copy_file_range: Fix overlap checking
Needs ReviewPublic
Actions

Authored by markj on Sat, Apr 5, 4:40 PM.

Details

Reviewers

rmacklem
kib

Summary

The check for range overlap did not correctly handle negative offests,
as the addition inoff + len is promoted to an unsigned type. Moreover,
the range-locking code did not check for overflow.

Add some checks to make sure the ranges are valid. vn_copy_file_range()
has weaker checks: it also returns an error for a negative offset, but
overflow results in the copy length being truncated. Is this behaviour
required for compatibility with Linux?

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 63340
Build 60224: arc lint + arc unit

Event Timeline

markj created this revision.Sat, Apr 5, 4:40 PM

Herald added subscribers: olce, imp. · View Herald TranscriptSat, Apr 5, 4:40 PM

markj requested review of this revision.Sat, Apr 5, 4:40 PM

Harbormaster completed remote builds in B63336: Diff 153178.Sat, Apr 5, 4:40 PM

rmacklem added inline comments.Sat, Apr 5, 4:57 PM

sys/kern/vfs_syscalls.c
5090	The "len" argument is often just SSIZE_MAX to copy to EOF on the input file, so I think truncation of "off + len" to OFF_MAX (or whatever it is called?) when it overflows is correct.

Truncate lengths rather than returning an error.

Harbormaster completed remote builds in B63340: Diff 153183.Sat, Apr 5, 8:46 PM

markj marked an inline comment as done.Sat, Apr 5, 8:46 PM

rmacklem added inline comments.Sat, Apr 5, 9:08 PM

sys/kern/vfs_syscalls.c
5090	I think this is ok. However, rangelocking should handle the full uint64_t file size, I think? (The argument is vm_ooffset_t, which appears to be uint64_t.) If so, since len is already clipped to SSIZE_MAX above here in the code, this clipping should not be needed, I think?

Revision Contents
Changeset List

Path

Size

sys/

kern/

vfs_syscalls.c

12 lines

Diff 153183

View Options

copy_file_range: Fix overlap checkingNeeds ReviewPublicActions