lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 3 Mar 2022 12:19:57 -0600
From:   "Gustavo A. R. Silva" <gustavoars@...nel.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     Harry Wentland <harry.wentland@....com>,
        Leo Li <sunpeng.li@....com>,
        Rodrigo Siqueira <Rodrigo.Siqueira@....com>,
        Alex Deucher <alexander.deucher@....com>,
        Christian König <christian.koenig@....com>,
        "Pan, Xinhui" <Xinhui.Pan@....com>,
        David Airlie <airlied@...ux.ie>,
        Daniel Vetter <daniel@...ll.ch>, amd-gfx@...ts.freedesktop.org,
        dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] drm/amd/display: Fix Wstringop-overflow warnings
 in dc_link_dp.c

On Thu, Mar 03, 2022 at 09:43:28AM -0800, Kees Cook wrote:
> On Thu, Mar 03, 2022 at 11:25:03AM -0600, Gustavo A. R. Silva wrote:
> > Fix the following Wstringop-overflow warnings when building with GCC-11:
> > 
> > drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc_link_dpia.c:493:17: warning: ‘dp_decide_lane_settings’ accessing 4 bytes in a region of size 1 [-Wstringop-overflow=]
> 
> Can you "show your work" a little more here? I don't actually see the
> what is getting fixed:
> 
> enum dc_lane_count {
> 	...
>         LANE_COUNT_FOUR = 4,
> 	...
>         LANE_COUNT_DP_MAX = LANE_COUNT_FOUR
> };
> 
> struct link_training_settings {
> 	...
>         union dpcd_training_lane dpcd_lane_settings[LANE_COUNT_DP_MAX];
> };
> 
> void dp_hw_to_dpcd_lane_settings(
> 		...
> 		union dpcd_training_lane dpcd_lane_settings[LANE_COUNT_DP_MAX])
> {
> 	...
> }
> 
> static enum link_training_result dpia_training_cr_transparent(
> 		...
>                 struct link_training_settings *lt_settings)
> {
> 	...
>                 dp_decide_lane_settings(lt_settings, dpcd_lane_adjust,
>                                 lt_settings->hw_lane_settings, lt_settings->dpcd_lane_settings);
> 	...
> }
> 
> Everything looks to be the correct size?

Yep; this fix is similar to the one for intel_pm.c in this

	commit e7c6e405e171fb33990a12ecfd14e6500d9e5cf2

where the array size of 8 seems to be fine for all the
struct members related (pri_latency, spr_latency, cur_latency
and skl_latency):

drivers/gpu/drm/i915/i915_drv.h:465:struct drm_i915_private {
...

drivers/gpu/drm/i915/i915_drv.h-739-    struct {

...
drivers/gpu/drm/i915/i915_drv.h-745-            /* primary */
drivers/gpu/drm/i915/i915_drv.h-746-            u16 pri_latency[5];
drivers/gpu/drm/i915/i915_drv.h-747-            /* sprite */
drivers/gpu/drm/i915/i915_drv.h-748-            u16 spr_latency[5];
drivers/gpu/drm/i915/i915_drv.h-749-            /* cursor */
drivers/gpu/drm/i915/i915_drv.h-750-            u16 cur_latency[5];
drivers/gpu/drm/i915/i915_drv.h-751-            /*
drivers/gpu/drm/i915/i915_drv.h-752-             * Raw watermark memory latency values
drivers/gpu/drm/i915/i915_drv.h-753-             * for SKL for all 8 levels
drivers/gpu/drm/i915/i915_drv.h-754-             * in 1us units.
drivers/gpu/drm/i915/i915_drv.h-755-             */
drivers/gpu/drm/i915/i915_drv.h-756-            u16 skl_latency[8];

...
drivers/gpu/drm/i915/i915_drv.h-773-    } wm;
...
}

however GCC warns about accessing bytes beyond the limits, and turning the
argument declarations into pointers (removing the over-specified array
size from the argument declaration) silence the warnings.

--
Gustavo

Powered by blists - more mailing lists