fs/proc/base.c | 30 ++++++++++++++++++++++-------- fs/read_write.c | 5 ----- include/linux/fs.h | 5 ++++- 3 files changed, 26 insertions(+), 14 deletions(-)
In mem_lseek, file->f_pos may overflow. And it's not a problem that
mem_open set file mode with FMODE_UNSIGNED_OFFSET(memory_lseek). However,
another file use mem_lseek do lseek can have not FMODE_UNSIGNED_OFFSET
(kpageflags_proc_ops/proc_pagemap_operations...), so in order to prevent
file->f_pos updated to an abnormal number, fix it by checking overflow and
FMODE_UNSIGNED_OFFSET.
Signed-off-by: WoZ1zh1 <wozizhi@huawei.com>
---
fs/proc/base.c | 30 ++++++++++++++++++++++--------
fs/read_write.c | 5 -----
include/linux/fs.h | 5 ++++-
3 files changed, 26 insertions(+), 14 deletions(-)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index dd31e3b6bf77..0fd986e861d9 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -903,18 +903,32 @@ static ssize_t mem_write(struct file *file, const char __user *buf,
loff_t mem_lseek(struct file *file, loff_t offset, int orig)
{
+ loff_t ret = 0;
+
+ spin_lock(&file->f_lock);
switch (orig) {
- case 0:
- file->f_pos = offset;
- break;
- case 1:
- file->f_pos += offset;
+ case SEEK_CUR:
+ offset += file->f_pos;
+ case SEEK_SET:
+ /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
+ if ((unsigned long long)offset >= -MAX_ERRNO)
+ ret = -EOVERFLOW;
break;
default:
- return -EINVAL;
+ ret = -EINVAL;
}
- force_successful_syscall_return();
- return file->f_pos;
+ if (!ret) {
+ if (offset < 0 && !(unsigned_offsets(file))) {
+ ret = -EINVAL;
+ } else {
+ file->f_pos = offset;
+ ret = file->f_pos;
+ force_successful_syscall_return();
+ }
+ }
+
+ spin_unlock(&file->f_lock);
+ return ret;
}
static int mem_release(struct inode *inode, struct file *file)
diff --git a/fs/read_write.c b/fs/read_write.c
index 4771701c896b..2f456d5a1df5 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -34,11 +34,6 @@ const struct file_operations generic_ro_fops = {
EXPORT_SYMBOL(generic_ro_fops);
-static inline bool unsigned_offsets(struct file *file)
-{
- return file->f_mode & FMODE_UNSIGNED_OFFSET;
-}
-
/**
* vfs_setpos - update the file offset for lseek
* @file: file structure in question
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 98b7a7a8c42e..dde0756d2350 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2994,7 +2994,10 @@ extern ssize_t iter_file_splice_write(struct pipe_inode_info *,
extern long do_splice_direct(struct file *in, loff_t *ppos, struct file *out,
loff_t *opos, size_t len, unsigned int flags);
-
+static inline bool unsigned_offsets(struct file *file)
+{
+ return file->f_mode & FMODE_UNSIGNED_OFFSET;
+}
extern void
file_ra_state_init(struct file_ra_state *ra, struct address_space *mapping);
extern loff_t noop_llseek(struct file *file, loff_t offset, int whence);
--
2.39.2Hi WoZ1zh1,
kernel test robot noticed the following build warnings:
[auto build test WARNING on next-20231108]
url: https://github.com/intel-lab-lkp/linux/commits/WoZ1zh1/proc-support-file-f_pos-checking-in-mem_lseek/20231109-103353
base: next-20231108
patch link: https://lore.kernel.org/r/20231109102658.2075547-1-wozizhi%40huawei.com
patch subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
config: um-allnoconfig (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/config)
compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project.git 4a5ac14ee968ff0ad5d2cc1ffa0299048db4c88a)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311101239.ihy4cKpf-lkp@intel.com/
All warnings (new ones prefixed by >>):
In file included from fs/proc/base.c:68:
In file included from include/linux/swap.h:9:
In file included from include/linux/memcontrol.h:13:
In file included from include/linux/cgroup.h:26:
In file included from include/linux/kernel_stat.h:9:
In file included from include/linux/interrupt.h:11:
In file included from include/linux/hardirq.h:11:
In file included from arch/um/include/asm/hardirq.h:5:
In file included from include/asm-generic/hardirq.h:17:
In file included from include/linux/irq.h:20:
In file included from include/linux/io.h:13:
In file included from arch/um/include/asm/io.h:24:
include/asm-generic/io.h:547:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
547 | val = __raw_readb(PCI_IOBASE + addr);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:560:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
560 | val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr));
| ~~~~~~~~~~ ^
include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu'
37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x))
| ^
In file included from fs/proc/base.c:68:
In file included from include/linux/swap.h:9:
In file included from include/linux/memcontrol.h:13:
In file included from include/linux/cgroup.h:26:
In file included from include/linux/kernel_stat.h:9:
In file included from include/linux/interrupt.h:11:
In file included from include/linux/hardirq.h:11:
In file included from arch/um/include/asm/hardirq.h:5:
In file included from include/asm-generic/hardirq.h:17:
In file included from include/linux/irq.h:20:
In file included from include/linux/io.h:13:
In file included from arch/um/include/asm/io.h:24:
include/asm-generic/io.h:573:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
573 | val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr));
| ~~~~~~~~~~ ^
include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu'
35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
| ^
In file included from fs/proc/base.c:68:
In file included from include/linux/swap.h:9:
In file included from include/linux/memcontrol.h:13:
In file included from include/linux/cgroup.h:26:
In file included from include/linux/kernel_stat.h:9:
In file included from include/linux/interrupt.h:11:
In file included from include/linux/hardirq.h:11:
In file included from arch/um/include/asm/hardirq.h:5:
In file included from include/asm-generic/hardirq.h:17:
In file included from include/linux/irq.h:20:
In file included from include/linux/io.h:13:
In file included from arch/um/include/asm/io.h:24:
include/asm-generic/io.h:584:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
584 | __raw_writeb(value, PCI_IOBASE + addr);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:594:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
594 | __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:604:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
604 | __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:692:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
692 | readsb(PCI_IOBASE + addr, buffer, count);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:700:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
700 | readsw(PCI_IOBASE + addr, buffer, count);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:708:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
708 | readsl(PCI_IOBASE + addr, buffer, count);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:717:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
717 | writesb(PCI_IOBASE + addr, buffer, count);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:726:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
726 | writesw(PCI_IOBASE + addr, buffer, count);
| ~~~~~~~~~~ ^
include/asm-generic/io.h:735:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
735 | writesl(PCI_IOBASE + addr, buffer, count);
| ~~~~~~~~~~ ^
>> fs/proc/base.c:912:2: warning: unannotated fall-through between switch labels [-Wimplicit-fallthrough]
912 | case SEEK_SET:
| ^
fs/proc/base.c:912:2: note: insert '__attribute__((fallthrough));' to silence this warning
912 | case SEEK_SET:
| ^
| __attribute__((fallthrough));
fs/proc/base.c:912:2: note: insert 'break;' to avoid fall-through
912 | case SEEK_SET:
| ^
| break;
13 warnings generated.
vim +912 fs/proc/base.c
903
904 loff_t mem_lseek(struct file *file, loff_t offset, int orig)
905 {
906 loff_t ret = 0;
907
908 spin_lock(&file->f_lock);
909 switch (orig) {
910 case SEEK_CUR:
911 offset += file->f_pos;
> 912 case SEEK_SET:
913 /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
914 if ((unsigned long long)offset >= -MAX_ERRNO)
915 ret = -EOVERFLOW;
916 break;
917 default:
918 ret = -EINVAL;
919 }
920 if (!ret) {
921 if (offset < 0 && !(unsigned_offsets(file))) {
922 ret = -EINVAL;
923 } else {
924 file->f_pos = offset;
925 ret = file->f_pos;
926 force_successful_syscall_return();
927 }
928 }
929
930 spin_unlock(&file->f_lock);
931 return ret;
932 }
933
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
I have missed fallthrough, and will fix it in V3.
Thanks,
Zizhi Wo
在 2023/11/10 12:34, kernel test robot 写道:
> Hi WoZ1zh1,
>
> kernel test robot noticed the following build warnings:
>
> [auto build test WARNING on next-20231108]
>
> url: https://github.com/intel-lab-lkp/linux/commits/WoZ1zh1/proc-support-file-f_pos-checking-in-mem_lseek/20231109-103353
> base: next-20231108
> patch link: https://lore.kernel.org/r/20231109102658.2075547-1-wozizhi%40huawei.com
> patch subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
> config: um-allnoconfig (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/config)
> compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project.git 4a5ac14ee968ff0ad5d2cc1ffa0299048db4c88a)
> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231110/202311101239.ihy4cKpf-lkp@intel.com/reproduce)
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@intel.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202311101239.ihy4cKpf-lkp@intel.com/
>
> All warnings (new ones prefixed by >>):
>
> In file included from fs/proc/base.c:68:
> In file included from include/linux/swap.h:9:
> In file included from include/linux/memcontrol.h:13:
> In file included from include/linux/cgroup.h:26:
> In file included from include/linux/kernel_stat.h:9:
> In file included from include/linux/interrupt.h:11:
> In file included from include/linux/hardirq.h:11:
> In file included from arch/um/include/asm/hardirq.h:5:
> In file included from include/asm-generic/hardirq.h:17:
> In file included from include/linux/irq.h:20:
> In file included from include/linux/io.h:13:
> In file included from arch/um/include/asm/io.h:24:
> include/asm-generic/io.h:547:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 547 | val = __raw_readb(PCI_IOBASE + addr);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:560:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 560 | val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr));
> | ~~~~~~~~~~ ^
> include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu'
> 37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x))
> | ^
> In file included from fs/proc/base.c:68:
> In file included from include/linux/swap.h:9:
> In file included from include/linux/memcontrol.h:13:
> In file included from include/linux/cgroup.h:26:
> In file included from include/linux/kernel_stat.h:9:
> In file included from include/linux/interrupt.h:11:
> In file included from include/linux/hardirq.h:11:
> In file included from arch/um/include/asm/hardirq.h:5:
> In file included from include/asm-generic/hardirq.h:17:
> In file included from include/linux/irq.h:20:
> In file included from include/linux/io.h:13:
> In file included from arch/um/include/asm/io.h:24:
> include/asm-generic/io.h:573:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 573 | val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr));
> | ~~~~~~~~~~ ^
> include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu'
> 35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
> | ^
> In file included from fs/proc/base.c:68:
> In file included from include/linux/swap.h:9:
> In file included from include/linux/memcontrol.h:13:
> In file included from include/linux/cgroup.h:26:
> In file included from include/linux/kernel_stat.h:9:
> In file included from include/linux/interrupt.h:11:
> In file included from include/linux/hardirq.h:11:
> In file included from arch/um/include/asm/hardirq.h:5:
> In file included from include/asm-generic/hardirq.h:17:
> In file included from include/linux/irq.h:20:
> In file included from include/linux/io.h:13:
> In file included from arch/um/include/asm/io.h:24:
> include/asm-generic/io.h:584:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 584 | __raw_writeb(value, PCI_IOBASE + addr);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:594:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 594 | __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:604:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 604 | __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:692:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 692 | readsb(PCI_IOBASE + addr, buffer, count);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:700:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 700 | readsw(PCI_IOBASE + addr, buffer, count);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:708:20: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 708 | readsl(PCI_IOBASE + addr, buffer, count);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:717:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 717 | writesb(PCI_IOBASE + addr, buffer, count);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:726:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 726 | writesw(PCI_IOBASE + addr, buffer, count);
> | ~~~~~~~~~~ ^
> include/asm-generic/io.h:735:21: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
> 735 | writesl(PCI_IOBASE + addr, buffer, count);
> | ~~~~~~~~~~ ^
>>> fs/proc/base.c:912:2: warning: unannotated fall-through between switch labels [-Wimplicit-fallthrough]
> 912 | case SEEK_SET:
> | ^
> fs/proc/base.c:912:2: note: insert '__attribute__((fallthrough));' to silence this warning
> 912 | case SEEK_SET:
> | ^
> | __attribute__((fallthrough));
> fs/proc/base.c:912:2: note: insert 'break;' to avoid fall-through
> 912 | case SEEK_SET:
> | ^
> | break;
> 13 warnings generated.
>
>
> vim +912 fs/proc/base.c
>
> 903
> 904 loff_t mem_lseek(struct file *file, loff_t offset, int orig)
> 905 {
> 906 loff_t ret = 0;
> 907
> 908 spin_lock(&file->f_lock);
> 909 switch (orig) {
> 910 case SEEK_CUR:
> 911 offset += file->f_pos;
> > 912 case SEEK_SET:
> 913 /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
> 914 if ((unsigned long long)offset >= -MAX_ERRNO)
> 915 ret = -EOVERFLOW;
> 916 break;
> 917 default:
> 918 ret = -EINVAL;
> 919 }
> 920 if (!ret) {
> 921 if (offset < 0 && !(unsigned_offsets(file))) {
> 922 ret = -EINVAL;
> 923 } else {
> 924 file->f_pos = offset;
> 925 ret = file->f_pos;
> 926 force_successful_syscall_return();
> 927 }
> 928 }
> 929
> 930 spin_unlock(&file->f_lock);
> 931 return ret;
> 932 }
> 933
>
Hi WoZ1zh1,
kernel test robot noticed the following build warnings:
[auto build test WARNING on next-20231108]
url: https://github.com/intel-lab-lkp/linux/commits/WoZ1zh1/proc-support-file-f_pos-checking-in-mem_lseek/20231109-103353
base: next-20231108
patch link: https://lore.kernel.org/r/20231109102658.2075547-1-wozizhi%40huawei.com
patch subject: [PATCH -next V2] proc: support file->f_pos checking in mem_lseek
config: arc-randconfig-001-20231109 (https://download.01.org/0day-ci/archive/20231109/202311091307.k2L6reDL-lkp@intel.com/config)
compiler: arc-elf-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231109/202311091307.k2L6reDL-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311091307.k2L6reDL-lkp@intel.com/
All warnings (new ones prefixed by >>):
fs/proc/base.c: In function 'mem_lseek':
>> fs/proc/base.c:911:24: warning: this statement may fall through [-Wimplicit-fallthrough=]
911 | offset += file->f_pos;
| ~~~~~~~^~~~~~~~~~~~~~
fs/proc/base.c:912:9: note: here
912 | case SEEK_SET:
| ^~~~
vim +911 fs/proc/base.c
903
904 loff_t mem_lseek(struct file *file, loff_t offset, int orig)
905 {
906 loff_t ret = 0;
907
908 spin_lock(&file->f_lock);
909 switch (orig) {
910 case SEEK_CUR:
> 911 offset += file->f_pos;
912 case SEEK_SET:
913 /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
914 if ((unsigned long long)offset >= -MAX_ERRNO)
915 ret = -EOVERFLOW;
916 break;
917 default:
918 ret = -EINVAL;
919 }
920 if (!ret) {
921 if (offset < 0 && !(unsigned_offsets(file))) {
922 ret = -EINVAL;
923 } else {
924 file->f_pos = offset;
925 ret = file->f_pos;
926 force_successful_syscall_return();
927 }
928 }
929
930 spin_unlock(&file->f_lock);
931 return ret;
932 }
933
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
On Thu, Nov 09, 2023 at 06:26:58PM +0800, WoZ1zh1 wrote: > In mem_lseek, file->f_pos may overflow. And it's not a problem that > mem_open set file mode with FMODE_UNSIGNED_OFFSET(memory_lseek). However, > another file use mem_lseek do lseek can have not FMODE_UNSIGNED_OFFSET > (kpageflags_proc_ops/proc_pagemap_operations...), so in order to prevent > file->f_pos updated to an abnormal number, fix it by checking overflow and > FMODE_UNSIGNED_OFFSET. Umm... Is there any reasons why all of those shouldn't get FMODE_UNSIGNED_OFFSET as well?
© 2016 - 2025 Red Hat, Inc.