Received: by 10.213.65.68 with SMTP id h4csp528557imn;
        Fri, 30 Mar 2018 10:05:24 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+5fpUnGyfS24fpHmm8vizzTmDhAyMiDrhCpTQmCLbJQLqL2IbWGS/XifcbsgoF31Bvqhga
X-Received: by 10.99.117.86 with SMTP id f22mr8800601pgn.180.1522429524638;
        Fri, 30 Mar 2018 10:05:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522429524; cv=none;
        d=google.com; s=arc-20160816;
        b=n8XDNMStDqRg36kMN8+oam7E9ULdjmUnjH8Rb1uajCa7uu1mr42/qsTvXWGeqsXcZ6
         Jbq4+adr66SHj+XgG69p8v3yNDri/p1JlHbqwCmFeZB0ZzZAiKzV4QIKwTkalgIRueo3
         sWBLdAyD2RlbiOkkmgL9aW3IgzF361cj0b9DZ3978vbQ6IgGE4vGBp52ElhdNpJcDF3u
         gxbwqX6wKYDDI9mKBlLfAEFJD7KSXqoOJ6VGFfWmqB74DSfT3+oqweiLXZDwL3rC+0Hw
         XL8L6AU29NbD4Z6wb8lIL8hFfT+gsUmjKIo5Jal08xfMyrxwSkOrrp1e3zEljEoaSFCW
         jPVw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=hQr0JpfO5sqYfOd7K/CM4JKMtpNUO7BS2MHOPxhai8I=;
        b=f7V3HRHEG0Ho8A+JyMwX367ON1tW7P9RWFj7kbQPz+8rTHPryb/Mqb5gbSW2ld9TN2
         nT7/j7zLeS9Bhs/dcKcs8rfymIgPT/Wu+wmxjK8TGsJyPPaIRWicNwILZpUHLGkmRwM/
         cljpbJ0kmJe7AoYEoloKxLe0tq6aJkEr3UPkgnTYG3BulfWIU8ge5t2Dv0CQlxS1dg1L
         P9Eiuvm5Uf4mu5/BhyV7QaVpmMWOfr2BwyKWCv1/lBgluJbBZijz2Ll7SRiwGF4730Qm
         wQKwKEGq8yrCLa22d8WuquGfiRrigp44RPyhEKaalAjOtgkrGLZxh1Zi+8VZrPhiyQQk
         QO8w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=D0kKWHzY;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f5si5660543pgv.668.2018.03.30.10.05.09;
        Fri, 30 Mar 2018 10:05:24 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=D0kKWHzY;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752048AbeC3RD7 (ORCPT <rfc822;chenl.lei@gmail.com> + 99 others);
        Fri, 30 Mar 2018 13:03:59 -0400
Received: from userp2120.oracle.com ([156.151.31.85]:43302 "EHLO
        userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751215AbeC3RD5 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 30 Mar 2018 13:03:57 -0400
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1])
        by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w2UEivv2035183;
        Fri, 30 Mar 2018 14:54:14 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2017-10-26;
 bh=hQr0JpfO5sqYfOd7K/CM4JKMtpNUO7BS2MHOPxhai8I=;
 b=D0kKWHzYIKuPq22EKl9MgZVsNRjMv6a/LBBN5mSShsnix/tAyLm1wdlnRu+gQ1Uph7h8
 GKBBYHRKjtMwOr8mublE1pyNaSHy9AiFV0QYhccsjlTsD4wdOpxz3/84I6nS0Pav9+35
 aiwGoosej0ca7wRuDYL7NUCZNLE2qQsjsmCFOzrQnDe1LSjlK/6fYVRCLeFxklbXT2mj
 tLcsKe3a7UFzu0HIpbhHRZRmF48ArKUiU75nxB/r181cWNsR/HzykbssGGWFdlpkt6e2
 W0hkjo4St/aBi7Xh6RK/GycrcgOKJ41pz/I9y9Qyv3yoztgpD3or+YPD1Y8KRP/YNnZ4 Pw== 
Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234])
        by userp2120.oracle.com with ESMTP id 2h1q99r13c-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Fri, 30 Mar 2018 14:54:14 +0000
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236])
        by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w2UEsDnn032072
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Fri, 30 Mar 2018 14:54:13 GMT
Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10])
        by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w2UEsBZY014498;
        Fri, 30 Mar 2018 14:54:12 GMT
Received: from monkey.oracle.com (/98.246.252.205)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Fri, 30 Mar 2018 07:54:11 -0700
From:   Mike Kravetz <mike.kravetz@oracle.com>
To:     linux-mm@kvack.org, linux-kernel@vger.kernel.org
Cc:     Michal Hocko <mhocko@kernel.org>,
        Yisheng Xie <xieyisheng1@huawei.com>,
        "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
        Nic Losby <blurbdust@gmail.com>, Dan Rue <dan.rue@linaro.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Mike Kravetz <mike.kravetz@oracle.com>, stable@vger.kernel.org
Subject: [PATCH v2] hugetlbfs: fix bug in pgoff overflow checking
Date:   Fri, 30 Mar 2018 07:54:02 -0700
Message-Id: <20180330145402.5053-1-mike.kravetz@oracle.com>
X-Mailer: git-send-email 2.13.6
In-Reply-To: <20180329041656.19691-1-mike.kravetz@oracle.com>
References: <20180329041656.19691-1-mike.kravetz@oracle.com>
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8847 signatures=668697
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1803300148
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This is a fix for a regression in 32 bit kernels caused by an
invalid check for pgoff overflow in hugetlbfs mmap setup.  The
check incorrectly specified that the size of a loff_t was the
same as the size of a long.  The regression prevents mapping
hugetlbfs files at offsets greater than 4GB on 32 bit kernels.

On 32 bit kernels conversion from a page based unsigned long can
not overflow a loff_t byte offset.  Therefore, skip this check
if sizeof(unsigned long) != sizeof(loff_t).

Fixes: 63489f8e8211 ("hugetlbfs: check for pgoff value overflow")
Cc: <stable@vger.kernel.org>
Reported-by: Dan Rue <dan.rue@linaro.org>
Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com>
---
 fs/hugetlbfs/inode.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
index b9a254dcc0e7..d508c7844681 100644
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -138,10 +138,14 @@ static int hugetlbfs_file_mmap(struct file *file, struct vm_area_struct *vma)
 
 	/*
 	 * page based offset in vm_pgoff could be sufficiently large to
-	 * overflow a (l)off_t when converted to byte offset.
+	 * overflow a loff_t when converted to byte offset.  This can
+	 * only happen on architectures where sizeof(loff_t) ==
+	 * sizeof(unsigned long).  So, only check in those instances.
 	 */
-	if (vma->vm_pgoff & PGOFF_LOFFT_MAX)
-		return -EINVAL;
+	if (sizeof(unsigned long) == sizeof(loff_t)) {
+		if (vma->vm_pgoff & PGOFF_LOFFT_MAX)
+			return -EINVAL;
+	}
 
 	/* must be huge page aligned */
 	if (vma->vm_pgoff & (~huge_page_mask(h) >> PAGE_SHIFT))
-- 
2.13.6