From patchwork Mon Mar 20 02:47:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: mawupeng X-Patchwork-Id: 13180690 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9CF9DC7618E for ; Mon, 20 Mar 2023 02:47:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A938B900002; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8E8E5900005; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 71395900002; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 55787900003 for ; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 19E67805D2 for ; Mon, 20 Mar 2023 02:47:51 +0000 (UTC) X-FDA: 80587741542.21.98FF3B7 Received: from szxga08-in.huawei.com (szxga08-in.huawei.com [45.249.212.255]) by imf26.hostedemail.com (Postfix) with ESMTP id 746A414000C for ; Mon, 20 Mar 2023 02:47:48 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf26.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.255 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679280469; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XhEAoOe8xCfT6IlHvtiu7ZPhz8+1Soq3ZGAYB5XEjfg=; b=LuR18dWgwJrVoxUMp7cUQF44phTQQznu8OxWX4JxC0CVZQmZLOKQhUCJorz0LLs937HagU rEsBRpG44b8xb8RWllVhIMIAyNloO/zTP5hQy5zQb7Iv5y2jnkKbB8Ypene9K61FSipIT+ U7PD5z3nC3Nmat7EeOyvOfn+g0GCUFs= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf26.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.255 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679280469; a=rsa-sha256; cv=none; b=Q6KQeXhfKbh77eCiEgMrrViVhAXF5yljGtJbxkqDWlmI8JtzEy4foyMCUV7n776b++BDJ/ emVeiHx23NrpQDUDNpx0B1upSG9/vffz9W9uu6E1G7+vTWuzNnwY7pvcHgMgxocOTYGMeE ny+3iO3/DF2c59TgaYACPO0KWEs/Zlw= Received: from dggpemm500014.china.huawei.com (unknown [172.30.72.55]) by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4PfzbY3Q4Fz17MKr; Mon, 20 Mar 2023 10:44:41 +0800 (CST) Received: from localhost.localdomain (10.175.112.125) by dggpemm500014.china.huawei.com (7.185.36.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21; Mon, 20 Mar 2023 10:47:44 +0800 From: Wupeng Ma To: CC: , , , , , Subject: [PATCH v4 1/4] mm/mlock: return EINVAL if len overflows for mlock/munlock Date: Mon, 20 Mar 2023 10:47:36 +0800 Message-ID: <20230320024739.224850-2-mawupeng1@huawei.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230320024739.224850-1-mawupeng1@huawei.com> References: <20230320024739.224850-1-mawupeng1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.175.112.125] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To dggpemm500014.china.huawei.com (7.185.36.153) X-CFilter-Loop: Reflected X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 746A414000C X-Stat-Signature: bi9jkqcbfiz9bdr9sxmk8onax1buf17q X-HE-Tag: 1679280468-557692 X-HE-Meta: U2FsdGVkX18iqHUFREg1iRZlQPas+lhvEQNw2UjfguvO14+DT9GI68CJ6Z5Qz+n23AIaNr1HPTfF6B5sAtIm+hvOwPsh23C/NL2UKO1OeH83Xds6bfAZVABM3Fcisjf4KCYzeB4iRp/3CG+GP9maIlCda2mlLkHqgoankj2AfF1pZ/R3P3/7StY6w0QnwvUNLmLJMJxElVc2hAVv6iY2nC2eWhmMs4eusZLP1HPlHOSKPJMpAYUxdI2JzjDnP20h48beaAR3/4hVVvo49L576r3BiVojym5mao5fqvJws3MBM8dIbcxqQ2S7mdHWUvI3PlnAJxNm+yjmOGKKpENUn+T5nErswE0mncohRPHIK0PQk54vHF00lvkyFw28AYJCNb+rREl79Rddxs7rBm7u0iXVGmHZh6ACIZV+/JilUm8O9e/FYvIfKCAqtoksjCJQCr8othbaBHX5KR9DMHJToTZ3i5gZ5/BHHOYeqW4HYHR7bnzm+wgj2lvHxYh9bUaWqITnXIfl5ZbxyxHKgf0pu6RnhhDYjdLXWYq4iZ1rCcTB+nXdUgakRb6GK2LY65fllREQe+vlLfkTBpN8tCMOfA1rQ0PqqzsBtwP0ABa9he9QQYSwxPYpmvj6L7rbX7jYmCrLuV/+9W7Gy/Ad12/SAhxch1skIKP34aLaMsh0R9+2XqIkKva76kRZNcHiu7Dvrb2XHozFxJgQWvRgBrAF79J0l56DbTetJ9kK6V4ybwsfFbbQ/132r/hUm4lElLKY5fV8tvMyLr8V0NzQgXSEDW1SeH1hD6taatOX51c876dbtjnk4eJ8KHLVzdEndYMvlbZlYx+c4OfsfKWMRaVvsoPTEWL1m7L7t+H858YqktW410/UmJYqkOWbbNGIetAmmpXULhpNIcHaaPLWZFlahGMA/5ZerqpEJnUVPxMEq+iaOgK0eQuOJHgx3N933FOsdxrx0tgbVIBP+vXj+yR jrJmZoky Z5ZkdCMHQcL5LSDDuKObahjz5RJUQiO2zxCOcmk55Y/Hpv5841Y7smqhPgijYkcV1hYsJbE/hSyI1lPQSbKzgmU/u9H5n0QQYfNcuGibjhHAzFc2k2Sh/uvNdmBnkCa2tAcUuTpRlBbftXV4so60saWX2AzNOg+AAKeal X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ma Wupeng While testing mlock, we have a problem if the len of mlock is ULONG_MAX. The return value of mlock is zero. But nothing will be locked since the len in do_mlock overflows to zero due to the following code in mlock: len = PAGE_ALIGN(len + (offset_in_page(start))); The same problem happens in munlock. Add new check and return -EINVAL to fix this overflowing scenarios since they are absolutely wrong. Signed-off-by: Ma Wupeng --- mm/mlock.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/mm/mlock.c b/mm/mlock.c index 617469fce96d..eb68476da497 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -568,6 +568,7 @@ static __must_check int do_mlock(unsigned long start, size_t len, vm_flags_t fla unsigned long locked; unsigned long lock_limit; int error = -ENOMEM; + size_t old_len = len; start = untagged_addr(start); @@ -577,6 +578,9 @@ static __must_check int do_mlock(unsigned long start, size_t len, vm_flags_t fla len = PAGE_ALIGN(len + (offset_in_page(start))); start &= PAGE_MASK; + if (old_len != 0 && len == 0) + return -EINVAL; + lock_limit = rlimit(RLIMIT_MEMLOCK); lock_limit >>= PAGE_SHIFT; locked = len >> PAGE_SHIFT; @@ -631,12 +635,16 @@ SYSCALL_DEFINE3(mlock2, unsigned long, start, size_t, len, int, flags) SYSCALL_DEFINE2(munlock, unsigned long, start, size_t, len) { int ret; + size_t old_len = len; start = untagged_addr(start); len = PAGE_ALIGN(len + (offset_in_page(start))); start &= PAGE_MASK; + if (old_len != 0 && len == 0) + return -EINVAL; + if (mmap_write_lock_killable(current->mm)) return -EINTR; ret = apply_vma_lock_flags(start, len, 0); From patchwork Mon Mar 20 02:47:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: mawupeng X-Patchwork-Id: 13180691 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91F52C7619A for ; Mon, 20 Mar 2023 02:47:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 568C6900005; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 518CD900003; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4060A900005; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 31CCD900003 for ; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id C1C8516054B for ; Mon, 20 Mar 2023 02:47:51 +0000 (UTC) X-FDA: 80587741542.13.AA6CE5C Received: from szxga08-in.huawei.com (szxga08-in.huawei.com [45.249.212.255]) by imf10.hostedemail.com (Postfix) with ESMTP id 92139C0019 for ; Mon, 20 Mar 2023 02:47:49 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=none; spf=pass (imf10.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.255 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679280470; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=w42+SfSejOEvP90T6yloGYrurgPK1m3W+HVg6+rZo80=; b=AKbvmeLUKYTr4Ha9oAXoIJiGLjLXnpIS4+Xiz066O8xDHpZAixopShX6/fbPaBcSrTLVqM s0+G2F6mbZrEuhcP9oNbshe1mQScCw3QhSpLxTZfP46gkUemKAqyjrM01M47nPaaTBQdWX DI/ThavApJTM0BWIVg+fAIIToSEZAoM= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=none; spf=pass (imf10.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.255 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679280470; a=rsa-sha256; cv=none; b=5KJtPmjBiesja0DYFJOxtCmQxrsxGrFtcS/hDLxn7Lw7oHGOB2JQXDYMR5fl/l4wWpWjin eJfCuF+oZGroC2xq4rXXuScGyzC4bg88ART4mOMxZn7welAxHgeusxgDpl68Q1qmmxDtEv +/ui5fBwFxbGPaRVFyftjUi2MO/9QXg= Received: from dggpemm500014.china.huawei.com (unknown [172.30.72.54]) by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4PfzbY6VtPz17MLF; Mon, 20 Mar 2023 10:44:41 +0800 (CST) Received: from localhost.localdomain (10.175.112.125) by dggpemm500014.china.huawei.com (7.185.36.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21; Mon, 20 Mar 2023 10:47:44 +0800 From: Wupeng Ma To: CC: , , , , , Subject: [PATCH v4 2/4] mm/mempolicy: return EINVAL for if len overflows for set_mempolicy_home_node Date: Mon, 20 Mar 2023 10:47:37 +0800 Message-ID: <20230320024739.224850-3-mawupeng1@huawei.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230320024739.224850-1-mawupeng1@huawei.com> References: <20230320024739.224850-1-mawupeng1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.175.112.125] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To dggpemm500014.china.huawei.com (7.185.36.153) X-CFilter-Loop: Reflected X-Rspam-User: X-Rspamd-Server: rspam03 X-Stat-Signature: yxsmbg597ifx349wsyf1r77ceyof5awa X-Rspamd-Queue-Id: 92139C0019 X-HE-Tag: 1679280469-259001 X-HE-Meta: U2FsdGVkX18HoScugt43Leg5KfYK1hWKiccM91fHsTGg3qB+4Na8SSkvGeWuqbfsh7VVOgX0ffUOtrrP5jz6eCLSCr+s1Y4M8jyJ3nh5eP6BZB3syX8c+pQt4N4AVBEs/lwOa93x3HlDC8hjKPiv0y5wbhkFP5TjWNCQRAiVlsZhtKRm2SnH47hvBRuKwtnAFMRloHHDz5wwpLE68UpmNxA131qaQXauT1dKPFAggcvvKb3UBJ5shjqYY5lxIsKunPWDiODu9usc6fvoVo9f1cLWDscLEgvtk8abzEz/Y6vhj4KekZULUZojgwdYxg+4SjwetGdrvQ06lTSJH83UCTLauOoaskDCt10QaazsbQrdRYlCNP8XN4HMvof9P6IgA8IgfzNCTOIstiF/OUwGzG/kBBLhDTjYhycWvAdG3yKscwhoHRvPkCoKCMnKp9h8boQskY4OuL3v3m2t5BaZxfftyBAEdE9VJa+fQKNI5n7HP2pbHmWz+x+6dwwgpt9A4dLvaqlghkM1GH1pwe/24AZXvPQ/G1kEFuFt9LU6x570soa6R8CEbFpYPzIcin+DZ6fKMBpePG2d5qH/zYvgA1+D7nS7qEhSGSvlDL/CfosiI0SAT+9U2WNgv4ivZ21fOUMaefqkHyBSwfGzEzLTBd9B2EljM+SmtPYCOyVtAhWZD4izqiNxAqRtRTJXcR46/rf5oaFOtbAqMtl8TRh/j3UWUMgCxH4JbbBn6T5ILIpFggAi6rZhmLkKncanIGZcGjq9wQa6PZ4NapCgvdNE1SHkLXuOrvUNWA2XIs5msLL84Mr4hC8kKS6W3GsVUk4P6Ss1Nn173YY0dMvbXsk8rTaqUxNPLEFWU7dcaZyKdWlj2pxCeTc3IMrsyMVSCa4F0btdCvnZ7hmiHmuQjpBIh+nJ1/thzx5Rz89DlYi2WhUMuRffz+X+YUuDDq67ZUPqcmE4GAdzABVpmRegBlM vNGbOHuS cTh/h2wrxVMWZpjGlld0OZs7EbfzwMoeQvPoX23F0Hsx6guJbqOk1NX4p5dPufDbL/502OvDsMarMdEp/ZYyJDaWNZgPc5hf0aGnjQS+60hucY1cWMJyFtn8ydthMpkqGLN5lv4K8be2gHV1+aXNitRK5EMP/tbswLu0ykHGp2gLXHhLdrHzUeC1oGt0YsSgYNmcRZS5+fEeHA1g= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ma Wupeng Return -EINVAL if len overflows for set_mempolicy_home_node. Signed-off-by: Ma Wupeng --- mm/mempolicy.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index a256a241fd1d..3a68998adc3a 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1489,6 +1489,7 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le unsigned long, home_node, unsigned long, flags) { struct mm_struct *mm = current->mm; + unsigned long old_len = len; struct vm_area_struct *vma; struct mempolicy *new, *old; unsigned long vmstart; @@ -1516,7 +1517,7 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le len = PAGE_ALIGN(len); end = start + len; - if (end < start) + if (end < start || (old_len != 0 && len == 0)) return -EINVAL; if (end == start) return 0; From patchwork Mon Mar 20 02:47:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: mawupeng X-Patchwork-Id: 13180689 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9E9F6C6FD1F for ; Mon, 20 Mar 2023 02:47:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8739F900004; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7FD90900003; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 69E4F900004; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 54A08900002 for ; Sun, 19 Mar 2023 22:47:51 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 18F1F1C5F0F for ; Mon, 20 Mar 2023 02:47:51 +0000 (UTC) X-FDA: 80587741542.19.CEFD1A0 Received: from szxga08-in.huawei.com (szxga08-in.huawei.com [45.249.212.255]) by imf04.hostedemail.com (Postfix) with ESMTP id 8C68D4000E for ; Mon, 20 Mar 2023 02:47:48 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=none; spf=pass (imf04.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.255 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679280469; a=rsa-sha256; cv=none; b=2j0sMiiYYak5Fw+5kzGg3hTXBbESIdd9ROBeA/B2IZ+iFlWGApVpGmxedo82A1ZBvdoVjO bsR6Y1XnyJ0kSUNoEBCjr1zifoi+2vX8cWGTYOysselkPsl6rAcYhjQr0rN1yD03Yi5FTJ wdHPRIyfkKvjiPhVVBBpeZ2rwFKTYR4= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=none; spf=pass (imf04.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.255 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679280469; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xrR6Vz5OJ69Puj4GdEzkMxibWO2+u+Xn2wcSgiONoa0=; b=Q7O5j9EpzuyVh2T/jwrXY++MHDoLNzx3QQOcRBrn66S3kQInUCHCHEgy5OrnzhCZmG0dkP D7T1XqCV8+GR1r31FCNQuEkmaed3ri+P5OGrulILxPY5XqoJVPfqbK8MF/pSuifZ5gVypa DhHGCXvPuRNTeApi6Nvf1SZnnEnVMyw= Received: from dggpemm500014.china.huawei.com (unknown [172.30.72.57]) by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4PfzbZ2WnGz17MLK; Mon, 20 Mar 2023 10:44:42 +0800 (CST) Received: from localhost.localdomain (10.175.112.125) by dggpemm500014.china.huawei.com (7.185.36.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21; Mon, 20 Mar 2023 10:47:45 +0800 From: Wupeng Ma To: CC: , , , , , Subject: [PATCH v4 3/4] mm/mempolicy: return EINVAL if len overflows for mbind Date: Mon, 20 Mar 2023 10:47:38 +0800 Message-ID: <20230320024739.224850-4-mawupeng1@huawei.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230320024739.224850-1-mawupeng1@huawei.com> References: <20230320024739.224850-1-mawupeng1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.175.112.125] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To dggpemm500014.china.huawei.com (7.185.36.153) X-CFilter-Loop: Reflected X-Rspam-User: X-Rspamd-Queue-Id: 8C68D4000E X-Rspamd-Server: rspam01 X-Stat-Signature: cwnq7y8iex8iqukk71yghubbrw3eded3 X-HE-Tag: 1679280468-609923 X-HE-Meta: U2FsdGVkX184Z2mxMV5xGYXaIWuAeXoLZuq0THyGz4+ghMNTJ8F1yC07S/RhTvt+0w7XNTOdRuaFb/apOl+OXZrprOZgM4/AkvE2tW/5Rs89yAftGKusbCCjxT2cc7JVNfnGqlg3gNx8FQlUiZlFcQk3JEWW/0/ZP30kH5/Wj3SexyXT2Xy38Oq6VjQJ80J6sBGKMuSiX15FSyFsDN755mSZqL2NRaPAStPD84Jtk4HZxt+HekHiK4ai4rQCUvNBcf458Ofs8EoALIC0KKC7a4Jnmxdu7alnnqX+/b1vs8+RwmSBbJh49KAFS1ueEyK8f7YTQ/c1psnRmKxDgra+8vnPiahEkv5KXg+DGiKZkA9qedI2J2U5NoHgbO56vPWhNem6Uw3K2DuWj47LM1NSNSdDEGwWruNJSh/lWRvSlPtyhudVeVqDDzwveqbvzw2QB99ghtrD1eyIIakkw7/RwlYhF8oG6UdULZ4gh6PstCM4tFRLH1K5W2Y80ejKzx0Am+Hc65+m+1u7t2LFeOMBV0xLVpBEGp37TT1luMoywTpYRInG9N8QkX4oYF10Wifn576oVCBI8PDeheScHiW1zIKkIyvEC7tQTar72RUK6i28BvFBpsBB3jBEBQdccifZ3rznWTieyKVydbmcCXFYkAuI1uMX4enxl9IccEQIobP8SZ90sfYF8ael0AH7ruwYMC+oxMNAtijbWla/WnXZ/6blvZAGNhqW19aGegEpxMJSjxsxAeiEpqvbdRjuOmfS4RtpoXX0NghBq8L6ETtBakhmRb8HVLoWuCV7sJpb42X+xAEdyEya7TyYqJ6nuXVjlfXXpCsCTrn1YM6vbQ/TJ245GhQW7kcQ5pquIIpHMS95ODa08kxOtCB8qqLjXgUF+BRtYS72DNP6npoCY/hyh+RKiAJJzHKTVipPx3Xs8BkWCzMKAwXFinVZGMT0iZYG5XA1gsMmjjFlH5hFfMv UfJuTtTN u+CvQkq4vvxC6DHh60hzIv5ndCMIBqE0gscwjnHKVqrvxYO/Edkg+MZdiMQ+dAT8zHgF+BI0riqVduUXg1Tnhl5MH8K3wOuvRDUWD9DkVFw0tc4RCk1gGrkqKCuR2UpPIWIPs22TRfToaNl8yq5gqGiRbPEKFEEz4/+Zk X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ma Wupeng Return -EINVAL if len overflows for mbind. Signed-off-by: Ma Wupeng --- mm/mempolicy.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 3a68998adc3a..6b1c45021e48 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1259,6 +1259,7 @@ static long do_mbind(unsigned long start, unsigned long len, nodemask_t *nmask, unsigned long flags) { struct mm_struct *mm = current->mm; + unsigned long old_len = len; struct mempolicy *new; unsigned long end; int err; @@ -1279,7 +1280,7 @@ static long do_mbind(unsigned long start, unsigned long len, len = PAGE_ALIGN(len); end = start + len; - if (end < start) + if (end < start || (old_len != 0 && len == 0)) return -EINVAL; if (end == start) return 0; From patchwork Mon Mar 20 02:47:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: mawupeng X-Patchwork-Id: 13180692 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 53FB1C6FD1F for ; Mon, 20 Mar 2023 02:47:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E911C900006; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DF0D5900003; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BAA23900006; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id A94E6900003 for ; Sun, 19 Mar 2023 22:47:52 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 7EF0316054B for ; Mon, 20 Mar 2023 02:47:52 +0000 (UTC) X-FDA: 80587741584.13.3D4505F Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by imf19.hostedemail.com (Postfix) with ESMTP id 075051A0003 for ; Mon, 20 Mar 2023 02:47:49 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf19.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.187 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679280470; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/2E+nzFX9v8Ck0L7jBTEJgpMLzAEPJkIUtwPh5KpisU=; b=rqyOqiif+5+EgOKx836w4krwWjkS/O2SNRiIgNUH2uddf/0oV8vSkfDqBs5oOeC4jWmD6U S4ScEr7kQlVuJrmG0u0mVDY5+8zq0Vipy4y2FKfdau+8WWopugpb8u03NmRD1u72Bq05v3 tol7eD1KrCCmVNmaozOhKa3PlXpJ/QI= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf19.hostedemail.com: domain of mawupeng1@huawei.com designates 45.249.212.187 as permitted sender) smtp.mailfrom=mawupeng1@huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679280470; a=rsa-sha256; cv=none; b=OcZbZqiwvsDu/xT4BKH/ddH5RuLr0jSXitVR49IW7iK82oXu5+sXmHuKrdjho2TyXgQhDn LLz0IUqQcoSDKQSED1pW9Umtyh2K/3+l6TtDZ8h+uGKvCPgdpe2O8Pyz7qoIIfpMM0GxlA /QUFT/igzxqih9sKQf84dojq7uDGAJc= Received: from dggpemm500014.china.huawei.com (unknown [172.30.72.57]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4PfzbZ0F8dznYRR; Mon, 20 Mar 2023 10:44:42 +0800 (CST) Received: from localhost.localdomain (10.175.112.125) by dggpemm500014.china.huawei.com (7.185.36.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21; Mon, 20 Mar 2023 10:47:45 +0800 From: Wupeng Ma To: CC: , , , , , Subject: [PATCH v4 4/4] mm/msync: return ENOMEM if len overflows for msync Date: Mon, 20 Mar 2023 10:47:39 +0800 Message-ID: <20230320024739.224850-5-mawupeng1@huawei.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230320024739.224850-1-mawupeng1@huawei.com> References: <20230320024739.224850-1-mawupeng1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.175.112.125] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To dggpemm500014.china.huawei.com (7.185.36.153) X-CFilter-Loop: Reflected X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 075051A0003 X-Stat-Signature: he16o3kr1hk3rskfo1xt1xyw71aesd65 X-HE-Tag: 1679280469-804495 X-HE-Meta: U2FsdGVkX1+5Afp3rwqLxRmspk5Lr6dXAFamqU12ejTeCTC4hgZ5WYXTBfJVdT2WF13wC8yQLabe6xVtAmq/KaOKpZpjQQsVB3m2+/7rQ61Mk3fWONP25KHQo0AzDkwSFwctDFCd2UuhXO6BVmOOkfoABqYXehASLsiXKARIo+yS91zLdj781C05T327Asm4u5Zp6RDeZCBirv2a/ImWTKGpFmsL0uWnrhUq0tONEwB/D1mSYAG4p68cy2wLGMsTpvGNDIkTyppaxVFj0SJRDIuLpG+hUu7B8T3Qiwhp6enbcIFhAvuhzmhDdz6MuO2w9SFmjClu+4gpUvdo37SwdXJrids4xrfm9GNMVJYcC4H0+jF6ECdnfB+0/qlh7p/cVBIlF+kqiLZAQu5QHSkF0608i0iBmpOUYrj5Sr0cevKvOT6kXGmtZRnwTxWgNRlbur35nrkRIJ42c4UO1RoYD0UTCniQkfR/RMe+68smLXn+tkIa3vwf43qzw8ZyRQpS0mmoUUGNUe+rQTIZ8VOMgUMAvUfehenemYnisFo7LOmNjikwpq+p0dpNviV+Aq1W+TzHNGfVRorTvWxTZIKlyGlDwxxXjp2GXuhlWllI2z0TIysLDXFYm5m97qEemAO9E62rebOhHeSANwqBKjViINMzZb4+bvicnueaIoIp94WVrFheUq7V6xAHmh4Gwh45QWvrtxt9VV/x/+cC3UyxeMayuAWH8XV432qVmBaa06rE3tbHDHCn4rPnhMU1XT9kSbZDbW6dlktStXEFRA3SPhq61CI3fo9mM+issQ4afaRa89JsNmyySbXl5cB/vcNyKUtd4pRo7jzTB218oen6DrgLpEAppoyKGKGIvp0VrYpMUAl43Y4ou5UmVTb2TwBHrwj3+7vpWKWJ+wLEInAPIxzQ5cJUvrtDrGw5miplIvHI1lYs0UhHytWLyFXMnPGe7mOIB3CowB3VPo8A5aD mco39/SW K+457kVuzxGqEdxftONZRGhr9rdMAivMGC2zFwdjPhvyjSO/ReJRZYmIl1WWxsMYAgpdL9TkiTOIAiQgRNQ8a3ne9+I3uYN3uVRKF68jSLcD0QCt4f2nTBhWzyRr9mJkyn9lx81q6vTMpR4k3AlxxaNY2Af52DaSlN5i9 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ma Wupeng Return -ENOMEM if len overflows for msync. Signed-off-by: Ma Wupeng --- mm/msync.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/msync.c b/mm/msync.c index ac4c9bfea2e7..8ac227ec38af 100644 --- a/mm/msync.c +++ b/mm/msync.c @@ -36,6 +36,7 @@ SYSCALL_DEFINE3(msync, unsigned long, start, size_t, len, int, flags) struct vm_area_struct *vma; int unmapped_error = 0; int error = -EINVAL; + size_t old_len = len; start = untagged_addr(start); @@ -48,7 +49,7 @@ SYSCALL_DEFINE3(msync, unsigned long, start, size_t, len, int, flags) error = -ENOMEM; len = (len + ~PAGE_MASK) & PAGE_MASK; end = start + len; - if (end < start) + if (end < start || (old_len != 0 && len == 0)) goto out; error = 0; if (end == start)