| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Jun 2019 09:25:22 +0530
From: Vinod Koul <vkoul@...nel.org>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: linux-arm-msm@...r.kernel.org,
Bjorn Andersson <bjorn.andersson@...aro.org>,
Randy Dunlap <rdunlap@...radead.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] linux/kernel.h: fix overflow for DIV_ROUND_UP_ULL
On 25-06-19, 15:32, Andrew Morton wrote:
> On Tue, 25 Jun 2019 15:29:38 -0700 Andrew Morton <akpm@...ux-foundation.org> wrote:
>
> > On Tue, 25 Jun 2019 15:35:18 +0530 Vinod Koul <vkoul@...nel.org> wrote:
> >
> > > DIV_ROUND_UP_ULL adds the two arguments and then invokes
> > > DIV_ROUND_DOWN_ULL. But on a 32bit system the addition of two 32 bit
> > > values can overflow. DIV_ROUND_DOWN_ULL does it correctly and stashes
> > > the addition into a unsigned long long so cast the result to unsigned
> > > long long here to avoid the overflow condition.
> > >
> > > ...
> > >
> > > --- a/include/linux/kernel.h
> > > +++ b/include/linux/kernel.h
> > > @@ -93,7 +93,8 @@
> > > #define DIV_ROUND_DOWN_ULL(ll, d) \
> > > ({ unsigned long long _tmp = (ll); do_div(_tmp, d); _tmp; })
> > >
> > > -#define DIV_ROUND_UP_ULL(ll, d) DIV_ROUND_DOWN_ULL((ll) + (d) - 1, (d))
> > > +#define DIV_ROUND_UP_ULL(ll, d) \
> > > + ({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> > >
> >
> > This clearly wasn't tested :(
Apologies for that, I did test and stash, but failed to amend the
commit. I should have noticed while sending but :(
Anyway I had the same conclusion as yous, so all is good.
Thanks for fixing this
Reviewed-by: Vinod Koul <vkoul@...nel.org>
Tested-by: Vinod Koul <vkoul@...nel.org>
> >
> > fs/fs-writeback.c: In function wb_split_bdi_pages:
> > ./include/linux/kernel.h:97:65: error: expected ; before } token
> > ({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> > ^
> > fs/fs-writeback.c:811:10: note: in expansion of macro DIV_ROUND_UP_ULL
> > return DIV_ROUND_UP_ULL((u64)nr_pages * this_bw, tot_bw);
> >
> >
> > From: Andrew Morton <akpm@...ux-foundation.org>
> > Subject: linux-kernelh-fix-overflow-for-div_round_up_ull-fix
> >
> > DIV_ROUND_UP_ULL must be an rval
> >
> > Cc: Bjorn Andersson <bjorn.andersson@...aro.org>
> > Cc: Randy Dunlap <rdunlap@...radead.org>
> > Cc: Vinod Koul <vkoul@...nel.org>
> > Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
> > ---
> >
> > include/linux/kernel.h | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > --- a/include/linux/kernel.h~linux-kernelh-fix-overflow-for-div_round_up_ull-fix
> > +++ a/include/linux/kernel.h
> > @@ -93,8 +93,10 @@
> > #define DIV_ROUND_DOWN_ULL(ll, d) \
> > ({ unsigned long long _tmp = (ll); do_div(_tmp, d); _tmp; })
> >
> > -#define DIV_ROUND_UP_ULL(ll, d) \
> > - ({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> > +#define DIV_ROUND_UP_ULL(ll, d) ({ \
> > + unsigned long long _tmp; \
> > + _tmp = DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)); \
> > + _tmp; })
>
> Simpler:
>
> --- a/include/linux/kernel.h~linux-kernelh-fix-overflow-for-div_round_up_ull-fix
> +++ a/include/linux/kernel.h
> @@ -94,7 +94,7 @@
> ({ unsigned long long _tmp = (ll); do_div(_tmp, d); _tmp; })
>
> #define DIV_ROUND_UP_ULL(ll, d) \
> - ({ DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d)) })
> + DIV_ROUND_DOWN_ULL((unsigned long long)(ll) + (d) - 1, (d))
>
> #if BITS_PER_LONG == 32
> # define DIV_ROUND_UP_SECTOR_T(ll,d) DIV_ROUND_UP_ULL(ll, d)
> _
--
~Vinod
Powered by blists - more mailing lists