lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251223115726.621bfa38.gary@garyguo.net>
Date: Tue, 23 Dec 2025 11:57:26 +0000
From: Gary Guo <gary@...yguo.net>
To: Kari Argillander <kari.argillander@...il.com>
Cc: Alice Ryhl <aliceryhl@...gle.com>, Dirk Behme <dirk.behme@...bosch.com>,
 Alexandre Courbot <acourbot@...dia.com>, Lorenzo Stoakes
 <lorenzo.stoakes@...cle.com>, "Liam R. Howlett" <Liam.Howlett@...cle.com>,
 Miguel Ojeda <ojeda@...nel.org>, Boqun Feng <boqun.feng@...il.com>,
 Björn Roy Baron <bjorn3_gh@...tonmail.com>, Benno Lossin
 <lossin@...nel.org>, Andreas Hindborg <a.hindborg@...nel.org>, Trevor Gross
 <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>,
 linux-mm@...ck.org, rust-for-linux@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] rust: page: Simplify overflow check using
 checked_add()

On Tue, 23 Dec 2025 12:06:17 +0200
Kari Argillander <kari.argillander@...il.com> wrote:

> Replace the explicit bounds comparisons with a single checked_add()-based
> range check. This avoids redundant comparisons, makes the overflow case
> explicit, and results in simpler generated code (checked with godbolt
> for x86).
> 
> No functional change intended.
> 
> Reviewed-by: Dirk Behme <dirk.behme@...bosch.com>
> Reviewed-by: Alexandre Courbot <acourbot@...dia.com>
> Signed-off-by: Kari Argillander <kari.argillander@...il.com>
> ---
> Changes in v2:
> - Added MSVR todo (Dirk Behme)
> - Link to v1: https://lore.kernel.org/r/20251219-rust-page-check-v1-1-df2e52fa3bd5@gmail.com
> ---
>  rust/kernel/page.rs | 19 +++++++++----------
>  1 file changed, 9 insertions(+), 10 deletions(-)
> 
> diff --git a/rust/kernel/page.rs b/rust/kernel/page.rs
> index 432fc0297d4a..cd2af7e4c357 100644
> --- a/rust/kernel/page.rs
> +++ b/rust/kernel/page.rs
> @@ -239,17 +239,16 @@ fn with_pointer_into_page<T>(
>          len: usize,
>          f: impl FnOnce(*mut u8) -> Result<T>,
>      ) -> Result<T> {
> -        let bounds_ok = off <= PAGE_SIZE && len <= PAGE_SIZE && (off + len) <= PAGE_SIZE;
> -
> -        if bounds_ok {
> -            self.with_page_mapped(move |page_addr| {
> -                // SAFETY: The `off` integer is at most `PAGE_SIZE`, so this pointer offset will
> -                // result in a pointer that is in bounds or one off the end of the page.
> -                f(unsafe { page_addr.add(off) })
> -            })
> -        } else {
> -            Err(EINVAL)
> +        // TODO: Replace `map_or` with `is_none_or` once the MSRV is >= 1.82.

I was about to suggest just enable the feature gate, but turns out it was
only added in 1.81. That's a fast one to stabilize!

Reviewed-by: Gary Guo <gary@...yguo.net>

Best,
Gary

> +        if off.checked_add(len).map_or(true, |end| end > PAGE_SIZE) {
> +            return Err(EINVAL);
>          }
> +
> +        self.with_page_mapped(move |page_addr| {
> +            // SAFETY: The `off` integer is at most `PAGE_SIZE`, so this pointer offset will
> +            // result in a pointer that is in bounds or one off the end of the page.
> +            f(unsafe { page_addr.add(off) })
> +        })
>      }
>  
>      /// Maps the page and reads from it into the given buffer.
> 
> ---
> base-commit: cc3aa43b44bdb43dfbac0fcb51c56594a11338a8
> change-id: 20251219-rust-page-check-819ccc39c53a
> 
> Best regards,

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ