lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210713091954.GG22278@shell.armlinux.org.uk>
Date:   Tue, 13 Jul 2021 10:19:54 +0100
From:   "Russell King (Oracle)" <linux@...linux.org.uk>
To:     Uwe Kleine-König 
        <u.kleine-koenig@...gutronix.de>
Cc:     Salah Triki <salah.triki@...il.com>, fabrice.gasnier@...s.st.com,
        thierry.reding@...il.com, lee.jones@...aro.org,
        mcoquelin.stm32@...il.com, alexandre.torgue@...s.st.com,
        linux-pwm@...r.kernel.org,
        linux-stm32@...md-mailman.stormreply.com,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] divide by 3*sizeof(u32) when computing array_size

On Tue, Jul 13, 2021 at 08:30:53AM +0200, Uwe Kleine-König wrote:
> Hello Salah,
> 
> On Tue, Jul 13, 2021 at 12:19:10AM +0100, Salah Triki wrote:
> > Divide by 3*sizeof(u32) when computing array_size, since stm32_breakinput
> > has 3 fields of type u32.
> > 
> > Signed-off-by: Salah Triki <salah.triki@...il.com>
> > ---
> >  drivers/pwm/pwm-stm32.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/drivers/pwm/pwm-stm32.c b/drivers/pwm/pwm-stm32.c
> > index 794ca5b02968..fb21bc2b2dd6 100644
> > --- a/drivers/pwm/pwm-stm32.c
> > +++ b/drivers/pwm/pwm-stm32.c
> > @@ -544,7 +544,7 @@ static int stm32_pwm_probe_breakinputs(struct stm32_pwm *priv,
> >  		return -EINVAL;
> >  
> >  	priv->num_breakinputs = nb;
> > -	array_size = nb * sizeof(struct stm32_breakinput) / sizeof(u32);
> > +	array_size = nb * sizeof(struct stm32_breakinput) / (3 * sizeof(u32));
> >  	ret = of_property_read_u32_array(np, "st,breakinput",
> >  					 (u32 *)priv->breakinputs, array_size);
> >  	if (ret)
> 
> I agree with Philipp here; this looks strange and needs a better
> description.
> 
> Looking a bit more in details:
> 
>  - priv->breakinputs has type struct stm32_breakinput[MAX_BREAKINPUT]
>  - nb is in [0 .. MAX_BREAKINPUT]
>  - sizeof(struct stm32_breakinput) == 3 * sizeof(u32)
>  - of_property_read_u32_array reads $array_size u32 quantities
> 
> so to read $nb members of type stm32_breakinput array_size must be a
> multiple of 3 which isn't given any more after your patch. This makes me
> believe your suggested change to be wrong.

I concur with your analysis. "array_size" is the number of u32 values
to read from DT. It is not the number of entries in priv->breakinputs.

I would also note that the code relies on there being no padding in
struct stm32_breakinput - it should be noted that a strict
interpretation of the C standard allows padding to be added anywhere
to a structure - at the start, end or between members.

Some further thoughts... DT is effectively an interface (we maintain
definitions of what we expect.) The way the code is structured,
"struct stm32_breakinput" defines that interface. Maybe this should
be commented, and maybe there should be a build time assert that
"sizeof(struct stm32_breakinput)" is "3 * sizeof(u32)" since the
code is relying on that property?

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ