From patchwork Mon Mar 22 16:02:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 406387 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A957EC433C1 for ; Mon, 22 Mar 2021 16:04:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 78FDE619A9 for ; Mon, 22 Mar 2021 16:04:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231174AbhCVQD7 (ORCPT ); Mon, 22 Mar 2021 12:03:59 -0400 Received: from mail.kernel.org ([198.145.29.99]:52014 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231493AbhCVQDj (ORCPT ); Mon, 22 Mar 2021 12:03:39 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id BA0F66199E; Mon, 22 Mar 2021 16:03:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1616429019; bh=by6x6Rsrr+/5kT7BQ0fn/CIy488q3HO6uAtxXzMMlIk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=O6Jy+HmUTikJ1x1bJ304Vrp1sBfWbLm1PtId9ZJsKafzCLMEYQU//L/uQ5NyHGzrh RhBcv0KcZohevaQjWtq/m2PyDxHXZ6oO/xPHdEAeZN27qebnzt5Wg4fhtjqGJK48VY UL94XPmfJWp5a2JWF1yBFnnQqkdteTxWc08FTIpJX/wa6/CiiShyqAZe7XpjIeOmzt cO/lp91PJ7K5iDRKpXJ1LzXMgwxLeTNc1hWrW+Oj2cHQ8M1FuYfEUnJHvIMPGvZ3nY pOppyp2fEDOWTHfMFCcVXI+sMo5gidr9nyHaAyqJ/Nlnh1nTbp/etdZKIJcUsxQAJ9 FpT/4xvv9xvFg== From: Arnd Bergmann To: linux-kernel@vger.kernel.org, Martin Sebor , Ning Sun , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org Cc: Arnd Bergmann , Jani Nikula , Kalle Valo , Simon Kelley , James Smart , "James E.J. Bottomley" , Anders Larsen , Tejun Heo , Serge Hallyn , Imre Deak , linux-arm-kernel@lists.infradead.org, tboot-devel@lists.sourceforge.net, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, ath11k@lists.infradead.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-scsi@vger.kernel.org, cgroups@vger.kernel.org, linux-security-module@vger.kernel.org, "H. Peter Anvin" , Andrew Morton , Lu Baolu , Will Deacon Subject: [PATCH 02/11] x86: tboot: avoid Wstringop-overread-warning Date: Mon, 22 Mar 2021 17:02:40 +0100 Message-Id: <20210322160253.4032422-3-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210322160253.4032422-1-arnd@kernel.org> References: <20210322160253.4032422-1-arnd@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org From: Arnd Bergmann gcc-11 warns about using string operations on pointers that are defined at compile time as offsets from a NULL pointer. Unfortunately that also happens on the result of fix_to_virt(), which is a compile-time constant for a constantn input: arch/x86/kernel/tboot.c: In function 'tboot_probe': arch/x86/kernel/tboot.c:70:13: error: '__builtin_memcmp_eq' specified bound 16 exceeds source size 0 [-Werror=stringop-overread] 70 | if (memcmp(&tboot_uuid, &tboot->uuid, sizeof(tboot->uuid))) { | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I hope this can get addressed in gcc-11 before the release. As a workaround, split up the tboot_probe() function in two halves to separate the pointer generation from the usage. This is a bit ugly, and hopefully gcc understands that the code is actually correct before it learns to peek into the noinline function. Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578 Signed-off-by: Arnd Bergmann --- arch/x86/kernel/tboot.c | 44 ++++++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c index 4c09ba110204..f9af561c3cd4 100644 --- a/arch/x86/kernel/tboot.c +++ b/arch/x86/kernel/tboot.c @@ -49,6 +49,30 @@ bool tboot_enabled(void) return tboot != NULL; } +/* noinline to prevent gcc from warning about dereferencing constant fixaddr */ +static noinline __init bool check_tboot_version(void) +{ + if (memcmp(&tboot_uuid, &tboot->uuid, sizeof(tboot->uuid))) { + pr_warn("tboot at 0x%llx is invalid\n", boot_params.tboot_addr); + return false; + } + + if (tboot->version < 5) { + pr_warn("tboot version is invalid: %u\n", tboot->version); + return false; + } + + pr_info("found shared page at phys addr 0x%llx:\n", + boot_params.tboot_addr); + pr_debug("version: %d\n", tboot->version); + pr_debug("log_addr: 0x%08x\n", tboot->log_addr); + pr_debug("shutdown_entry: 0x%x\n", tboot->shutdown_entry); + pr_debug("tboot_base: 0x%08x\n", tboot->tboot_base); + pr_debug("tboot_size: 0x%x\n", tboot->tboot_size); + + return true; +} + void __init tboot_probe(void) { /* Look for valid page-aligned address for shared page. */ @@ -66,25 +90,9 @@ void __init tboot_probe(void) /* Map and check for tboot UUID. */ set_fixmap(FIX_TBOOT_BASE, boot_params.tboot_addr); - tboot = (struct tboot *)fix_to_virt(FIX_TBOOT_BASE); - if (memcmp(&tboot_uuid, &tboot->uuid, sizeof(tboot->uuid))) { - pr_warn("tboot at 0x%llx is invalid\n", boot_params.tboot_addr); + tboot = (void *)fix_to_virt(FIX_TBOOT_BASE); + if (!check_tboot_version()) tboot = NULL; - return; - } - if (tboot->version < 5) { - pr_warn("tboot version is invalid: %u\n", tboot->version); - tboot = NULL; - return; - } - - pr_info("found shared page at phys addr 0x%llx:\n", - boot_params.tboot_addr); - pr_debug("version: %d\n", tboot->version); - pr_debug("log_addr: 0x%08x\n", tboot->log_addr); - pr_debug("shutdown_entry: 0x%x\n", tboot->shutdown_entry); - pr_debug("tboot_base: 0x%08x\n", tboot->tboot_base); - pr_debug("tboot_size: 0x%x\n", tboot->tboot_size); } static pgd_t *tboot_pg_dir; From patchwork Mon Mar 22 16:02:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 406386 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 14AA5C433E1 for ; Mon, 22 Mar 2021 16:05:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E515F619AB for ; Mon, 22 Mar 2021 16:05:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231819AbhCVQFE (ORCPT ); Mon, 22 Mar 2021 12:05:04 -0400 Received: from mail.kernel.org ([198.145.29.99]:52488 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231818AbhCVQE0 (ORCPT ); Mon, 22 Mar 2021 12:04:26 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id D63E5619A4; Mon, 22 Mar 2021 16:04:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1616429066; bh=nkpO3F9iV2LP9C5b1X1yN1ZVysmYmotRTLuBUWIaptM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MU4IL9JNNK+J8U+vvpLpwovR+/suU+W9R4RhhhMaub4p/qt1HSm7/5H/LxJjfRA1v f+dccndcC0t+6DndIOBCJbVJvgtAFbUO/Xj+Ad4PAK3HRVGVN0VmdJVzwNG2nWP60W yoMi7GzhcMMul2Me0RQEOrAkh9+ikItIp0T7LrmMn4UxhxHfYhCqAAaad++VD478Ly WRurbxWp7EoqaQbB5aDSFB4iZyCpOkFivtOdus8BKdINgwMELaIsTcoM1dTXGsBCvO NUlZI47cRIaTlBnQpp36y5LIoHJRasVTH3KqfKgtuhF/A3Vph299qnut15q3EDnfE2 ATElHLu2Uchbw== From: Arnd Bergmann To: linux-kernel@vger.kernel.org, Martin Sebor , Anders Larsen Cc: Arnd Bergmann , x86@kernel.org, Ning Sun , Jani Nikula , Kalle Valo , Simon Kelley , James Smart , "James E.J. Bottomley" , Tejun Heo , Serge Hallyn , Imre Deak , linux-arm-kernel@lists.infradead.org, tboot-devel@lists.sourceforge.net, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, ath11k@lists.infradead.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-scsi@vger.kernel.org, cgroups@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH 05/11] qnx: avoid -Wstringop-overread warning Date: Mon, 22 Mar 2021 17:02:43 +0100 Message-Id: <20210322160253.4032422-6-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210322160253.4032422-1-arnd@kernel.org> References: <20210322160253.4032422-1-arnd@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org From: Arnd Bergmann gcc-11 warns that the size of the link name is longer than the di_fname field: fs/qnx4/dir.c: In function ‘qnx4_readdir’: fs/qnx4/dir.c:51:32: error: ‘strnlen’ specified bound 48 exceeds source size 16 [-Werror=stringop-overread] 51 | size = strnlen(de->di_fname, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from fs/qnx4/qnx4.h:3, from fs/qnx4/dir.c:16: include/uapi/linux/qnx4_fs.h:45:25: note: source object declared here 45 | char di_fname[QNX4_SHORT_NAME_MAX]; The problem here is that we access the same pointer using two different structure layouts, but gcc determines the object size based on whatever it encounters first. Change the strnlen to use the correct field size in each case, and change the first access to be on the longer field. Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578 Signed-off-by: Arnd Bergmann --- fs/qnx4/dir.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/fs/qnx4/dir.c b/fs/qnx4/dir.c index a6ee23aadd28..68046450e543 100644 --- a/fs/qnx4/dir.c +++ b/fs/qnx4/dir.c @@ -39,21 +39,20 @@ static int qnx4_readdir(struct file *file, struct dir_context *ctx) ix = (ctx->pos >> QNX4_DIR_ENTRY_SIZE_BITS) % QNX4_INODES_PER_BLOCK; for (; ix < QNX4_INODES_PER_BLOCK; ix++, ctx->pos += QNX4_DIR_ENTRY_SIZE) { offset = ix * QNX4_DIR_ENTRY_SIZE; - de = (struct qnx4_inode_entry *) (bh->b_data + offset); - if (!de->di_fname[0]) + le = (struct qnx4_link_info *)(bh->b_data + offset); + de = (struct qnx4_inode_entry *)(bh->b_data + offset); + if (!le->dl_fname[0]) continue; if (!(de->di_status & (QNX4_FILE_USED|QNX4_FILE_LINK))) continue; if (!(de->di_status & QNX4_FILE_LINK)) - size = QNX4_SHORT_NAME_MAX; + size = strnlen(de->di_fname, sizeof(de->di_fname)); else - size = QNX4_NAME_MAX; - size = strnlen(de->di_fname, size); + size = strnlen(le->dl_fname, sizeof(le->dl_fname)); QNX4DEBUG((KERN_INFO "qnx4_readdir:%.*s\n", size, de->di_fname)); if (!(de->di_status & QNX4_FILE_LINK)) ino = blknum * QNX4_INODES_PER_BLOCK + ix - 1; else { - le = (struct qnx4_link_info*)de; ino = ( le32_to_cpu(le->dl_inode_blk) - 1 ) * QNX4_INODES_PER_BLOCK + le->dl_inode_ndx; From patchwork Mon Mar 22 16:02:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 406385 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9106AC433F2 for ; Mon, 22 Mar 2021 16:05:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5F66A619C5 for ; Mon, 22 Mar 2021 16:05:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231826AbhCVQFF (ORCPT ); Mon, 22 Mar 2021 12:05:05 -0400 Received: from mail.kernel.org ([198.145.29.99]:52588 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231455AbhCVQEi (ORCPT ); Mon, 22 Mar 2021 12:04:38 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id DD9F06199F; Mon, 22 Mar 2021 16:04:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1616429077; bh=yAy/I3E6cDxsmlVnV0YJAH5ZEQIRtNmu4zak4TbdMtM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UB5shkw7Yd4R5EAaTaJbKCgGMQHdzM6i80uoGxhNLAKr58/Z+hb/X02iDZFbFM5q7 ohBr0mnuKE2zD2dZIPp5mGV/8upXxQjJIfPGJp9PdMs6uae5VNAC7zYBRMfKWnHX2T dVcWKQocYTTmbDcT2P/QpYMSgUNzpEBC5mOFpZCLPDNYvMuLPWfLzgAFpKC9vWx2UV WcW6Gm/cjDbzo+bVOJsKrlf8DWJ6XKsV5KO6yCyvx8yAazXnd03HJIpEKsAL1WBIyL rctKK7FEjfv0XP7F/8O3bxyOq6H75TM+jdZPPW1bjsoXOWVbf0YQRUVNLoyOj2UQzP uTGmECN+tjDoA== From: Arnd Bergmann To: linux-kernel@vger.kernel.org, Martin Sebor , Tejun Heo , Zefan Li , Johannes Weiner Cc: Arnd Bergmann , x86@kernel.org, Ning Sun , Jani Nikula , Kalle Valo , Simon Kelley , James Smart , "James E.J. Bottomley" , Anders Larsen , Serge Hallyn , Imre Deak , linux-arm-kernel@lists.infradead.org, tboot-devel@lists.sourceforge.net, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, ath11k@lists.infradead.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-scsi@vger.kernel.org, cgroups@vger.kernel.org, linux-security-module@vger.kernel.org, Roman Gushchin , Christian Brauner , Alexei Starovoitov , Andrii Nakryiko , Odin Ugedal , Cong Wang , =?utf-8?q?Michal_Koutn=C3=BD?= , Bhaskar Chowdhury Subject: [PATCH 06/11] cgroup: fix -Wzero-length-bounds warnings Date: Mon, 22 Mar 2021 17:02:44 +0100 Message-Id: <20210322160253.4032422-7-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210322160253.4032422-1-arnd@kernel.org> References: <20210322160253.4032422-1-arnd@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org From: Arnd Bergmann When cgroups are enabled, but every single subsystem is turned off, CGROUP_SUBSYS_COUNT is zero, and the cgrp->subsys[] array has no members. gcc-11 points out that this leads to an invalid access in any function that might access this array: kernel/cgroup/cgroup.c: In function 'cgroup_addrm_files': kernel/cgroup/cgroup.c:460:58: warning: array subscript '' is outside the bounds of an interior zero-length array 'struct cgroup_subsys_state *[0]' [-Wzero-length-bounds] kernel/cgroup/cgroup.c:460:24: note: in expansion of macro 'rcu_dereference_check' 460 | return rcu_dereference_check(cgrp->subsys[ss->id], | ^~~~~~~~~~~~~~~~~~~~~ In file included from include/linux/cgroup.h:28, from kernel/cgroup/cgroup-internal.h:5, from kernel/cgroup/cgroup.c:31: include/linux/cgroup-defs.h:422:43: note: while referencing 'subsys' 422 | struct cgroup_subsys_state __rcu *subsys[CGROUP_SUBSYS_COUNT]; I'm not sure what is expected to happen for such a configuration, presumably these functions are never calls in that case. Adding a sanity check in each function we get the warning for manages to shut up the warnings and do nothing instead. Signed-off-by: Arnd Bergmann Reviewed-by: Michal Koutný --- I'm grouping this together with the -Wstringop-overread warnings, since the underlying logic in gcc seems to be the same. --- kernel/cgroup/cgroup.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 9153b20e5cc6..3477f1dc7872 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -456,7 +456,7 @@ static u16 cgroup_ss_mask(struct cgroup *cgrp) static struct cgroup_subsys_state *cgroup_css(struct cgroup *cgrp, struct cgroup_subsys *ss) { - if (ss) + if (ss && (CGROUP_SUBSYS_COUNT > 0)) return rcu_dereference_check(cgrp->subsys[ss->id], lockdep_is_held(&cgroup_mutex)); else @@ -534,6 +534,9 @@ struct cgroup_subsys_state *cgroup_e_css(struct cgroup *cgrp, { struct cgroup_subsys_state *css; + if (CGROUP_SUBSYS_COUNT == 0) + return NULL; + do { css = cgroup_css(cgrp, ss); @@ -561,6 +564,9 @@ struct cgroup_subsys_state *cgroup_get_e_css(struct cgroup *cgrp, { struct cgroup_subsys_state *css; + if (CGROUP_SUBSYS_COUNT == 0) + return NULL; + rcu_read_lock(); do { @@ -630,7 +636,7 @@ struct cgroup_subsys_state *of_css(struct kernfs_open_file *of) * the matching css from the cgroup's subsys table is guaranteed to * be and stay valid until the enclosing operation is complete. */ - if (cft->ss) + if (cft->ss && CGROUP_SUBSYS_COUNT > 0) return rcu_dereference_raw(cgrp->subsys[cft->ss->id]); else return &cgrp->self; @@ -2343,6 +2349,9 @@ struct task_struct *cgroup_taskset_next(struct cgroup_taskset *tset, struct css_set *cset = tset->cur_cset; struct task_struct *task = tset->cur_task; + if (CGROUP_SUBSYS_COUNT == 0) + return NULL; + while (&cset->mg_node != tset->csets) { if (!task) task = list_first_entry(&cset->mg_tasks, @@ -4523,7 +4532,7 @@ void css_task_iter_start(struct cgroup_subsys_state *css, unsigned int flags, it->ss = css->ss; it->flags = flags; - if (it->ss) + if (it->ss && CGROUP_SUBSYS_COUNT > 0) it->cset_pos = &css->cgroup->e_csets[css->ss->id]; else it->cset_pos = &css->cgroup->cset_links; From patchwork Mon Mar 22 16:02:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 406384 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78508C433E3 for ; Mon, 22 Mar 2021 16:06:40 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 610B4619DC for ; Mon, 22 Mar 2021 16:06:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231768AbhCVQFn (ORCPT ); Mon, 22 Mar 2021 12:05:43 -0400 Received: from mail.kernel.org ([198.145.29.99]:52810 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231801AbhCVQFH (ORCPT ); Mon, 22 Mar 2021 12:05:07 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 2816A619AD; Mon, 22 Mar 2021 16:05:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1616429107; bh=hZ+CAtng3yIYZIb+ah3e8qtw8iX8HVHsX0ExOcLMkVU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=dwkY1GeSKE6uqnx1AxEi3VFdRhYPg81cUVXGmS7VFECNmiWnHG9H8Xs03DE5r5UkI 2VYRrKWZEbiYE/8Go+UBgggdeU5IHX8PCQyERsMz4uhXvD8S/WDGEhcAqel5lYAhxx GH5OrCzsuWJ7MemQavOxq36ZBrGw8QsN0rHVPucenBu12gisEUNifGSz6+0j2xJ9ZZ bEVaUqft+/YBHP8/oDZqfcdvztMrcHT8BJQ3udH192n6G7X4gUnHIGCuLP1ptF/QU4 TnlXa1Qe8PUzWprVm8njgDc/yGpNfz20AWAFmYDGGOfZtOuyJUs4ZC7Fgr12Ezshk/ OxLRDx1pnNY1A== From: Arnd Bergmann To: linux-kernel@vger.kernel.org, Martin Sebor , Simon Kelley , Kalle Valo , "David S. Miller" , Jakub Kicinski Cc: Arnd Bergmann , x86@kernel.org, Ning Sun , Jani Nikula , James Smart , "James E.J. Bottomley" , Anders Larsen , Tejun Heo , Serge Hallyn , Imre Deak , linux-arm-kernel@lists.infradead.org, tboot-devel@lists.sourceforge.net, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, ath11k@lists.infradead.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-scsi@vger.kernel.org, cgroups@vger.kernel.org, linux-security-module@vger.kernel.org, Lee Jones , Pascal Terjan , "Gustavo A. R. Silva" Subject: [PATCH 08/11] atmel: avoid gcc -Wstringop-overflow warning Date: Mon, 22 Mar 2021 17:02:46 +0100 Message-Id: <20210322160253.4032422-9-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210322160253.4032422-1-arnd@kernel.org> References: <20210322160253.4032422-1-arnd@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org From: Arnd Bergmann gcc-11 notices that the fields as defined in the ass_req_format structure do not match the actual use of that structure: cc1: error: writing 4 bytes into a region of size between 18446744073709551613 and 2 [-Werror=stringop-overflow=] drivers/net/wireless/atmel/atmel.c:2884:20: note: at offset [4, 6] into destination object ‘ap’ of size 6 2884 | u8 ap[ETH_ALEN]; /* nothing after here directly accessible */ | ^~ drivers/net/wireless/atmel/atmel.c:2885:20: note: at offset [4, 6] into destination object ‘ssid_el_id’ of size 1 2885 | u8 ssid_el_id; | ^~~~~~~~~~ This is expected here because the actual structure layout is variable. As the code does not actually access the individual fields, replace them with a comment and fixed-length array so prevent gcc from complaining about it. Signed-off-by: Arnd Bergmann --- drivers/net/wireless/atmel/atmel.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/drivers/net/wireless/atmel/atmel.c b/drivers/net/wireless/atmel/atmel.c index 707fe66727f8..ff9152d600e1 100644 --- a/drivers/net/wireless/atmel/atmel.c +++ b/drivers/net/wireless/atmel/atmel.c @@ -2881,13 +2881,18 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) struct ass_req_format { __le16 capability; __le16 listen_interval; - u8 ap[ETH_ALEN]; /* nothing after here directly accessible */ - u8 ssid_el_id; - u8 ssid_len; - u8 ssid[MAX_SSID_LENGTH]; - u8 sup_rates_el_id; - u8 sup_rates_len; - u8 rates[4]; + u8 ssid_el[ETH_ALEN + 2 + MAX_SSID_LENGTH + 2 + 4]; + /* + * nothing after here directly accessible: + * + * u8 ap[ETH_ALEN]; + * u8 ssid_el_id; + * u8 ssid_len; + * u8 ssid[MAX_SSID_LENGTH]; + * u8 sup_rates_el_id; + * u8 sup_rates_len; + * u8 rates[4]; + */ } body; header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | @@ -2907,13 +2912,13 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period); + ssid_el_p = body.ssid_el; /* current AP address - only in reassoc frame */ if (is_reassoc) { - memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN); - ssid_el_p = &body.ssid_el_id; + memcpy(ssid_el_p, priv->CurrentBSSID, ETH_ALEN); + ssid_el_p += ETH_ALEN; bodysize = 18 + priv->SSID_size; } else { - ssid_el_p = &body.ap[0]; bodysize = 12 + priv->SSID_size; } From patchwork Mon Mar 22 16:02:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 406383 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BBB8AC433F4 for ; Mon, 22 Mar 2021 16:07:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB77F619BF for ; Mon, 22 Mar 2021 16:07:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231913AbhCVQGm (ORCPT ); Mon, 22 Mar 2021 12:06:42 -0400 Received: from mail.kernel.org ([198.145.29.99]:53076 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231894AbhCVQFT (ORCPT ); Mon, 22 Mar 2021 12:05:19 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 72908619A9; Mon, 22 Mar 2021 16:05:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1616429118; bh=EPe3bIidXGt1QSXUt8K/T9qB09rG8+BNJJvNG8YjWag=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=odvbczUMlcMOL6OYbdCtO6qt6RZm272nfTphlFLY6klU5CkTn017tx34pnASZGNCF IpTcV7nYkdiHmdTO4YSIbtaihkUG1yjP/yyOdl4AEWNcNqBp3RlBD18ZnYm597BmUn wbL0s1j6ZDhyXNOvtPSEo+IomEmxiiG2PhvFgAApDhn6IwYxk6QphMYP+c26QRueLZ RufWjyGVlIhAtQ1wf9LhLwHYQjNNIjPOnznUa3dYOSsg79XhSsMNd+utp3nEch/2kA G7BxSH7No+IViGt23UWj5mYSj83XwgoEag8qXDcmE/UvDP4IP5Eh1a52oCa4LWy515 1pAfWyFQAG1Kg== From: Arnd Bergmann To: linux-kernel@vger.kernel.org, Martin Sebor , James Smart , Dick Kennedy , "James E.J. Bottomley" , "Martin K. Petersen" Cc: Arnd Bergmann , x86@kernel.org, Ning Sun , Jani Nikula , Kalle Valo , Simon Kelley , Anders Larsen , Tejun Heo , Serge Hallyn , Imre Deak , linux-arm-kernel@lists.infradead.org, tboot-devel@lists.sourceforge.net, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, ath11k@lists.infradead.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-scsi@vger.kernel.org, cgroups@vger.kernel.org, linux-security-module@vger.kernel.org, Hannes Reinecke , Lee Jones , Colin Ian King , Ye Bin Subject: [PATCH 09/11] scsi: lpfc: fix gcc -Wstringop-overread warning Date: Mon, 22 Mar 2021 17:02:47 +0100 Message-Id: <20210322160253.4032422-10-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210322160253.4032422-1-arnd@kernel.org> References: <20210322160253.4032422-1-arnd@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org From: Arnd Bergmann gcc-11 warns about an strnlen with a length larger than the size of the passed buffer: drivers/scsi/lpfc/lpfc_attr.c: In function 'lpfc_nvme_info_show': drivers/scsi/lpfc/lpfc_attr.c:518:25: error: 'strnlen' specified bound 4095 exceeds source size 24 [-Werror=stringop-overread] 518 | strnlen(LPFC_NVME_INFO_MORE_STR, PAGE_SIZE - 1) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In this case, the code is entirely valid, as the string is properly terminated, and the size argument is only there out of extra caution in case it exceeds a page. This cannot really happen here, so just simplify it to a sizeof(). Fixes: afff0d2321ea ("scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE") Signed-off-by: Arnd Bergmann --- drivers/scsi/lpfc/lpfc_attr.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/scsi/lpfc/lpfc_attr.c b/drivers/scsi/lpfc/lpfc_attr.c index bdd9a29f4201..f6d886f9dfb3 100644 --- a/drivers/scsi/lpfc/lpfc_attr.c +++ b/drivers/scsi/lpfc/lpfc_attr.c @@ -512,11 +512,9 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, "6314 Catching potential buffer " "overflow > PAGE_SIZE = %lu bytes\n", PAGE_SIZE); - strlcpy(buf + PAGE_SIZE - 1 - - strnlen(LPFC_NVME_INFO_MORE_STR, PAGE_SIZE - 1), + strlcpy(buf + PAGE_SIZE - 1 - sizeof(LPFC_NVME_INFO_MORE_STR), LPFC_NVME_INFO_MORE_STR, - strnlen(LPFC_NVME_INFO_MORE_STR, PAGE_SIZE - 1) - + 1); + sizeof(LPFC_NVME_INFO_MORE_STR) + 1); } return len;