From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6F3F2C36000 for ; Thu, 20 Mar 2025 09:12:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5A2B1280002; Thu, 20 Mar 2025 05:12:42 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 55293280001; Thu, 20 Mar 2025 05:12:42 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 41AEF280002; Thu, 20 Mar 2025 05:12:42 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 275AE280001 for ; Thu, 20 Mar 2025 05:12:42 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 246E4AB7DD for ; Thu, 20 Mar 2025 09:12:43 +0000 (UTC) X-FDA: 83241364206.27.0ACA996 Received: from mail-gw02.astralinux.ru (mail-gw02.astralinux.ru [195.16.41.108]) by imf28.hostedemail.com (Postfix) with ESMTP id 0A49EC0004 for ; Thu, 20 Mar 2025 09:12:39 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf28.hostedemail.com: domain of abelova@astralinux.ru designates 195.16.41.108 as permitted sender) smtp.mailfrom=abelova@astralinux.ru ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1742461960; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=urymeNAGjDo2U2Kz2IG2Ibj05Ksb1xU1pRbxWufGU6s=; b=Alj3L48LEBp4Lf6QqfQZLhyPRQdajJOwuBkvqWe9wv0FNmIvwRvJ5vvnEN4/g2oV9KtXbG 9pD8ozmoWx+3Pg6SSm5HZvtsA0sZG4YyhNCF+LE3k5iy8vzgPKJ3UhC8JnhEy1K0OxodQm s9kOH593pTCKyeSj5LXuXPpyGMbAOQ4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1742461960; a=rsa-sha256; cv=none; b=yD7LCUyewDGWKtr+CnoJ+hj7+yxmE8aKBjai/l3GwkbTBbNvTfReKxu3PGyQKE8kbSanu5 BpsZIwFwee2nKdGTglWqEU0sef658vgmWaAQ7A4jzPqmkQmLeJ9XkfC1LbA8kcfycOb6+l 9EZ2Mgt0kazaCyaXDJzs6j3taGULuGc= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf28.hostedemail.com: domain of abelova@astralinux.ru designates 195.16.41.108 as permitted sender) smtp.mailfrom=abelova@astralinux.ru Received: from gca-msk-a-srv-ksmg02.astralinux.ru (localhost [127.0.0.1]) by mail-gw02.astralinux.ru (Postfix) with ESMTP id D15781F45B; Thu, 20 Mar 2025 12:12:36 +0300 (MSK) Received: from new-mail.astralinux.ru (gca-yc-ruca-srv-mail04.astralinux.ru [10.177.185.109]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail-gw02.astralinux.ru (Postfix) with ESMTPS; Thu, 20 Mar 2025 12:12:35 +0300 (MSK) Received: from [10.177.20.124] (unknown [10.177.20.124]) by new-mail.astralinux.ru (Postfix) with ESMTPA id 4ZJKbj6gJ6zkX0x; Thu, 20 Mar 2025 12:12:33 +0300 (MSK) Message-ID: Date: Thu, 20 Mar 2025 12:12:27 +0300 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] mm/zsmalloc: prevent integer overflow in obj_free To: Sergey Senozhatsky Cc: Minchan Kim , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org References: <20250313115147.47418-1-abelova@astralinux.ru> Content-Language: ru From: Anastasia Belova In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-KSMG-AntiPhishing: NotDetected X-KSMG-AntiSpam-Auth: dkim=none X-KSMG-AntiSpam-Envelope-From: abelova@astralinux.ru X-KSMG-AntiSpam-Info: LuaCore: 51 0.3.51 68896fb0083a027476849bf400a331a2d5d94398, {Tracking_arrow_text}, {Tracking_from_domain_doesnt_match_to}, 127.0.0.199:7.1.2;new-mail.astralinux.ru:7.1.1;d41d8cd98f00b204e9800998ecf8427e.com:7.1.1;astralinux.ru:7.1.1, FromAlignment: s X-KSMG-AntiSpam-Interceptor-Info: scan successful X-KSMG-AntiSpam-Lua-Profiles: 191963 [Mar 20 2025] X-KSMG-AntiSpam-Method: none X-KSMG-AntiSpam-Rate: 0 X-KSMG-AntiSpam-Status: not_detected X-KSMG-AntiSpam-Version: 6.1.1.11 X-KSMG-AntiVirus: Kaspersky Secure Mail Gateway, version 2.1.0.7854, bases: 2025/03/20 06:25:00 #27805285 X-KSMG-AntiVirus-Status: NotDetected, skipped X-KSMG-LinksScanning: NotDetected X-KSMG-Message-Action: skipped X-KSMG-Rule-ID: 1 X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 0A49EC0004 X-Stat-Signature: awrkgwiioc8fq79u1qn59wqhq97prcje X-HE-Tag: 1742461959-613230 X-HE-Meta: U2FsdGVkX18pzuf5Daqm1+QWKF1SqdyxdeAyImMixddk5SyU52OMyH5sqQ6NW41sEs9TnPI3fmMt6sc4IZt47wnNluuDEDKTHAxfxVLhl/0u3KgSrtsHbmI4JbRO0+RHzPUB5c1MW3S+s0P55C3w+Xz9LgJ78tOimIMeq1bNZwtsTadExF9PvW1ZfVYpr5EIdk3AUcnfTObUKdwhd1dOeSn1mHeozYLT0fZlj3OgTnz5jEn4x5x7pWosFrBSHT1P+X2EaI3X6xd0MEyKFB3hkjoTr+LrBztOEDS4RjPSswym+mrZ9OAs42M2MZETFbN+bAkKr8GtYUOquo1doiueDNq4v0Lbg7L+a9XvBUBnQrRTlPNAstuXyW3nhG3QsgLgA6AnqEbtlP1ss2TFnOLvuUk5CsuiYfYLnG6PexVY/GJ1qRNvU+pKgfPSjavyCSCKuKicrsiT99+epoQ8cZTl6GtPIQBUYoQdct4VNbdUUUeqhV75iI35O2xV+9DADQ9ORmZTW/KCFgZ40RdfPmDN5UKbtkS1j4tt+eRnKx05uWLUSqta+GcYtNjSgWByHM2PeyuFH53gK8/64PQFhP0DnyNaMnuNK38GOeWi3qRu/RLLxa63+MOayQj7eytv2P43CzH2F34TGBiv2RhZ9obE3DvpwnwwlBhf0q1lknCGDUTQ59CItd6jjbwjXRT6AMmrVzPEzCKah79ouLmp20d/clRwlNlGCvhi8LjyjOtZf9+KilsopbCJevCwLyuWFxVt3ptCs7wVg2CnktnpZ9Mx0HN5DtI5vuZL4FTwH/gjV0ondAXzS9Doy9fXfTa8P5hxhzdCnS0jEq6txoPackmQKwmRzKDZQUGlDtgTVWc572wx2J0TKtrFvEvWCSI+fol44FMGLNIKjmIKEi6zzuSVKAcCBuuV5M3r85cTBLPyZQid/QxtKeWB1qBt+mRPIjmuZQGPTJI2XXVefFtljJy 7NbXChD+ wmVik5hAY/vOMCovCL63LAW7oJNPZ1/xNNIJaqKwU2LLFQ2Y16OY1Lksd0hzkmWDUliKakESRuJ/+sm/oE0aiisHwr0jX6nazCmZu58tRLOpH8yzW4boFd224hSN+pHHpqytJXQ33ouX3q8jiUxqMduFXCgsxbmiSoio/tmuInOR8MkUJPycI0UpztmiU1/PV4+xhClt1gW/ssVCla8Gz3Bt5OC0H16AVssujlKLSp3FuLIKjKAgKa2vAKj+uHMsfnOECSkzYBuXnR70az4bGwFOF5Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.019353, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 3/13/25 5:42 PM, Sergey Senozhatsky wrote: > On (25/03/13 14:51), Anastasia Belova wrote: >> The result of multiplication of class_size and f_objidx >> may not fit unsigned integer. Add explicit casting to >> unsigned long to prevent integer overflow. > I can't see how this can be possible. Neither size_class nor > object idx can take values to cause mul overflow. object index may be up to OBJ_INDEX_MASK = ((_AC(1, UL) << OBJ_INDEX_BITS) - 1) = ((_AC(1, UL) << PAGE_SHIFT) - 1) class_size may be up to ZS_MAX_ALLOC_SIZE = PAGE_SIZE. If address (and unsigned long) is 64-bit, the result of multiplication won't fit 32-bit integer. Please correct me if I'm wrong. Best regards, Anastasia Belova