Re: [PATCH] vfio: fix VFIO_IOMMU_UNMAP_DMA when end of range would overflow u64

Next message: Florian Eckert: "Re: [PATCH v2] serial: 8250_pcilib: Replace deprecated PCI functions"
Previous message: Guenter Roeck: "Re: [PATCH 2/3] watchdog: aspeed: Support variable number of reset mask registers"
In reply to: Jason Gunthorpe: "Re: [PATCH] vfio: fix VFIO_IOMMU_UNMAP_DMA when end of range would overflow u64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alejandro Jimenez

Date: Tue Oct 07 2025 - 10:47:07 EST

On 10/7/25 7:48 AM, Jason Gunthorpe wrote:

On Mon, Oct 06, 2025 at 09:23:56PM -0400, Alejandro Jimenez wrote:

I mentioned this issue on the cover letter for:
https://lore.kernel.org/qemu-devel/20250919213515.917111-1-alejandro.j.jimenez@xxxxxxxxxx/

Use iommufd for this kind of work?

ACK, need to test with iommufd as well.

I mentioned in the notes for the patch above why I chose a slightly more
complex method than the '- 1' approach, since there is a chance that
iova+size could also go beyond the end of the address space and actually
wrap around.

At the uapi boundary it should check that size != 0 and
!check_add_overflow(iova+size). It is much easier to understand if the
input from userspace is validated immediately at userspace.

Then the rest of the code safely computes the last with 'iova+size-1'
and does range logic based on last not end.

Makes sense, just thought adding overflow detection/resiliency in the rest of the code is not that complex and provides an additional safety.

Thank you,
Alejandro

Jason