| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Aug 2022 03:49:20 +0800
From: kernel test robot <lkp@...el.com>
To: "Jason A. Donenfeld" <zx2c4@...nel.org>
Cc: kbuild-all@...ts.01.org, Ammar Faizi <ammarfaizi2@...weeb.org>,
GNU/Weeb Mailing List <gwml@...r.gnuweeb.org>,
linux-kernel@...r.kernel.org
Subject: [ammarfaizi2-block:crng/random/jd/getrandom-batch 9/9]
include/linux/fortify-string.h:47:33: warning: '__builtin_memset' pointer
overflow between offset [0, 255] and size [2147483648, 4294967295]
tree: https://github.com/ammarfaizi2/linux-block crng/random/jd/getrandom-batch
head: 99a314f603c9cd173e6db2e3776eb76477283e1a
commit: 99a314f603c9cd173e6db2e3776eb76477283e1a [9/9] random: batch getrandom() output per-task
config: i386-allyesconfig (https://download.01.org/0day-ci/archive/20220803/202208030326.kgXt6SdF-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
reproduce (this is a W=1 build):
# https://github.com/ammarfaizi2/linux-block/commit/99a314f603c9cd173e6db2e3776eb76477283e1a
git remote add ammarfaizi2-block https://github.com/ammarfaizi2/linux-block
git fetch --no-tags ammarfaizi2-block crng/random/jd/getrandom-batch
git checkout 99a314f603c9cd173e6db2e3776eb76477283e1a
# save the config file
mkdir build_dir && cp config build_dir/.config
make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash drivers/char/
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@...el.com>
All warnings (new ones prefixed by >>):
In file included from include/linux/string.h:253,
from arch/x86/include/asm/page_32.h:22,
from arch/x86/include/asm/page.h:14,
from arch/x86/include/asm/thread_info.h:12,
from include/linux/thread_info.h:60,
from arch/x86/include/asm/preempt.h:7,
from include/linux/preempt.h:78,
from include/linux/rcupdate.h:27,
from include/linux/rculist.h:11,
from include/linux/pid.h:5,
from include/linux/sched.h:14,
from include/linux/utsname.h:6,
from drivers/char/random.c:28:
drivers/char/random.c: In function 'get_random_bytes_user':
>> include/linux/fortify-string.h:47:33: warning: '__builtin_memset' pointer overflow between offset [0, 255] and size [2147483648, 4294967295] [-Warray-bounds]
47 | #define __underlying_memset __builtin_memset
| ^
include/linux/fortify-string.h:281:9: note: in expansion of macro '__underlying_memset'
281 | __underlying_memset(p, c, __fortify_size); \
| ^~~~~~~~~~~~~~~~~~~
include/linux/fortify-string.h:288:25: note: in expansion of macro '__fortify_memset_chk'
288 | #define memset(p, c, s) __fortify_memset_chk(p, c, s, \
| ^~~~~~~~~~~~~~~~~~~~
drivers/char/random.c:425:17: note: in expansion of macro 'memset'
425 | memset(current->rng_batch.buf + current->rng_batch.position, 0, batch_len);
| ^~~~~~
vim +/__builtin_memset +47 include/linux/fortify-string.h
3009f891bb9f32 Kees Cook 2021-08-02 30
a28a6e860c6cf2 Francis Laniel 2021-02-25 31 #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
a28a6e860c6cf2 Francis Laniel 2021-02-25 32 extern void *__underlying_memchr(const void *p, int c, __kernel_size_t size) __RENAME(memchr);
a28a6e860c6cf2 Francis Laniel 2021-02-25 33 extern int __underlying_memcmp(const void *p, const void *q, __kernel_size_t size) __RENAME(memcmp);
a28a6e860c6cf2 Francis Laniel 2021-02-25 34 extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t size) __RENAME(memcpy);
a28a6e860c6cf2 Francis Laniel 2021-02-25 35 extern void *__underlying_memmove(void *p, const void *q, __kernel_size_t size) __RENAME(memmove);
a28a6e860c6cf2 Francis Laniel 2021-02-25 36 extern void *__underlying_memset(void *p, int c, __kernel_size_t size) __RENAME(memset);
a28a6e860c6cf2 Francis Laniel 2021-02-25 37 extern char *__underlying_strcat(char *p, const char *q) __RENAME(strcat);
a28a6e860c6cf2 Francis Laniel 2021-02-25 38 extern char *__underlying_strcpy(char *p, const char *q) __RENAME(strcpy);
a28a6e860c6cf2 Francis Laniel 2021-02-25 39 extern __kernel_size_t __underlying_strlen(const char *p) __RENAME(strlen);
a28a6e860c6cf2 Francis Laniel 2021-02-25 40 extern char *__underlying_strncat(char *p, const char *q, __kernel_size_t count) __RENAME(strncat);
a28a6e860c6cf2 Francis Laniel 2021-02-25 41 extern char *__underlying_strncpy(char *p, const char *q, __kernel_size_t size) __RENAME(strncpy);
a28a6e860c6cf2 Francis Laniel 2021-02-25 42 #else
a28a6e860c6cf2 Francis Laniel 2021-02-25 43 #define __underlying_memchr __builtin_memchr
a28a6e860c6cf2 Francis Laniel 2021-02-25 44 #define __underlying_memcmp __builtin_memcmp
a28a6e860c6cf2 Francis Laniel 2021-02-25 45 #define __underlying_memcpy __builtin_memcpy
a28a6e860c6cf2 Francis Laniel 2021-02-25 46 #define __underlying_memmove __builtin_memmove
a28a6e860c6cf2 Francis Laniel 2021-02-25 @47 #define __underlying_memset __builtin_memset
a28a6e860c6cf2 Francis Laniel 2021-02-25 48 #define __underlying_strcat __builtin_strcat
a28a6e860c6cf2 Francis Laniel 2021-02-25 49 #define __underlying_strcpy __builtin_strcpy
a28a6e860c6cf2 Francis Laniel 2021-02-25 50 #define __underlying_strlen __builtin_strlen
a28a6e860c6cf2 Francis Laniel 2021-02-25 51 #define __underlying_strncat __builtin_strncat
a28a6e860c6cf2 Francis Laniel 2021-02-25 52 #define __underlying_strncpy __builtin_strncpy
a28a6e860c6cf2 Francis Laniel 2021-02-25 53 #endif
a28a6e860c6cf2 Francis Laniel 2021-02-25 54
:::::: The code at line 47 was first introduced by commit
:::::: a28a6e860c6cf231cf3c5171c75c342adcd00406 string.h: move fortified functions definitions in a dedicated header.
:::::: TO: Francis Laniel <laniel_francis@...vacyrequired.com>
:::::: CC: Linus Torvalds <torvalds@...ux-foundation.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
Powered by blists - more mailing lists