From: David Hildenbrand <david@redhat.com>
To: mawupeng <mawupeng1@huawei.com>, akpm@linux-foundation.org
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kuleshovmail@gmail.com, aneesh.kumar@linux.ibm.com
Subject: Re: [PATCH v4 1/4] mm/mlock: return EINVAL if len overflows for mlock/munlock
Date: Tue, 21 Mar 2023 15:19:18 +0100 [thread overview]
Message-ID: <6dd844f7-d43b-c744-f295-9f14c68d3928@redhat.com> (raw)
In-Reply-To: <3ef9520c-6713-527a-0214-ac7a8bb2d49c@huawei.com>
On 21.03.23 08:44, mawupeng wrote:
>
>
> On 2023/3/20 18:54, David Hildenbrand wrote:
>> On 20.03.23 03:47, Wupeng Ma wrote:
>>> From: Ma Wupeng <mawupeng1@huawei.com>
>>>
>>> While testing mlock, we have a problem if the len of mlock is ULONG_MAX.
>>> The return value of mlock is zero. But nothing will be locked since the
>>> len in do_mlock overflows to zero due to the following code in mlock:
>>>
>>> len = PAGE_ALIGN(len + (offset_in_page(start)));
>>>
>>> The same problem happens in munlock.
>>>
>>> Add new check and return -EINVAL to fix this overflowing scenarios since
>>> they are absolutely wrong.
>>
>> Thinking again, wouldn't we reject mlock(0, ULONG_MAX) now as well?
>
> mlock will return 0 if len is zero which is the same w/o this patchset.
> Here is the calltrace if len is zero.
>
> mlock(len == 0)
> do_mlock(len == 0)
> if (!len)
> return 0
>
I was asking about addr=0, len=ULONG_MAX.
IIUC, that used to work but could now fail? I haven't played with it,
though.
--
Thanks,
David / dhildenb
next prev parent reply other threads:[~2023-03-21 14:20 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-20 2:47 [PATCH v4 0/4] Add overflow checks for several syscalls Wupeng Ma
2023-03-20 2:47 ` [PATCH v4 1/4] mm/mlock: return EINVAL if len overflows for mlock/munlock Wupeng Ma
2023-03-20 10:54 ` David Hildenbrand
2023-03-20 11:05 ` mawupeng
2023-03-21 7:44 ` mawupeng
2023-03-21 14:19 ` David Hildenbrand [this message]
2023-03-22 2:14 ` mawupeng
2023-03-22 8:54 ` David Hildenbrand
2023-03-22 9:01 ` David Hildenbrand
2023-03-22 9:20 ` mawupeng
2023-03-22 11:27 ` David Hildenbrand
2023-03-20 2:47 ` [PATCH v4 2/4] mm/mempolicy: return EINVAL for if len overflows for set_mempolicy_home_node Wupeng Ma
2023-03-20 2:47 ` [PATCH v4 3/4] mm/mempolicy: return EINVAL if len overflows for mbind Wupeng Ma
2023-03-20 2:47 ` [PATCH v4 4/4] mm/msync: return ENOMEM if len overflows for msync Wupeng Ma
2023-03-20 11:06 ` [PATCH v4 0/4] Add overflow checks for several syscalls mawupeng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6dd844f7-d43b-c744-f295-9f14c68d3928@redhat.com \
--to=david@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=aneesh.kumar@linux.ibm.com \
--cc=kuleshovmail@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mawupeng1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).