lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 Dec 2019 02:52:13 +0100 From: Andreas Grünbacher <andreas.gruenbacher@...il.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Andreas Gruenbacher <agruenba@...hat.com>, Christoph Hellwig <hch@...radead.org>, "Darrick J. Wong" <darrick.wong@...cle.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Alexander Viro <viro@...iv.linux.org.uk>, Jeff Layton <jlayton@...nel.org>, Sage Weil <sage@...hat.com>, Ilya Dryomov <idryomov@...il.com>, "Theodore Ts'o" <tytso@....edu>, Andreas Dilger <adilger.kernel@...ger.ca>, Jaegeuk Kim <jaegeuk@...nel.org>, Chao Yu <chao@...nel.org>, linux-xfs <linux-xfs@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Richard Weinberger <richard@....at>, Artem Bityutskiy <dedekind1@...il.com>, Adrian Hunter <adrian.hunter@...el.com>, Ceph Development <ceph-devel@...r.kernel.org>, Ext4 Developers List <linux-ext4@...r.kernel.org>, linux-f2fs-devel@...ts.sourceforge.net, linux-mtd@...ts.infradead.org, Chris Mason <clm@...com>, Josef Bacik <josef@...icpanda.com>, David Sterba <dsterba@...e.com>, linux-btrfs@...r.kernel.org Subject: Re: [PATCH v2] fs: Fix page_mkwrite off-by-one errors Am Di., 3. Dez. 2019 um 02:09 Uhr schrieb Linus Torvalds <torvalds@...ux-foundation.org>: > > On Fri, Nov 29, 2019 at 6:21 AM Andreas Gruenbacher <agruenba@...hat.com> wrote: > > > > +/** > > + * page_mkwrite_check_truncate - check if page was truncated > > + * @page: the page to check > > + * @inode: the inode to check the page against > > + * > > + * Returns the number of bytes in the page up to EOF, > > + * or -EFAULT if the page was truncated. > > + */ > > +static inline int page_mkwrite_check_truncate(struct page *page, > > + struct inode *inode) > > +{ > > + loff_t size = i_size_read(inode); > > + pgoff_t end_index = (size + PAGE_SIZE - 1) >> PAGE_SHIFT; > > This special end_index calculation seems to be redundant. > > You later want "size >> PAGE_SHIFT" for another test, and that's > actually the important part. > > The "+ PAGE_SIZE - 1" case is purely to handle the "AT the page > boundary is special" case, but since you have to calculate > "offset_in_page(size)" anyway, that's entirely redundant - the answer > is part of that. > > So I think it would be better to write the logic as > > loff_t size = i_size_read(inode); > pgoff_t index = size >> PAGE_SHIFT; > int offset = offset_in_page(size); > > if (page->mapping != inode->i_mapping) > return -EFAULT; > > /* Page is wholly past the EOF page */ > if (page->index > index) > return -EFAULT; > /* page is wholly inside EOF */ > if (page->index < index) > return PAGE_SIZE; > /* bytes in a page? If 0, it's past EOF */ > return offset ? offset : -PAGE_SIZE; > > instead. That avoids the unnecessary "round up" part, and simply uses > the same EOF index for everything. And if we rearrange things slightly, we end up with: /* page is wholly inside EOF */ if (page->index < index) return PAGE_SIZE; /* page is wholly past EOF */ if (page->index > index || !offset) return -EFAULT; /* page is partially inside EOF */ return offset; Thanks, Andreas
Powered by blists - more mailing lists