From: Dan Carpenter <dan.carpenter@oracle.com>
To: Arnd Bergmann <arnd@kernel.org>
Cc: Nicolas Saenz Julienne <nsaenz@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Arnd Bergmann <arnd@arndb.de>,
Stefan Wahren <stefan.wahren@i2se.com>,
Ojaswin Mujoo <ojaswin98@gmail.com>,
Phil Elwell <phil@raspberrypi.com>,
Amarjargal Gundjalam <amarjargal16@gmail.com>,
bcm-kernel-feedback-list@broadcom.com,
linux-rpi-kernel@lists.infradead.org,
linux-arm-kernel@lists.infradead.org,
linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] staging: vc04_services: shut up out-of-range warning
Date: Mon, 27 Sep 2021 15:26:58 +0300 [thread overview]
Message-ID: <20210927122658.GF2048@kadam> (raw)
In-Reply-To: <20210927113702.3866843-1-arnd@kernel.org>
On Mon, Sep 27, 2021 at 01:36:56PM +0200, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@arndb.de>
>
> The comparison against SIZE_MAX produces a harmless warning on 64-bit
> architectures:
>
> drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:185:16: error: result of comparison of constant 419244183493398898 with expression of type 'unsigned int' is always false [-Werror,-Wtautological-constant-out-of-range-compare]
> if (num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> ~~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Shut up that warning by adding a cast to a longer type.
>
> Fixes: ca641bae6da9 ("staging: vc04_services: prevent integer overflow in create_pagelist()")
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> ---
> drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
> index b25369a13452..967f10b9582a 100644
> --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
> +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
> @@ -182,7 +182,7 @@ create_pagelist(char *buf, char __user *ubuf,
> offset = (uintptr_t)ubuf & (PAGE_SIZE - 1);
> num_pages = DIV_ROUND_UP(count + offset, PAGE_SIZE);
>
> - if (num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> + if ((size_t)num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> sizeof(struct vchiq_pagelist_info)) /
> (sizeof(u32) + sizeof(pages[0]) +
> sizeof(struct scatterlist)))
The temptation would be to declare "num_pages" as size_t instead of
adding this cost. But then something will complain about the
"pagelistinfo->num_pages = num_pages;" assignment because
"pagelistinfo->num_pages" is a u32.
The next temptation is to change the SIZE_MAX to UINT_MAX. I didn't
do that originally because I can't test this and I was trying not to
break things... We probably still don't want to break things, but maybe
there is someone who is more familiar with this who knows if UINT_MAX is
okay?
regards,
dan carpenter
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: Arnd Bergmann <arnd@kernel.org>
Cc: Nicolas Saenz Julienne <nsaenz@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Arnd Bergmann <arnd@arndb.de>,
Stefan Wahren <stefan.wahren@i2se.com>,
Ojaswin Mujoo <ojaswin98@gmail.com>,
Phil Elwell <phil@raspberrypi.com>,
Amarjargal Gundjalam <amarjargal16@gmail.com>,
bcm-kernel-feedback-list@broadcom.com,
linux-rpi-kernel@lists.infradead.org,
linux-arm-kernel@lists.infradead.org,
linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] staging: vc04_services: shut up out-of-range warning
Date: Mon, 27 Sep 2021 15:26:58 +0300 [thread overview]
Message-ID: <20210927122658.GF2048@kadam> (raw)
In-Reply-To: <20210927113702.3866843-1-arnd@kernel.org>
On Mon, Sep 27, 2021 at 01:36:56PM +0200, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@arndb.de>
>
> The comparison against SIZE_MAX produces a harmless warning on 64-bit
> architectures:
>
> drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:185:16: error: result of comparison of constant 419244183493398898 with expression of type 'unsigned int' is always false [-Werror,-Wtautological-constant-out-of-range-compare]
> if (num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> ~~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Shut up that warning by adding a cast to a longer type.
>
> Fixes: ca641bae6da9 ("staging: vc04_services: prevent integer overflow in create_pagelist()")
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> ---
> drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
> index b25369a13452..967f10b9582a 100644
> --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
> +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
> @@ -182,7 +182,7 @@ create_pagelist(char *buf, char __user *ubuf,
> offset = (uintptr_t)ubuf & (PAGE_SIZE - 1);
> num_pages = DIV_ROUND_UP(count + offset, PAGE_SIZE);
>
> - if (num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> + if ((size_t)num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> sizeof(struct vchiq_pagelist_info)) /
> (sizeof(u32) + sizeof(pages[0]) +
> sizeof(struct scatterlist)))
The temptation would be to declare "num_pages" as size_t instead of
adding this cost. But then something will complain about the
"pagelistinfo->num_pages = num_pages;" assignment because
"pagelistinfo->num_pages" is a u32.
The next temptation is to change the SIZE_MAX to UINT_MAX. I didn't
do that originally because I can't test this and I was trying not to
break things... We probably still don't want to break things, but maybe
there is someone who is more familiar with this who knows if UINT_MAX is
okay?
regards,
dan carpenter
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-09-27 12:27 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-27 11:36 [PATCH] staging: vc04_services: shut up out-of-range warning Arnd Bergmann
2021-09-27 11:36 ` Arnd Bergmann
2021-09-27 12:26 ` Dan Carpenter [this message]
2021-09-27 12:26 ` Dan Carpenter
2021-09-27 13:21 ` Phil Elwell
2021-09-27 13:21 ` Phil Elwell
2021-09-27 20:37 ` Arnd Bergmann
2021-09-27 20:37 ` Arnd Bergmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210927122658.GF2048@kadam \
--to=dan.carpenter@oracle.com \
--cc=amarjargal16@gmail.com \
--cc=arnd@arndb.de \
--cc=arnd@kernel.org \
--cc=bcm-kernel-feedback-list@broadcom.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rpi-kernel@lists.infradead.org \
--cc=linux-staging@lists.linux.dev \
--cc=nsaenz@kernel.org \
--cc=ojaswin98@gmail.com \
--cc=phil@raspberrypi.com \
--cc=stefan.wahren@i2se.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.