[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1398161781-12105-2-git-send-email-laijs@cn.fujitsu.com>
Date: Tue, 22 Apr 2014 18:16:18 +0800
From: Lai Jiangshan <laijs@...fujitsu.com>
To: <linux-kernel@...r.kernel.org>
CC: Andrew Morton <akpm@...ux-foundation.org>,
Tejun Heo <tj@...nel.org>,
Lai Jiangshan <laijs@...fujitsu.com>,
Jean Delvare <jdelvare@...e.de>,
Monam Agarwal <monamagarwal123@...il.com>,
Jeff Layton <jlayton@...hat.com>,
Andreas Gruenbacher <agruen@...bit.com>,
Stephen Hemminger <stephen@...workplumber.org>
Subject: [PATCH 1/4] idr: proper invalid argument handling
When the arguments passed by the caller are invalid, WARN_ON_ONCE()
is proper than BUG_ON() which may crash the kernel.
ida_remove()/idr_remove() add checks for "id < 0".
BUG_ON() in ida_simple_remove() is simply removed, due to
ida_remove() already checks for "id < 0".
In idr_alloc(), it still returns -ENOSPC when "start == end",
but it returns -EINVAL when "max < start" while old code returns
-ENOSPC. -EINVAL is proper here, the caller must passed wrong
arguments.
ida_simple_get()'s argument-checks are changed as the same as
idr_alloc().
Signed-off-by: Lai Jiangshan <laijs@...fujitsu.com>
---
lib/idr.c | 25 +++++++++++++------------
1 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/lib/idr.c b/lib/idr.c
index 96bb252..87c98fc 100644
--- a/lib/idr.c
+++ b/lib/idr.c
@@ -457,8 +457,10 @@ int idr_alloc(struct idr *idr, void *ptr, int start, int end, gfp_t gfp_mask)
/* sanity checks */
if (WARN_ON_ONCE(start < 0))
return -EINVAL;
- if (unlikely(max < start))
+ if (unlikely(end > 0 && start == end))
return -ENOSPC;
+ if (WARN_ON_ONCE(max < start))
+ return -EINVAL;
/* allocate id */
id = idr_get_empty_slot(idr, start, pa, gfp_mask, NULL);
@@ -551,10 +553,7 @@ void idr_remove(struct idr *idp, int id)
struct idr_layer *p;
struct idr_layer *to_free;
- if (id < 0)
- return;
-
- if (id > idr_max(idp->layers)) {
+ if (id < 0 || id > idr_max(idp->layers)) {
idr_remove_warning(id);
return;
}
@@ -1012,7 +1011,7 @@ void ida_remove(struct ida *ida, int id)
int n;
struct ida_bitmap *bitmap;
- if (idr_id > idr_max(ida->idr.layers))
+ if (id < 0 || idr_id > idr_max(ida->idr.layers))
goto err;
/* clear full bits while looking up the leaf idr_layer */
@@ -1078,14 +1077,17 @@ int ida_simple_get(struct ida *ida, unsigned int start, unsigned int end,
unsigned int max;
unsigned long flags;
- BUG_ON((int)start < 0);
- BUG_ON((int)end < 0);
+ if (WARN_ON_ONCE((int)start < 0))
+ return -EINVAL;
- if (end == 0)
- max = 0x80000000;
+ if ((int)end <= 0)
+ max = INT_MAX;
else {
- BUG_ON(end < start);
max = end - 1;
+ if (unlikely(start == end))
+ return -ENOSPC;
+ if (WARN_ON_ONCE(max < start))
+ return -EINVAL;
}
again:
@@ -1120,7 +1122,6 @@ void ida_simple_remove(struct ida *ida, unsigned int id)
{
unsigned long flags;
- BUG_ON((int)id < 0);
spin_lock_irqsave(&simple_ida_lock, flags);
ida_remove(ida, id);
spin_unlock_irqrestore(&simple_ida_lock, flags);
--
1.7.4.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists