Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp319182pxb; Mon, 13 Sep 2021 20:33:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyNmN3hhnGGT7ZAXnEpgRSglh6M+MkhutsyOyyWC2la7n4rAdflj9f4fsTvXC1aXsQRJ13S X-Received: by 2002:a17:906:660b:: with SMTP id b11mr16835358ejp.427.1631590409018; Mon, 13 Sep 2021 20:33:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631590409; cv=none; d=google.com; s=arc-20160816; b=Z6mDcgO5FwfNE1kE5Y21RMF+Btudez0mJOzh0PMkxC0S+Nq9MszGV+vjQv7Y7DrUee lj6LTKXWXjerQe8PT1O5Q1sXl5WtuUm01kFKn3UbX8ymmYYn9u0nUISyHgRdcIZRQfke xGHffpOVRgDfpyFAiWMssY5Nxbmc5jaAqA2rNKsZQI60nVKvJImu1e0aqYBfMVXjP8fu MnvnPbfVErhVWbkbqWr/glkPHSkLu22IS1ZK478daStIHPxdPY7lHHr5d6/nN9YPcCrw phWjRa8Lqo+XtvaeaGQ5PQWzjWVr+1QKMqXht5QYaeS3smiry5oE/vsm0w9l6TW+hg0C AFiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=XZIR+OW7AmJfiUUZaovaqUuh5fl5BCbvBkZHwqEmM5s=; b=T6xXXdlZmDKoPIJIQ3OW8pKzOIz6k0dQmsZOCR+w67VIXBlziXTVJnjrFo6e395uEM INaTjFv2FXzsUl/mZ4L3JNdK94d3cxZetc6BL2nCf3YjI0w9eJq6tvHhJDiwpmeI8aGp LN3OJ+8T/25yJOBiftIR0tygK82ffmSamgk3LkBeGzsNF7YYLo2xfYAtcLGHYQLE6O3M 0/8H+XsKLfFSFv8jYBDehasd/bDZzOJiOuGEgcvEl5SNVuV63tzpQ0D0V0g+B3le9e/P ENqTO/+ftJjH3ySuRia6v5pjc0GvfwJ2B07F6JYaU5b2rlBBGQ9TeTO2kkHHZBvwT0X1 eqjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="oGsn/ceG"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w5si8859603edr.146.2021.09.13.20.33.05; Mon, 13 Sep 2021 20:33:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="oGsn/ceG"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238710AbhINDcS (ORCPT + 99 others); Mon, 13 Sep 2021 23:32:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55296 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238906AbhINDcS (ORCPT ); Mon, 13 Sep 2021 23:32:18 -0400 Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D8E6C061760 for ; Mon, 13 Sep 2021 20:31:01 -0700 (PDT) Received: by mail-lj1-x232.google.com with SMTP id s3so21066598ljp.11 for ; Mon, 13 Sep 2021 20:31:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=XZIR+OW7AmJfiUUZaovaqUuh5fl5BCbvBkZHwqEmM5s=; b=oGsn/ceGkKMWMj9f4jo/W14bJX9G+0Z/LiU08GQvTestqrH/T5OMHZPXh2zJfypSBw Y8dWSO1mhHMwDNvo09ttuwSEW1EFz9FMs4bjkrk2FAHdWeFCuh+YKsKoVDx9kYnB//Xc u8v5BIN+PcVwmpUj/PbYWKnNLiYdoiqzV1YJvoEzL10WDsrJ2wwdMF4T+kyrIHT4DgCb dCJZWkKbtLRxZoLiezKw8TlqXkptq9NyoLsRyTjEFgYANMF7DDJp0swD0VJ80rrRuxv8 BnQIvr6XdIz6qgS+ABNCFlYRKblIm7qXcPrMpDmTiV9ZPC/u6AUxVvZ2Dl7Ylon2JzcW HftA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=XZIR+OW7AmJfiUUZaovaqUuh5fl5BCbvBkZHwqEmM5s=; b=LqzO2PvnouuRjl6Z9QJ8NT7s5uyusdqZ/2lwYuUwr0+yi3q3nZFMN0vyscv5VoqtIC wskaSsuGjE+6k9lAvEPp+i0x8Vn5wp5Es4Ta6lX2UsYhWQiQCqOKdd7MScqnASznKXr6 um8oCeYNzrJ9JgszXIpDZf32OfCIZVCRPWQarC0NzwWELkgAQJNwwCdt827N+yOV5zGX DEMzSHRXHGSkmr1I68FzK+xx1s+9yqOdAGk5caEKNbyLnSybhESxBDJoqtPMGBXXu4rw cVQm67o6p6WL6fyeeqWd3Bsdon37Ox4RZE0+VWh6lSP5GxKQd9PNg+CG4iO5pX6CssXU BkFQ== X-Gm-Message-State: AOAM531CBnm3ZxDWW42mtjf1i5n3t8uOqA18+atCtx6sMqdD1chCzylz fsekXCrFWwUiCw3lZLI3eg5dCkMBxjnAaBW1n/pKDQ== X-Received: by 2002:a2e:8808:: with SMTP id x8mr13766486ljh.220.1631590259172; Mon, 13 Sep 2021 20:30:59 -0700 (PDT) MIME-Version: 1.0 References: <20210913131113.390368911@linuxfoundation.org> In-Reply-To: From: Nick Desaulniers Date: Mon, 13 Sep 2021 20:30:46 -0700 Message-ID: Subject: Re: [PATCH 5.14 018/334] nbd: add the check to prevent overflow in __nbd_ioctl() To: "libaokun (A)" Cc: Linus Torvalds , Arnd Bergmann , Sedat Dilek , Greg Kroah-Hartman , Naresh Kamboju , Nathan Chancellor , open list , linux-stable , Hulk Robot , Josef Bacik , Jens Axboe , Sasha Levin , clang-built-linux , lkft-triage@lists.linaro.org, llvm@lists.linux.dev, Kees Cook Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 13, 2021 at 7:13 PM libaokun (A) wrote: > > =E5=9C=A8 2021/9/14 7:23, Nick Desaulniers =E5=86=99=E9=81=93: > > On Mon, Sep 13, 2021 at 4:00 PM Linus Torvalds > > wrote: > >> On Mon, Sep 13, 2021 at 2:15 PM Nick Desaulniers > >> wrote: > >>> Sorry wrong diff: > >> Well, this second diff was seriously whitespace-damaged and hard to > >> read, but while it seems to be the same number of lines, it sure looks > >> a lot more readable in this format. > >> > >> Except I think that > >> > >> default: dividend / divisor); > >> > >> should really have parentheses around both of those macro arguments. > >> > >> That's a preexisting problem, but it should be fixed while at it. > > Ok, I'll send a revised v2 based on _Generic; Rasmus can help review > > when he's awake. > > > >> I'm also not sure why that (again, preexisting) BUILD_BUG_ON_MSG() > >> only checks the size of the dividend, not the divisor. Very strange. > >> But probably not worth worrying about. > > I sent a not-yet-applied diff of my not-yet-applied diff. I was > > playing with this last week, and IIRC we had divisors that were less > > than 32b being promoted to int. But I'll test it some more. > > How about deleting the check_mul_overflow in the __nbd_ioctl as follows? > > diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c > index 5170a630778d..f404e0540476 100644 > --- a/drivers/block/nbd.c > +++ b/drivers/block/nbd.c > @@ -1393,7 +1393,6 @@ static int __nbd_ioctl(struct block_device *bdev, > struct nbd_device *nbd, > unsigned int cmd, unsigned long arg) > { > struct nbd_config *config =3D nbd->config; > - loff_t bytesize; > > switch (cmd) { > case NBD_DISCONNECT: > @@ -1408,9 +1407,10 @@ static int __nbd_ioctl(struct block_device *bdev, > struct nbd_device *nbd, > case NBD_SET_SIZE: > return nbd_set_size(nbd, arg, config->blksize); > case NBD_SET_SIZE_BLOCKS: > - if (check_mul_overflow((loff_t)arg, config->blksize, > &bytesize)) > + if (arg && (LLONG_MAX / arg <=3D config->blksize)) > return -EINVAL; 64b division is going to need do_div(), yeah? Besides, this is likely to pop up again for other callers of check_mul_overflow(), might as well fix it. > - return nbd_set_size(nbd, bytesize, config->blksize); > + return nbd_set_size(nbd, arg * config->blksize, > + config->blksize); > case NBD_SET_TIMEOUT: > nbd_set_cmd_timeout(nbd, arg); > return 0; > -- > 2.31.1 > > -- > With Best Regards, > Baokun Li > > > --=20 Thanks, ~Nick Desaulniers