Page MenuHomeFreeBSD

vop_stdadvise(): restore correct handling of length == 0
ClosedPublic

Authored by kib on Sep 3 2024, 4:27 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Nov 8, 10:23 PM
Unknown Object (File)
Thu, Nov 7, 10:36 PM
Unknown Object (File)
Tue, Oct 29, 1:59 PM
Unknown Object (File)
Fri, Oct 25, 1:58 PM
Unknown Object (File)
Thu, Oct 24, 8:14 PM
Unknown Object (File)
Thu, Oct 24, 2:17 AM
Unknown Object (File)
Wed, Oct 23, 11:28 PM
Unknown Object (File)
Oct 10 2024, 11:27 AM
Subscribers

Details

Summary
Switch to unsigned arithmetic to handle overflow not relying on -fwrap,
and specially treat the case of length == 0 from posix_fadvise() which
passes OFF_MAX as the end to VOP.  There, roundup() overflows and -fwrap
causes bend and endn become negative.  Clamp them at OFF_MAX/bsize
instead.

Also remove locals with single use, and move calculations from under bo
lock.

Reported by:    tmunro

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib requested review of this revision.Sep 3 2024, 4:27 AM
markj added inline comments.
sys/kern/vfs_default.c
1122
This revision is now accepted and ready to land.Sep 3 2024, 12:53 PM
kib marked an inline comment as done.Sep 3 2024, 9:34 PM
sys/kern/vfs_default.c
1119

I don't think we need this "Restore length" hunk. The round_page() call always just adds one to OFF_MAX (0x7fffffffffffffff -> 0x8000000000000000), so the change to uintmax_t is enough to make the existing endn = bend / bsize produce a correct positive answer.

kib marked an inline comment as done.

clamp is not needed

This revision now requires review to proceed.Sep 4 2024, 7:35 AM
This revision is now accepted and ready to land.Sep 4 2024, 11:00 PM