Re: [PATCH 1/4] bitmap: Modify bitmap_set_value() to check bitmap length

From: William Breathitt Gray
Date: Fri Nov 20 2020 - 12:59:35 EST


On Fri, Nov 20, 2020 at 11:14:16PM +0530, Syed Nayyar Waris wrote:
> Add explicit check to see if the value being written into the bitmap
> does not fall outside the bitmap.
> The situation that it is falling outside would never be possible in the
> code because the boundaries are required to be correct before the function
> is called. The responsibility is on the caller for ensuring the boundaries
> are correct.
> This is just to suppress the GCC -Wtype-limits warnings.

Hi Syed,

This commit message sounds a bit strange without the context of our
earlier discussion thread. Would you be able to reword the commit
message to explain the motivation for using __builtin_unreachable()?

Thanks,

William Breathitt Gray

>
> Cc: Arnd Bergmann <arnd@xxxxxxxx>
> Signed-off-by: Syed Nayyar Waris <syednwaris@xxxxxxxxx>
> Acked-by: William Breathitt Gray <vilhelm.gray@xxxxxxxxx>
> ---
> include/linux/bitmap.h | 35 +++++++++++++++++++++--------------
> 1 file changed, 21 insertions(+), 14 deletions(-)
>
> diff --git a/include/linux/bitmap.h b/include/linux/bitmap.h
> index 386d08777342..efb6199ea1e7 100644
> --- a/include/linux/bitmap.h
> +++ b/include/linux/bitmap.h
> @@ -78,8 +78,9 @@
> * bitmap_get_value(map, start, nbits) Get bit value of size
> * 'nbits' from map at start
> * bitmap_set_value8(map, value, start) Set 8bit value to map at start
> - * bitmap_set_value(map, value, start, nbits) Set bit value of size 'nbits'
> - * of map at start
> + * bitmap_set_value(map, nbits, value, value_width, start)
> + * Set bit value of size value_width
> + * to map at start
> *
> * Note, bitmap_zero() and bitmap_fill() operate over the region of
> * unsigned longs, that is, bits behind bitmap till the unsigned long
> @@ -610,30 +611,36 @@ static inline void bitmap_set_value8(unsigned long *map, unsigned long value,
> }
>
> /**
> - * bitmap_set_value - set n-bit value within a memory region
> + * bitmap_set_value - set value within a memory region
> * @map: address to the bitmap memory region
> - * @value: value of nbits
> - * @start: bit offset of the n-bit value
> - * @nbits: size of value in bits (must be between 1 and BITS_PER_LONG inclusive).
> + * @nbits: size of map in bits
> + * @value: value of clump
> + * @value_width: size of value in bits (must be between 1 and BITS_PER_LONG inclusive)
> + * @start: bit offset of the value
> */
> -static inline void bitmap_set_value(unsigned long *map,
> - unsigned long value,
> - unsigned long start, unsigned long nbits)
> +static inline void bitmap_set_value(unsigned long *map, unsigned long nbits,
> + unsigned long value, unsigned long value_width,
> + unsigned long start)
> {
> - const size_t index = BIT_WORD(start);
> + const unsigned long index = BIT_WORD(start);
> + const unsigned long length = BIT_WORD(nbits);
> const unsigned long offset = start % BITS_PER_LONG;
> const unsigned long ceiling = round_up(start + 1, BITS_PER_LONG);
> const unsigned long space = ceiling - start;
>
> - value &= GENMASK(nbits - 1, 0);
> + value &= GENMASK(value_width - 1, 0);
>
> - if (space >= nbits) {
> - map[index] &= ~(GENMASK(nbits - 1, 0) << offset);
> + if (space >= value_width) {
> + map[index] &= ~(GENMASK(value_width - 1, 0) << offset);
> map[index] |= value << offset;
> } else {
> map[index + 0] &= ~BITMAP_FIRST_WORD_MASK(start);
> map[index + 0] |= value << offset;
> - map[index + 1] &= ~BITMAP_LAST_WORD_MASK(start + nbits);
> +
> + if (index + 1 >= length)
> + __builtin_unreachable();
> +
> + map[index + 1] &= ~BITMAP_LAST_WORD_MASK(start + value_width);
> map[index + 1] |= value >> space;
> }
> }
> --
> 2.29.0
>

Attachment: signature.asc
Description: PGP signature