[PATCH 1/4] bitmap: Modify bitmap_set_value() to check bitmap length

From: Syed Nayyar Waris
Date: Fri Nov 20 2020 - 12:44:33 EST


Add explicit check to see if the value being written into the bitmap
does not fall outside the bitmap.
The situation that it is falling outside would never be possible in the
code because the boundaries are required to be correct before the function
is called. The responsibility is on the caller for ensuring the boundaries
are correct.
This is just to suppress the GCC -Wtype-limits warnings.

Cc: Arnd Bergmann <arnd@xxxxxxxx>
Signed-off-by: Syed Nayyar Waris <syednwaris@xxxxxxxxx>
Acked-by: William Breathitt Gray <vilhelm.gray@xxxxxxxxx>
---
include/linux/bitmap.h | 35 +++++++++++++++++++++--------------
1 file changed, 21 insertions(+), 14 deletions(-)

diff --git a/include/linux/bitmap.h b/include/linux/bitmap.h
index 386d08777342..efb6199ea1e7 100644
--- a/include/linux/bitmap.h
+++ b/include/linux/bitmap.h
@@ -78,8 +78,9 @@
* bitmap_get_value(map, start, nbits) Get bit value of size
* 'nbits' from map at start
* bitmap_set_value8(map, value, start) Set 8bit value to map at start
- * bitmap_set_value(map, value, start, nbits) Set bit value of size 'nbits'
- * of map at start
+ * bitmap_set_value(map, nbits, value, value_width, start)
+ * Set bit value of size value_width
+ * to map at start
*
* Note, bitmap_zero() and bitmap_fill() operate over the region of
* unsigned longs, that is, bits behind bitmap till the unsigned long
@@ -610,30 +611,36 @@ static inline void bitmap_set_value8(unsigned long *map, unsigned long value,
}

/**
- * bitmap_set_value - set n-bit value within a memory region
+ * bitmap_set_value - set value within a memory region
* @map: address to the bitmap memory region
- * @value: value of nbits
- * @start: bit offset of the n-bit value
- * @nbits: size of value in bits (must be between 1 and BITS_PER_LONG inclusive).
+ * @nbits: size of map in bits
+ * @value: value of clump
+ * @value_width: size of value in bits (must be between 1 and BITS_PER_LONG inclusive)
+ * @start: bit offset of the value
*/
-static inline void bitmap_set_value(unsigned long *map,
- unsigned long value,
- unsigned long start, unsigned long nbits)
+static inline void bitmap_set_value(unsigned long *map, unsigned long nbits,
+ unsigned long value, unsigned long value_width,
+ unsigned long start)
{
- const size_t index = BIT_WORD(start);
+ const unsigned long index = BIT_WORD(start);
+ const unsigned long length = BIT_WORD(nbits);
const unsigned long offset = start % BITS_PER_LONG;
const unsigned long ceiling = round_up(start + 1, BITS_PER_LONG);
const unsigned long space = ceiling - start;

- value &= GENMASK(nbits - 1, 0);
+ value &= GENMASK(value_width - 1, 0);

- if (space >= nbits) {
- map[index] &= ~(GENMASK(nbits - 1, 0) << offset);
+ if (space >= value_width) {
+ map[index] &= ~(GENMASK(value_width - 1, 0) << offset);
map[index] |= value << offset;
} else {
map[index + 0] &= ~BITMAP_FIRST_WORD_MASK(start);
map[index + 0] |= value << offset;
- map[index + 1] &= ~BITMAP_LAST_WORD_MASK(start + nbits);
+
+ if (index + 1 >= length)
+ __builtin_unreachable();
+
+ map[index + 1] &= ~BITMAP_LAST_WORD_MASK(start + value_width);
map[index + 1] |= value >> space;
}
}
--
2.29.0