[PATCH] ipc/msg: avoid negative value by overflow in msginfo

From: Jiebin Sun
Date: Tue Sep 20 2022 - 02:49:00 EST

Next message: cgel . zte: "[PATCH linux-next] drm/vmwgfx: Remove the unneeded result variable"
Previous message: cgel . zte: "[PATCH linux-next] crypto: octeontx2 - Remove the unneeded result variable"
In reply to: Sun, Jiebin: "Re: [PATCH v6 2/2] ipc/msg: mitigate the lock contention with percpu counter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The 32-bit value in msginfo struct could be negative if we get it
from signed 64-bit. Clamping it to INT_MAX helps to avoid the
negative value by overflow.

Signed-off-by: Jiebin Sun <jiebin.sun@xxxxxxxxx>
Reviewed-by: Manfred Spraul <manfred@xxxxxxxxxxxxxxx>
Reviewed-by: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
---
ipc/msg.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ipc/msg.c b/ipc/msg.c
index f2bb4c193ecf..65f437e28c9b 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -501,8 +501,8 @@ static int msgctl_info(struct ipc_namespace *ns, int msqid,
max_idx = ipc_get_maxidx(&msg_ids(ns));
up_read(&msg_ids(ns).rwsem);
if (cmd == MSG_INFO) {
- msginfo->msgmap = percpu_counter_sum(&ns->percpu_msg_hdrs);
- msginfo->msgtql = percpu_counter_sum(&ns->percpu_msg_bytes);
+ msginfo->msgmap = min(percpu_counter_sum(&ns->percpu_msg_hdrs), INT_MAX);
+ msginfo->msgtql = min(percpu_counter_sum(&ns->percpu_msg_bytes), INT_MAX);
} else {
msginfo->msgmap = MSGMAP;
msginfo->msgpool = MSGPOOL;
--
2.31.1

Next message: cgel . zte: "[PATCH linux-next] drm/vmwgfx: Remove the unneeded result variable"
Previous message: cgel . zte: "[PATCH linux-next] crypto: octeontx2 - Remove the unneeded result variable"
In reply to: Sun, Jiebin: "Re: [PATCH v6 2/2] ipc/msg: mitigate the lock contention with percpu counter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]