On Fri, Jul 04, 2025 at 10:26:02AM -0300, Jason Gunthorpe wrote:
/* DIV_ROUND_UP(offset + cmd->length, PAGE_SIZE) */ if (check_add_overflow(offset, cmd->length, &length)) return -ERANGE; if (check_add_overflow(length, PAGE_SIZE-1, &length)) return -ERANGE; if (length > SIZE_MAX) return -ERANGE; max_npages = length / PAGE_SIZE;
Actually I see now that overflow.h supports mixed types, so this can be simplified:
size_t max_npages; size_t length; u64 offset; size_t i;
offset = cmd->nesting_parent_iova - PAGE_ALIGN(cmd->nesting_parent_iova);
/* DIV_ROUND_UP(offset + cmd->length, PAGE_SIZE) */ if (check_add_overflow(offset, cmd->length, &length)) return -ERANGE; if (check_add_overflow(length, PAGE_SIZE-1, &length)) return -ERANGE; max_npages = length / PAGE_SIZE;
Then the kcvalloc takes in size_t:
kvmalloc_array_node_noprof(size_t n, size_t size, gfp_t flags, int node)
So there is no silent cast and truncation.
Jason