjQ3DFQLva3nc8cYPmc59HLhmJKmTXa84asOn5c0UQwKWCFEHrk5xo0TdQYPZF9Ol0I9Y93VLO5+8ZRiqh68OhkKUqfU+kCloK2X2mJyjwCMeyBJfv5uNpiuplyZNrswInkKizlvm7uDqSaKwyOu40UIUbg4DqeSrQKNzT9WkNx4zGGzjvqi+ug3ihNdTnQHaj4Xtubz3H8aPHQb325ifWzOkAvqYm8Y9dTbM3WXQjDJfNqEsD60HRpmDl52by1N235ntEAr+qHyc7+1jL2qNtbfZ20UrIoPfLe9m9Yfi9IpNb/Xier6ZXfCjS7ZcTRCn7piCl35h2cu BLB+0sZV Ch2SaQQonEvHEdA0Bpw5oMhTY7+6PaxiziRan++E6leP4fBzOKMfp5sy9oX20C6fcW1l3cwTXcCQDM0l1fDBB4SAjuafBDeLwLq9PhjoaTl6CKQ6fogF9Azu9fdOlUTMztGysYfzWRJraeyJuSlfpCJh9jaxjj/yATshT6WCoaN3UcvCSSfuVR1JGyOlwFAptAfJ8DeUtTiWrCm3xLexHvLsAQfxz2pKwCvNR/7erD2Xf+hQjhqhucUUYjr8mG4EINKCTHI9EFBf9eJYi60gwRjygO0iC6XTebq8MgkCoL86qjJJe2FXMzbH7W1jYhlJ9R3jd+Gw4i2oKW+T+2peq3/Pz41Si0NxAe3t2Ob0uNDuuyT0drpdCGb6iOoCLkmdaOBsvrxf+hPzBAZ0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000391, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: > So we're adding code to handle eventual future compiler bugs? That sounds > wrong, but maybe I misunderstood the problem you are trying to solve? Sorry for not making it clear. My focus is the presence of undefined behavior in kernel code. Compilers can generate any code for undefined behavior and compiler developers will not take this as compiler bugs. In my option, kernel should not have undefined behavior. I double check this patch, this patch can not solve this issue well. I am considering a new patch below. The new patch do overflow check before the addition operation. ``` --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -155,10 +155,10 @@ static int hugetlbfs_file_mmap(struct file *file, struct vm_area_struct *vma) return -EINVAL; vma_len = (loff_t)(vma->vm_end - vma->vm_start); - len = vma_len + ((loff_t)vma->vm_pgoff << PAGE_SHIFT); /* check for overflow */ - if (len < vma_len) + if (vma_len > LLONG_MAX - ((loff_t)vma->vm_pgoff << PAGE_SHIFT)) return -EINVAL; + len = vma_len + ((loff_t)vma->vm_pgoff << PAGE_SHIFT); ```