thr3ads.net - Virtualization - [PATCH 2/2] vhost: Fix the calculation in vhost

If this information is useful, please help other people find it:
Share via:

Jason Wang

2021-Jul-19 03:30 UTC

[PATCH 2/2] vhost: Fix the calculation in vhost_overflow()

? 2021/7/16 ??6:22, Xie Yongji ??:> This fixes the incorrect calculation for integer overflow
> when the last address of iova range is 0xffffffff.
>
> Fixes: ec33d031a14b ("vhost: detect 32 bit integer wrap around?)
> Reported-by: Jason Wang <jasowang at redhat.com>
> Signed-off-by: Xie Yongji <xieyongji at bytedance.com>
> ---
>   drivers/vhost/vhost.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> index b9e853e6094d..a9fd1b311d2f 100644
> --- a/drivers/vhost/vhost.c
> +++ b/drivers/vhost/vhost.c
> @@ -738,7 +738,8 @@ static bool log_access_ok(void __user *log_base, u64
addr, unsigned long sz)
>   static bool vhost_overflow(u64 uaddr, u64 size)
>   {
>   	/* Make sure 64 bit math will not overflow. */
> -	return uaddr > ULONG_MAX || size > ULONG_MAX || uaddr >
ULONG_MAX - size;
> +	return uaddr > ULONG_MAX || size > ULONG_MAX ||
> +	       uaddr - 1 > ULONG_MAX - size;
>   }

Acked-by: Jason Wang <jasowang at redhat.com>

>   
>   /* Caller should have vq mutex and device mutex. */

Virtualization - Jul 2021 - [PATCH 2/2] vhost: Fix the calculation in vhost_overflow()

[PATCH 2/2] vhost: Fix the calculation in vhost_overflow()