Commit 29da93fe authored by Peter Zijlstra's avatar Peter Zijlstra Committed by Ingo Molnar
Browse files

mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions 



Randy reported objtool triggered on his (GCC-7.4) build:

  lib/strncpy_from_user.o: warning: objtool: strncpy_from_user()+0x315: call to __ubsan_handle_add_overflow() with UACCESS enabled
  lib/strnlen_user.o: warning: objtool: strnlen_user()+0x337: call to __ubsan_handle_sub_overflow() with UACCESS enabled

This is due to UBSAN generating signed-overflow-UB warnings where it
should not. Prior to GCC-8 UBSAN ignored -fwrapv (which the kernel
uses through -fno-strict-overflow).

Make the functions use 'unsigned long' throughout.

Reported-by: default avatarRandy Dunlap <rdunlap@infradead.org>
Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org> # build-tested
Acked-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: luto@kernel.org
Link: http://lkml.kernel.org/r/20190424072208.754094071@infradead.org


Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parent 6ae86561

lib/strncpy_from_user.c

+3 −2
Original line number Diff line number Diff line
@@ -23,10 +23,11 @@ 
 * hit it), 'max' is the address space maximum (and we return

 * -EFAULT if we hit it).

 */

static inline long do_strncpy_from_user(char *dst, const char __user *src, long count, unsigned long max)

static inline long do_strncpy_from_user(char *dst, const char __user *src,

					unsigned long count, unsigned long max)

{

	const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;

	long res = 0;

	unsigned long res = 0;



	/*

	 * Truncate 'max' to the user-specified limit, so that

lib/strnlen_user.c

+2 −2
Original line number Diff line number Diff line
@@ -28,7 +28,7 @@ 
static inline long do_strnlen_user(const char __user *src, unsigned long count, unsigned long max)

{

	const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;

	long align, res = 0;

	unsigned long align, res = 0;

	unsigned long c;



	/*
@@ -42,7 +42,7 @@ static inline long do_strnlen_user(const char __user *src, unsigned long count, 
	 * Do everything aligned. But that means that we

	 * need to also expand the maximum..

	 */

	align = (sizeof(long) - 1) & (unsigned long)src;

	align = (sizeof(unsigned long) - 1) & (unsigned long)src;

	src -= align;

	max += align;

CRA Git | Maintained and supported by SUSTech CRA and CCSE