fs/btrfs/qgroup.c | 3 --- 1 file changed, 3 deletions(-)
This check "if (inherit->num_qgroups > PAGE_SIZE)" is confusing and
unnecessary.
The problem with the check is that static checkers flag it as a
potential mixup of between units of bytes vs number of elements.
Fortunately, the check can safely be deleted because the next check is
correct and applies an even stricter limit:
if (size != struct_size(inherit, qgroups, inherit->num_qgroups))
return -EINVAL;
The "inherit" struct ends in a variable array of __u64 and
"inherit->num_qgroups" is the number of elements in the array. At the
start of the function we check that:
if (size < sizeof(*inherit) || size > PAGE_SIZE)
return -EINVAL;
Thus, since we verify that the whole struct fits within one page, that
means that the number of elements in the inherit->qgroups[] array must
be less than PAGE_SIZE.
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
fs/btrfs/qgroup.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c
index 5f90f0605b12..a8197e25192c 100644
--- a/fs/btrfs/qgroup.c
+++ b/fs/btrfs/qgroup.c
@@ -3067,9 +3067,6 @@ int btrfs_qgroup_check_inherit(struct btrfs_fs_info *fs_info,
if (inherit->num_ref_copies > 0 || inherit->num_excl_copies > 0)
return -EINVAL;
- if (inherit->num_qgroups > PAGE_SIZE)
- return -EINVAL;
-
if (size != struct_size(inherit, qgroups, inherit->num_qgroups))
return -EINVAL;
--
2.43.0On Thu, Mar 07, 2024 at 05:53:47PM +0300, Dan Carpenter wrote: > This check "if (inherit->num_qgroups > PAGE_SIZE)" is confusing and > unnecessary. > > The problem with the check is that static checkers flag it as a > potential mixup of between units of bytes vs number of elements. > Fortunately, the check can safely be deleted because the next check is > correct and applies an even stricter limit: > > if (size != struct_size(inherit, qgroups, inherit->num_qgroups)) > return -EINVAL; > > The "inherit" struct ends in a variable array of __u64 and > "inherit->num_qgroups" is the number of elements in the array. At the > start of the function we check that: > > if (size < sizeof(*inherit) || size > PAGE_SIZE) > return -EINVAL; > > Thus, since we verify that the whole struct fits within one page, that > means that the number of elements in the inherit->qgroups[] array must > be less than PAGE_SIZE. > > Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Added to for-next, thanks.
在 2024/3/8 01:23, Dan Carpenter 写道: > This check "if (inherit->num_qgroups > PAGE_SIZE)" is confusing and > unnecessary. > > The problem with the check is that static checkers flag it as a > potential mixup of between units of bytes vs number of elements. > Fortunately, the check can safely be deleted because the next check is > correct and applies an even stricter limit: > > if (size != struct_size(inherit, qgroups, inherit->num_qgroups)) > return -EINVAL; > > The "inherit" struct ends in a variable array of __u64 and > "inherit->num_qgroups" is the number of elements in the array. At the > start of the function we check that: > > if (size < sizeof(*inherit) || size > PAGE_SIZE) > return -EINVAL; > > Thus, since we verify that the whole struct fits within one page, that > means that the number of elements in the inherit->qgroups[] array must > be less than PAGE_SIZE. > > Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Reviewed-by: Qu Wenruo <wqu@suse.com> I'm not 100% sure about the original code either, thanks for confirming the existing one has no effect and can be removed. Thanks, Qu > --- > fs/btrfs/qgroup.c | 3 --- > 1 file changed, 3 deletions(-) > > diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c > index 5f90f0605b12..a8197e25192c 100644 > --- a/fs/btrfs/qgroup.c > +++ b/fs/btrfs/qgroup.c > @@ -3067,9 +3067,6 @@ int btrfs_qgroup_check_inherit(struct btrfs_fs_info *fs_info, > if (inherit->num_ref_copies > 0 || inherit->num_excl_copies > 0) > return -EINVAL; > > - if (inherit->num_qgroups > PAGE_SIZE) > - return -EINVAL; > - > if (size != struct_size(inherit, qgroups, inherit->num_qgroups)) > return -EINVAL; >
© 2016 - 2025 Red Hat, Inc.