| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20211215232446.2069794-1-keescook@chromium.org>
Date: Wed, 15 Dec 2021 15:24:46 -0800
From: Kees Cook <keescook@...omium.org>
To: Manivannan Sadhasivam <mani@...nel.org>
Cc: Kees Cook <keescook@...omium.org>,
Hemant Kumar <hemantk@...eaurora.org>,
Bhaumik Bhatt <quic_bbhatt@...cinc.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Loic Poulain <loic.poulain@...aro.org>,
Yury Norov <yury.norov@...il.com>,
Carl Huang <cjhuang@...eaurora.org>,
Carl Yin <carl.yin@...ctel.com>, linux-kernel@...r.kernel.org,
mhi@...ts.linux.dev, linux-arm-msm@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: [PATCH] bus: mhi: core: Use correctly sized arguments for bit field
The find.h APIs are designed to be used only on unsigned long arguments.
This can technically result in a over-read, but it is harmless in this
case. Regardless, fix it to avoid the warning seen under -Warray-bounds,
which we'd like to enable globally:
In file included from ./include/linux/bitmap.h:9,
from ./include/linux/cpumask.h:12,
from ./arch/x86/include/asm/cpumask.h:5,
from ./arch/x86/include/asm/msr.h:11,
from ./arch/x86/include/asm/processor.h:22,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:60,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:55,
from ./include/linux/wait.h:9,
from ./include/linux/wait_bit.h:8,
from ./include/linux/fs.h:6,
from ./include/linux/debugfs.h:15,
from drivers/bus/mhi/core/init.c:7:
drivers/bus/mhi/core/init.c: In function 'to_mhi_pm_state_str':
./include/linux/find.h:187:37: warning: array subscript 'long unsigned int[0]' is partly outside array bounds of 'enum mhi_pm_state[1]' [-Warray-bounds]
187 | unsigned long val = *addr & GENMASK(size - 1, 0);
| ^~~~~
drivers/bus/mhi/core/init.c:80:51: note: while referencing 'state'
80 | const char *to_mhi_pm_state_str(enum mhi_pm_state state)
| ~~~~~~~~~~~~~~~~~~^~~~~
Signed-off-by: Kees Cook <keescook@...omium.org>
---
drivers/bus/mhi/core/init.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/bus/mhi/core/init.c b/drivers/bus/mhi/core/init.c
index f1ec34417592..b91f75fff962 100644
--- a/drivers/bus/mhi/core/init.c
+++ b/drivers/bus/mhi/core/init.c
@@ -79,7 +79,8 @@ static const char * const mhi_pm_state_str[] = {
const char *to_mhi_pm_state_str(enum mhi_pm_state state)
{
- int index = find_last_bit((unsigned long *)&state, 32);
+ unsigned long bits = state;
+ int index = find_last_bit(&bits, 32);
if (index >= ARRAY_SIZE(mhi_pm_state_str))
return "Invalid State";
--
2.30.2
Powered by blists - more mailing lists