Re: [PATCH -next v2] nbd: add the check to prevent overflow in __nbd_ioctl()
From: kernel test robot
Date: Mon Aug 02 2021 - 06:36:08 EST
Hi Baokun,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on next-20210730]
url: https://github.com/0day-ci/linux/commits/Baokun-Li/nbd-add-the-check-to-prevent-overflow-in-__nbd_ioctl/20210802-154727
base: 8d4b477da1a807199ca60e0829357ce7aa6758d5
config: s390-randconfig-r004-20210802 (attached as .config)
compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 4f71f59bf3d9914188a11d0c41bedbb339d36ff5)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install s390 cross compiling tool for clang build
# apt-get install binutils-s390x-linux-gnu
# https://github.com/0day-ci/linux/commit/db848e3e79fb93dcba9390dda472184ab2d31f40
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Baokun-Li/nbd-add-the-check-to-prevent-overflow-in-__nbd_ioctl/20210802-154727
git checkout db848e3e79fb93dcba9390dda472184ab2d31f40
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=s390
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>
All warnings (new ones prefixed by >>):
>> drivers/block/nbd.c:1402:16: warning: comparison of distinct pointer types ('typeof (arg) *' (aka 'unsigned long *') and 'typeof (config->blksize) *' (aka 'long long *')) [-Wcompare-distinct-pointer-types]
if (unlikely(check_mul_overflow(arg, config->blksize,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/overflow.h:88:15: note: expanded from macro 'check_mul_overflow'
(void) (&__a == &__b); \
~~~~ ^ ~~~~
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
>> drivers/block/nbd.c:1402:16: warning: comparison of distinct pointer types ('typeof (arg) *' (aka 'unsigned long *') and 'typeof (&bytesize)' (aka 'long long *')) [-Wcompare-distinct-pointer-types]
if (unlikely(check_mul_overflow(arg, config->blksize,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/overflow.h:89:15: note: expanded from macro 'check_mul_overflow'
(void) (&__a == __d); \
~~~~ ^ ~~~
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
2 warnings generated.
vim +1402 drivers/block/nbd.c
1381
1382 /* Must be called with config_lock held */
1383 static int __nbd_ioctl(struct block_device *bdev, struct nbd_device *nbd,
1384 unsigned int cmd, unsigned long arg)
1385 {
1386 struct nbd_config *config = nbd->config;
1387 loff_t bytesize;
1388
1389 switch (cmd) {
1390 case NBD_DISCONNECT:
1391 return nbd_disconnect(nbd);
1392 case NBD_CLEAR_SOCK:
1393 nbd_clear_sock_ioctl(nbd, bdev);
1394 return 0;
1395 case NBD_SET_SOCK:
1396 return nbd_add_socket(nbd, arg, false);
1397 case NBD_SET_BLKSIZE:
1398 return nbd_set_size(nbd, config->bytesize, arg);
1399 case NBD_SET_SIZE:
1400 return nbd_set_size(nbd, arg, config->blksize);
1401 case NBD_SET_SIZE_BLOCKS:
> 1402 if (unlikely(check_mul_overflow(arg, config->blksize,
1403 &bytesize)))
1404 return -EINVAL;
1405 return nbd_set_size(nbd, bytesize, config->blksize);
1406 case NBD_SET_TIMEOUT:
1407 nbd_set_cmd_timeout(nbd, arg);
1408 return 0;
1409
1410 case NBD_SET_FLAGS:
1411 config->flags = arg;
1412 return 0;
1413 case NBD_DO_IT:
1414 return nbd_start_device_ioctl(nbd, bdev);
1415 case NBD_CLEAR_QUE:
1416 /*
1417 * This is for compatibility only. The queue is always cleared
1418 * by NBD_DO_IT or NBD_CLEAR_SOCK.
1419 */
1420 return 0;
1421 case NBD_PRINT_DEBUG:
1422 /*
1423 * For compatibility only, we no longer keep a list of
1424 * outstanding requests.
1425 */
1426 return 0;
1427 }
1428 return -ENOTTY;
1429 }
1430
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx
Attachment:
.config.gz
Description: application/gzip