lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAAH8bW9e_O_3DSjZvN3YENCkNB9oa63bMb93PaOCwZ6AxbfTHA@mail.gmail.com>
Date:   Wed, 15 Dec 2021 22:41:04 -0800
From:   Yury Norov <yury.norov@...il.com>
To:     Kees Cook <keescook@...omium.org>
Cc:     Lu Baolu <baolu.lu@...ux.intel.com>,
        David Woodhouse <dwmw2@...radead.org>,
        Joerg Roedel <joro@...tes.org>, Will Deacon <will@...nel.org>,
        linux-kernel@...r.kernel.org, iommu@...ts.linux-foundation.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH] iommu: Use correctly sized arguments for bit field

On Wed, Dec 15, 2021 at 3:24 PM Kees Cook <keescook@...omium.org> wrote:
>
> The find.h APIs are designed to be used only on unsigned long arguments.
> This can technically result in a over-read, but it is harmless in this
> case. Regardless, fix it to avoid the warning seen under -Warray-bounds,
> which we'd like to enable globally:
>
> In file included from ./include/linux/bitmap.h:9,
>                  from drivers/iommu/intel/iommu.c:17:
> drivers/iommu/intel/iommu.c: In function 'domain_context_mapping_one':
> ./include/linux/find.h:119:37: warning: array subscript 'long unsigned int[0]' is partly outside array bounds of 'int[1]' [-Warray-bounds]
>   119 |                 unsigned long val = *addr & GENMASK(size - 1, 0);
>       |                                     ^~~~~
> drivers/iommu/intel/iommu.c:2115:18: note: while referencing 'max_pde'
>  2115 |         int pds, max_pde;
>       |                  ^~~~~~~
>
> Signed-off-by: Kees Cook <keescook@...omium.org>

For all patches in this (not a) series
Acked-by: Yury Norov <yury.norov@...il.com>

But can you explain, what for did you split this change? The
Documentation/process says: "Solve only one problem per patch.",
but here one problem is solved per 4 patches with identical
description.

I think it would be more logical to move-in this change as a single
commitment rather than random scattered patches.

Thanks,
Yury

> ---
>  drivers/iommu/intel/iommu.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
> index b6a8f3282411..99f9e8229384 100644
> --- a/drivers/iommu/intel/iommu.c
> +++ b/drivers/iommu/intel/iommu.c
> @@ -2112,10 +2112,10 @@ static void domain_exit(struct dmar_domain *domain)
>   */
>  static inline unsigned long context_get_sm_pds(struct pasid_table *table)
>  {
> -       int pds, max_pde;
> +       unsigned long pds, max_pde;
>
>         max_pde = table->max_pasid >> PASID_PDE_SHIFT;
> -       pds = find_first_bit((unsigned long *)&max_pde, MAX_NR_PASID_BITS);
> +       pds = find_first_bit(&max_pde, MAX_NR_PASID_BITS);
>         if (pds < 7)
>                 return 0;
>
> --
> 2.30.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ