Re: [PATCH v3 1/3] overflow.h: Add arithmetic shift helper

From: Kees Cook
Date: Wed Aug 01 2018 - 14:44:27 EST


On Wed, Aug 1, 2018 at 9:28 AM, Randy Dunlap <rdunlap@xxxxxxxxxxxxx> wrote:
> On 07/31/2018 11:09 PM, Kees Cook wrote:
>> From: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
>>
>> Add shift_overflow() helper to assist driver authors in ensuring that
>> shift operations don't cause overflows or other odd conditions.
>>
>> Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
>> Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx>
>> [kees: tweaked comments and commit log, dropped unneeded assignment]
>> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
>> ---
>> include/linux/overflow.h | 31 +++++++++++++++++++++++++++++++
>> 1 file changed, 31 insertions(+)
>>
>> diff --git a/include/linux/overflow.h b/include/linux/overflow.h
>> index 8712ff70995f..69fc366ce865 100644
>> --- a/include/linux/overflow.h
>> +++ b/include/linux/overflow.h
>> @@ -202,6 +202,37 @@
>>
>> #endif /* COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW */
>>
>> +/** check_shift_overflow() - Calculate a left-shifted value and check overflow
>> + *
>> + * @a: Value to be shifted
>> + * @b: How many bits left to shift
>> + * @d: Pointer to where to store the result
>> + *
>> + * Computes *@d = (@a << @s)
>> + *
>
> missed @b [again]

Heh, thanks. It's fixed on disk, but... I failed to merge it into the
patch. Anyway, I'll spin this one more time with s/shift/shl/ and this
fixed.

-Kees

--
Kees Cook
Pixel Security