From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E7C7BC77B75
	for <linux-mm@archiver.kernel.org>; Fri,  5 May 2023 20:05:53 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 54FFE6B0075; Fri,  5 May 2023 16:05:53 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 500376B0078; Fri,  5 May 2023 16:05:53 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 3EF506B007B; Fri,  5 May 2023 16:05:53 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from mail-wm1-f51.google.com (mail-wm1-f51.google.com [209.85.128.51])
	by kanga.kvack.org (Postfix) with ESMTP id 1CF746B0075
	for <linux-mm@kvack.org>; Fri,  5 May 2023 16:05:53 -0400 (EDT)
Received: by mail-wm1-f51.google.com with SMTP id 5b1f17b1804b1-3f1950f5676so22417665e9.3
        for <linux-mm@kvack.org>; Fri, 05 May 2023 13:05:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1683317152; x=1685909152;
        h=in-reply-to:content-transfer-encoding:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date:from:to
         :cc:subject:date:message-id:reply-to;
        bh=yP9r9mDM9WdFGhduU4Yl40z1NCuUSJpoJeK3sonvQxk=;
        b=wipYxJtSemzwq4THsWrazZMi5xORgfo44qxjB4B16ICvxNlLtglZxX2u/sO7geeoOV
         2LYBzoe3iUi/3T41hPU07g4gLc1N7T6VFbfc/v9gxMiiMZjOxtLYatvQhB4WqGwUIEuu
         m3r/vekcX+m6jkL/Bnf0tmR7eyeTBrewEoPs/wXlH7Fse1j926O5iJER4wLi7wBsUqL6
         oNgzouHtGKn9TrsUY2NZJiYg89icivo6CLBW9Pb5QQDZHcyYO1EMdzXjToM7EnkO0k8i
         nbLjXOdu2X/+HSW42J1F2DyoIRix2wdFP1iVPo8ZmNM/l7T5PqzZq0PgLmTiKbt/OgV0
         DYkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1683317152; x=1685909152;
        h=in-reply-to:content-transfer-encoding:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=yP9r9mDM9WdFGhduU4Yl40z1NCuUSJpoJeK3sonvQxk=;
        b=WDqcxhzvNpaOZz3xIJzDCpfzTD/qzCeqZId11G3C6mpGZOsqxLLutIQL9v8RszfJZd
         Bjc0BAmpA4iZSt2mt+b8HdkgDNBYZEuiF6spLRVrKCu+zLSgFQTa5mECmAnImJJDOKza
         wx8sHnBgcOQt9bUj57GzbNAyX9Vwm4CmmS/owN4oNwgEmi+mWSczL540uBMDX/bp6flN
         +A8GUPNBWem0SC86Y+3Rw5S+LxBjX73JLJDDZffxe5Jj7JFMY5zT+oSyr63wbLSto6oY
         8uBZUONSv+TdJJT7nIxcDA7uGIUWjLFWyTYOic4md+vUjZ0/zqflkIz2eN0KGk5n/lT3
         Rizw==
X-Gm-Message-State: AC+VfDzH8ZQ3HhIwMHj1ceJihQlWNAXTEHoEZNbL4DXAlrVJo0T5k48F
	seu7WI3USfaUnwTN7L70bVlilQ==
X-Google-Smtp-Source: ACHHUZ5ZgmiS1z4UTxm5+ezavWTch1wKuPaimT7fea7wt1h7Y2tn/A6Typ/2RsdF1XUIu07ORECoLg==
X-Received: by 2002:a05:600c:364b:b0:3f1:8af9:55ae with SMTP id y11-20020a05600c364b00b003f18af955aemr1959450wmq.18.1683317152379;
        Fri, 05 May 2023 13:05:52 -0700 (PDT)
Received: from localhost ([102.36.222.112])
        by smtp.gmail.com with ESMTPSA id z10-20020a05600c220a00b003f17122587bsm8946347wml.36.2023.05.05.13.05.48
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 05 May 2023 13:05:50 -0700 (PDT)
Date: Fri, 5 May 2023 23:05:42 +0300
From: Dan Carpenter <dan.carpenter@linaro.org>
To: Nhat Pham <nphamcs@gmail.com>
Cc: linux-mm@kvack.org
Subject: Re: [bug report] cachestat: implement cachestat syscall
Message-ID: <dbbc5033-6c99-40be-a018-f8293ccf3081@kili.mountain>
References: <bd163947-c261-423a-9bc1-e2ce6c05b56c@kili.mountain>
 <CAKEwX=OZ6GO_u8QZC9Kd-CAyS8JeUK5SXcOxnFRHtKw6ZgFaCQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAKEwX=OZ6GO_u8QZC9Kd-CAyS8JeUK5SXcOxnFRHtKw6ZgFaCQ@mail.gmail.com>
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, May 05, 2023 at 09:27:49AM -0700, Nhat Pham wrote:
> On Fri, May 5, 2023 at 1:44 AM Dan Carpenter <dan.carpenter@linaro.org> wrote:
> >
> > Hello Nhat Pham,
> >
> > The patch 5c289a59b1d0: "cachestat: implement cachestat syscall" from
> > May 2, 2023, leads to the following Smatch static checker warning:
> >
> >         mm/filemap.c:4282 __do_sys_cachestat()
> >         warn: potential integer overflow from user (local copy) 'csr.off + csr.len'
> >
> > mm/filemap.c
> >   4250  SYSCALL_DEFINE4(cachestat, unsigned int, fd,
> >   4251                  struct cachestat_range __user *, cstat_range,
> >   4252                  struct cachestat __user *, cstat, unsigned int, flags)
> >   4253  {
> >   4254          struct fd f = fdget(fd);
> >   4255          struct address_space *mapping;
> >   4256          struct cachestat_range csr;
> >   4257          struct cachestat cs;
> >   4258          pgoff_t first_index, last_index;
> >   4259
> >   4260          if (!f.file)
> >   4261                  return -EBADF;
> >   4262
> >   4263          if (copy_from_user(&csr, cstat_range,
> >
> > csr comes from the user.
> >
> >   4264                          sizeof(struct cachestat_range))) {
> >   4265                  fdput(f);
> >   4266                  return -EFAULT;
> >   4267          }
> >   4268
> >   4269          /* hugetlbfs is not supported */
> >   4270          if (is_file_hugepages(f.file)) {
> >   4271                  fdput(f);
> >   4272                  return -EOPNOTSUPP;
> >   4273          }
> >   4274
> >   4275          if (flags != 0) {
> >   4276                  fdput(f);
> >   4277                  return -EINVAL;
> >   4278          }
> >   4279
> >   4280          first_index = csr.off >> PAGE_SHIFT;
> >   4281          last_index =
> >   4282                  csr.len == 0 ? ULONG_MAX : (csr.off + csr.len - 1) >> PAGE_SHIFT;
> >                                                     ^^^^^^^^^^^^^^^^^^^^^^
> > This can integer overflow.   Do we need some checking to ensure that
> > first_index < last_index?
> 
> If first_index < last_index, it won't crash. The folio walk won't do
> anything, so the user will just receive all-zeros stats. I think this
> is fine.
> 
> Is there anything I could do to make the checker happy? :)
> 

No.  I can't this release check because it's so often a situation like
this where the integer overflow is harmless.  Reading this code, I
was pretty sure that filemap_cachestat() would turn into a no-op as you
say however it seemed worth checking given that the code is new.

regards,
dan carpenter