From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A72BAC48BDF for ; Tue, 15 Jun 2021 11:35:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8C84361455 for ; Tue, 15 Jun 2021 11:35:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229939AbhFOLh6 (ORCPT ); Tue, 15 Jun 2021 07:37:58 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:56986 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229869AbhFOLh6 (ORCPT ); Tue, 15 Jun 2021 07:37:58 -0400 Received: from 1.general.cking.uk.vpn ([10.172.193.212]) by youngberry.canonical.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1lt7MG-0007BD-Ml; Tue, 15 Jun 2021 11:35:52 +0000 Subject: Re: [PATCH][next] io_uring: Fix incorrect sizeof operator for copy_from_user call To: Pavel Begunkov , Jens Axboe , io-uring@vger.kernel.org Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org References: <20210615104541.50529-1-colin.king@canonical.com> <3dcc6900-8361-d52c-003d-21318aa80156@canonical.com> From: Colin Ian King Message-ID: <067e8830-f6ec-612a-2c8a-8da459f659d1@canonical.com> Date: Tue, 15 Jun 2021 12:35:52 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: io-uring@vger.kernel.org On 15/06/2021 12:30, Pavel Begunkov wrote: > On 6/15/21 11:47 AM, Colin Ian King wrote: >> On 15/06/2021 11:45, Colin King wrote: >>> From: Colin Ian King >>> >>> Static analysis is warning that the sizeof being used is should be >>> of *data->tags[i] and not data->tags[i]. Although these are the same >>> size on 64 bit systems it is not a portable assumption to assume >>> this is true for all cases. >>> >>> Addresses-Coverity: ("Sizeof not portable") >>> Fixes: d878c81610e1 ("io_uring: hide rsrc tag copy into generic helpers") >>> Signed-off-by: Colin Ian King >>> --- >>> fs/io_uring.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/fs/io_uring.c b/fs/io_uring.c >>> index d665c9419ad3..6b1a70449749 100644 >>> --- a/fs/io_uring.c >>> +++ b/fs/io_uring.c >>> @@ -7231,7 +7231,7 @@ static int io_rsrc_data_alloc(struct io_ring_ctx *ctx, rsrc_put_fn *do_put, >>> ret = -EFAULT; >>> for (i = 0; i < nr; i++) { >>> if (copy_from_user(io_get_tag_slot(data, i), &utags[i], >>> - sizeof(data->tags[i]))) >>> + sizeof(*data->tags[i]))) >>> goto fail; >>> } >>> } >>> > > Yep, thanks Colin. I think `sizeof(io_get_tag_slot(data, i))` > would be less confusing. Or > > u64 *tag_slot = io_get_tag_slot(data, i); > copy_from_user(tag_slot, ..., sizeof(*tag_slot)); > BTW, Coverity is complaining about: 7220 return -ENOMEM; Wrong sizeof argument (SIZEOF_MISMATCH) suspicious_sizeof: Passing argument nr * 8UL /* sizeof (data->tags[0][0]) */ to function io_alloc_page_table and then casting the return value to u64 ** is suspicious. 7221 data->tags = (u64 **)io_alloc_page_table(nr * sizeof(data->tags[0][0])); Not sure if that's a false positive or not. This kind of indirection makes my brain melt. Colin