Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp726801imm; Thu, 13 Sep 2018 06:54:34 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZ2SWAxXuNsBmxp1z+O/pPKndQE1AerTHJACrcQdiNqShqrtAg9DnB0UfvcLBEZZWG7do/n X-Received: by 2002:a17:902:6501:: with SMTP id b1-v6mr7517713plk.31.1536846874248; Thu, 13 Sep 2018 06:54:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536846874; cv=none; d=google.com; s=arc-20160816; b=TJWHtX4WwdB6rcEgMblLK2JHoz21l5vBhWu3uGiGfHo4fLMQPMJpF5raPOLFuamwFB FU+didlXYEaAmVwVC9hJsUYwqDP6KQsX/xkyC9aTLF1TpMFaPP8k3bWAjljFodc8jCbv YegCnXqtdpbl7F4tkgrVBdWD+vOf0Kv8lhSp3q8L2plM8pMPyjfz448s9rwwaAVd6xH1 YpgyinzE0XGVziGDvqxk9IyPmbne2YHcmN1dBVqR/ZEwrH3ZykEf5QthVg/TzOOkZvIu 1YZuoPxq8SWveobv4VZrF7BsmXAYgRqKJxxzispyZj2tj9diqGRhfzGpm4AuhRF6p5fQ G6xQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from; bh=Snyo6zehR6ukq+0qoJ2LahrSwWe6Olvgeft3pv0P810=; b=wy8055CpBH9Y8qW6FNRLPMj6hK1U6uVu24jlNergJzyypdRsTo4I/14q+MZvUTi4Ux yK5Dn3pL2Lc8VU1LEWB66n/bh/e5GRt0gPWqy92pkHLHknziqITQKqF3WA2vEaaryz// 6aplSSW0IfzsFlUYNLWSjF2/CE9NDGpU9tuAbAq1S42SPAawBf3XkDcCgNbOl5XjuXlE vs5XVcJVZFRXh9J8jM6Gqobw5ktRXgJnZXSFMnhaAYTSEb3xdV+iNhyNwH+8QKKip9m0 o7ynw3dPqUnMzY5OTV+QVRrScAYOfB36G1M26ulwV17CjgruEjqwLI8QfhMXS5iIYKyj OSzw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y67-v6si4035778pfa.47.2018.09.13.06.54.18; Thu, 13 Sep 2018 06:54:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730717AbeIMTDu (ORCPT + 99 others); Thu, 13 Sep 2018 15:03:50 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:33776 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727644AbeIMTDt (ORCPT ); Thu, 13 Sep 2018 15:03:49 -0400 Received: from localhost (ip-213-127-77-73.ip.prioritytelecom.net [213.127.77.73]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id C8B02D10; Thu, 13 Sep 2018 13:54:13 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Andrey Ryabinin , icytxw@gmail.com, Andrew Morton , Alexander Potapenko , Dmitry Vyukov , Linus Torvalds , Sasha Levin Subject: [PATCH 4.18 059/197] mm/fadvise.c: fix signed overflow UBSAN complaint Date: Thu, 13 Sep 2018 15:30:08 +0200 Message-Id: <20180913131843.885444839@linuxfoundation.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20180913131841.568116777@linuxfoundation.org> References: <20180913131841.568116777@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.18-stable review patch. If anyone has any objections, please let me know. ------------------ From: Andrey Ryabinin [ Upstream commit a718e28f538441a3b6612da9ff226973376cdf0f ] Signed integer overflow is undefined according to the C standard. The overflow in ksys_fadvise64_64() is deliberate, but since it is signed overflow, UBSAN complains: UBSAN: Undefined behaviour in mm/fadvise.c:76:10 signed integer overflow: 4 + 9223372036854775805 cannot be represented in type 'long long int' Use unsigned types to do math. Unsigned overflow is defined so UBSAN will not complain about it. This patch doesn't change generated code. [akpm@linux-foundation.org: add comment explaining the casts] Link: http://lkml.kernel.org/r/20180629184453.7614-1-aryabinin@virtuozzo.com Signed-off-by: Andrey Ryabinin Reported-by: Reviewed-by: Andrew Morton Cc: Alexander Potapenko Cc: Dmitry Vyukov Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- mm/fadvise.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) --- a/mm/fadvise.c +++ b/mm/fadvise.c @@ -72,8 +72,12 @@ int ksys_fadvise64_64(int fd, loff_t off goto out; } - /* Careful about overflows. Len == 0 means "as much as possible" */ - endbyte = offset + len; + /* + * Careful about overflows. Len == 0 means "as much as possible". Use + * unsigned math because signed overflows are undefined and UBSan + * complains. + */ + endbyte = (u64)offset + (u64)len; if (!len || endbyte < len) endbyte = -1; else