lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190626035522.GN2962@vkoul-mobl>
Date:   Wed, 26 Jun 2019 09:25:22 +0530
From:   Vinod Koul <vkoul@...nel.org>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     linux-arm-msm@...r.kernel.org,
        Bjorn Andersson <bjorn.andersson@...aro.org>,
        Randy Dunlap <rdunlap@...radead.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] linux/kernel.h: fix overflow for DIV_ROUND_UP_ULL

On 25-06-19, 15:32, Andrew Morton wrote:
> On Tue, 25 Jun 2019 15:29:38 -0700 Andrew Morton <akpm@...ux-foundation.org> wrote:
> 
> > On Tue, 25 Jun 2019 15:35:18 +0530 Vinod Koul <vkoul@...nel.org> wrote:
> > 
> > > DIV_ROUND_UP_ULL adds the two arguments and then invokes
> > > DIV_ROUND_DOWN_ULL. But on a 32bit system the addition of two 32 bit
> > > values can overflow. DIV_ROUND_DOWN_ULL does it correctly and stashes
> > > the addition into a unsigned long long so cast the result to unsigned
> > > long long here to avoid the overflow condition.
> > >
> > > ...
> > >
> > > --- a/include/linux/kernel.h
> > > +++ b/include/linux/kernel.h
> > > @@ -93,7 +93,8 @@
> > >  #define DIV_ROUND_DOWN_ULL(ll, d) \
> > >  	({ unsigned long long _tmp = (ll); do_div(_tmp, d); _tmp; })
> > >  
> > > -#define DIV_ROUND_UP_ULL(ll, d)		DIV_ROUND_DOWN_ULL((ll) + (d) - 1, (d))
> > > +#define DIV_ROUND_UP_ULL(ll, d) \
> > > +	({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> > >  
> > 
> > This clearly wasn't tested :(

Apologies for that, I did test and stash, but failed to amend the
commit. I should have noticed while sending but :(

Anyway I had the same conclusion as yous, so all is good.

Thanks for fixing this

Reviewed-by: Vinod Koul <vkoul@...nel.org>
Tested-by: Vinod Koul <vkoul@...nel.org>

> > 
> > fs/fs-writeback.c: In function wb_split_bdi_pages:
> > ./include/linux/kernel.h:97:65: error: expected ; before } token
> >   ({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> >                                                                  ^
> > fs/fs-writeback.c:811:10: note: in expansion of macro DIV_ROUND_UP_ULL
> >    return DIV_ROUND_UP_ULL((u64)nr_pages * this_bw, tot_bw);
> > 
> > 
> > From: Andrew Morton <akpm@...ux-foundation.org>
> > Subject: linux-kernelh-fix-overflow-for-div_round_up_ull-fix
> > 
> > DIV_ROUND_UP_ULL must be an rval
> > 
> > Cc: Bjorn Andersson <bjorn.andersson@...aro.org>
> > Cc: Randy Dunlap <rdunlap@...radead.org>
> > Cc: Vinod Koul <vkoul@...nel.org>
> > Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
> > ---
> > 
> >  include/linux/kernel.h |    6 ++++--
> >  1 file changed, 4 insertions(+), 2 deletions(-)
> > 
> > --- a/include/linux/kernel.h~linux-kernelh-fix-overflow-for-div_round_up_ull-fix
> > +++ a/include/linux/kernel.h
> > @@ -93,8 +93,10 @@
> >  #define DIV_ROUND_DOWN_ULL(ll, d) \
> >  	({ unsigned long long _tmp = (ll); do_div(_tmp, d); _tmp; })
> >  
> > -#define DIV_ROUND_UP_ULL(ll, d) \
> > -	({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> > +#define DIV_ROUND_UP_ULL(ll, d) ({ \
> > +	unsigned long long _tmp; \
> > +	_tmp = DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)); \
> > +	_tmp; })
> 
> Simpler:
> 
> --- a/include/linux/kernel.h~linux-kernelh-fix-overflow-for-div_round_up_ull-fix
> +++ a/include/linux/kernel.h
> @@ -94,7 +94,7 @@
>  	({ unsigned long long _tmp = (ll); do_div(_tmp, d); _tmp; })
>  
>  #define DIV_ROUND_UP_ULL(ll, d) \
> -	({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> +	DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d))
>  
>  #if BITS_PER_LONG == 32
>  # define DIV_ROUND_UP_SECTOR_T(ll,d) DIV_ROUND_UP_ULL(ll, d)
> _

-- 
~Vinod

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ