From: Jan Sokolowski <jan.sokolowski@intel.com>
To: linux-kernel@vger.kernel.org
Cc: "Jan Sokolowski" <jan.sokolowski@intel.com>,
"Christian König" <christian.koenig@amd.com>,
"Matthew Wilcox" <willy@infradead.org>,
"Andrew Morton" <akpm@linux-foundation.org>,
linux-fsdevel@vger.kernel.org, linux-mm@kvack.org
Subject: [RFC PATCH 1/1] idr: do not create idr if new id would be outside given range
Date: Thu, 27 Nov 2025 10:27:32 +0100 [thread overview]
Message-ID: <20251127092732.684959-2-jan.sokolowski@intel.com> (raw)
In-Reply-To: <20251127092732.684959-1-jan.sokolowski@intel.com>
A scenario was found where trying to add id in range 0,1
would return an id of 2, which is outside the range and thus
now what the user would expect.
Return -EINVAL if new id would fall outside the range.
Signed-off-by: Jan Sokolowski <jan.sokolowski@intel.com>
Cc: "Christian König" <christian.koenig@amd.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-fsdevel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-kernel@vger.kernel.org
---
lib/idr.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/lib/idr.c b/lib/idr.c
index e2adc457abb4..8c786e50f2da 100644
--- a/lib/idr.c
+++ b/lib/idr.c
@@ -74,6 +74,7 @@ EXPORT_SYMBOL_GPL(idr_alloc_u32);
* exclude simultaneous writers.
*
* Return: The newly allocated ID, -ENOMEM if memory allocation failed,
+ * -EINVAL is start value is less than 0 or if new id would be in wrong range,
* or -ENOSPC if no free IDs could be found.
*/
int idr_alloc(struct idr *idr, void *ptr, int start, int end, gfp_t gfp)
@@ -88,6 +89,11 @@ int idr_alloc(struct idr *idr, void *ptr, int start, int end, gfp_t gfp)
if (ret)
return ret;
+ if (WARN_ON_ONCE(id < start || (id >= end && end != 0))) {
+ idr_remove(idr, id);
+ return -EINVAL;
+ }
+
return id;
}
EXPORT_SYMBOL_GPL(idr_alloc);
@@ -112,6 +118,7 @@ EXPORT_SYMBOL_GPL(idr_alloc);
* exclude simultaneous writers.
*
* Return: The newly allocated ID, -ENOMEM if memory allocation failed,
+ * -EINVAL if new id would be in wrong range,
* or -ENOSPC if no free IDs could be found.
*/
int idr_alloc_cyclic(struct idr *idr, void *ptr, int start, int end, gfp_t gfp)
@@ -130,6 +137,11 @@ int idr_alloc_cyclic(struct idr *idr, void *ptr, int start, int end, gfp_t gfp)
if (err)
return err;
+ if (WARN_ON_ONCE(id < start || (id >= end && end != 0))) {
+ idr_remove(idr, id);
+ return -EINVAL;
+ }
+
idr->idr_next = id + 1;
return id;
}
--
2.43.0
next prev parent reply other threads:[~2025-11-27 9:24 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-27 9:27 [RFC PATCH 0/1] IDR fix for potential id mismatch Jan Sokolowski
2025-11-27 9:27 ` Jan Sokolowski [this message]
2025-11-27 13:38 ` [RFC PATCH 1/1] idr: do not create idr if new id would be outside given range Matthew Wilcox
2025-11-27 13:54 ` Matthew Wilcox
2025-11-27 14:03 ` Christian König
2025-11-27 14:11 ` Matthew Wilcox
2025-11-27 14:55 ` Matthew Wilcox
2025-11-27 15:02 ` Christian König
2025-11-28 9:03 ` Sokolowski, Jan
2025-11-28 15:52 ` Matthew Wilcox
2025-11-28 16:47 ` Sokolowski, Jan
2025-11-28 17:50 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251127092732.684959-2-jan.sokolowski@intel.com \
--to=jan.sokolowski@intel.com \
--cc=akpm@linux-foundation.org \
--cc=christian.koenig@amd.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).