lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 1 Dec 2022 16:35:23 -0800
From:   Kees Cook <keescook@...omium.org>
To:     kernel test robot <lkp@...el.com>
Cc:     oe-kbuild-all@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: Re: include/linux/fortify-string.h:50:33: warning:
 '__builtin_memset' offset [0, 7] is out of the bounds [0, 0]

On Sun, Nov 27, 2022 at 12:37:10PM +0800, kernel test robot wrote:
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> head:   faf68e3523c21d07c5f7fdabd0daf6301ff8db3f
> commit: ba38961a069b0d8d03b53218a6c29d737577d448 um: Enable FORTIFY_SOURCE
> date:   3 months ago
> config: um-allyesconfig
> compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
> reproduce (this is a W=1 build):
>         # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ba38961a069b0d8d03b53218a6c29d737577d448
>         git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>         git fetch --no-tags linus master
>         git checkout ba38961a069b0d8d03b53218a6c29d737577d448
>         # save the config file
>         mkdir build_dir && cp config build_dir/.config
>         make W=1 O=build_dir ARCH=um SHELL=/bin/bash
> 
> If you fix the issue, kindly add following tag where applicable
> | Reported-by: kernel test robot <lkp@...el.com>
> 
> All warnings (new ones prefixed by >>):
> 
>    In file included from include/linux/string.h:253,
>                     from include/linux/bitmap.h:11,
>                     from include/linux/cpumask.h:12,
>                     from include/linux/mm_types_task.h:14,
>                     from include/linux/mm_types.h:5,
>                     from include/linux/buildid.h:5,
>                     from include/linux/module.h:14,
>                     from arch/um/drivers/virt-pci.c:6:
>    arch/um/drivers/virt-pci.c: In function 'um_pci_send_cmd':
>    include/linux/fortify-string.h:48:33: warning: argument 1 null where non-null expected [-Wnonnull]
>       48 | #define __underlying_memcpy     __builtin_memcpy
>          |                                 ^
>    include/linux/fortify-string.h:438:9: note: in expansion of macro '__underlying_memcpy'
>      438 |         __underlying_##op(p, q, __fortify_size);                        \
>          |         ^~~~~~~~~~~~~
>    include/linux/fortify-string.h:483:26: note: in expansion of macro '__fortify_memcpy_chk'
>      483 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,                  \
>          |                          ^~~~~~~~~~~~~~~~~~~~
>    arch/um/drivers/virt-pci.c:100:9: note: in expansion of macro 'memcpy'
>      100 |         memcpy(buf, cmd, cmd_size);
>          |         ^~~~~~
>    include/linux/fortify-string.h:48:33: note: in a call to built-in function '__builtin_memcpy'
>       48 | #define __underlying_memcpy     __builtin_memcpy
>          |                                 ^
>    include/linux/fortify-string.h:438:9: note: in expansion of macro '__underlying_memcpy'
>      438 |         __underlying_##op(p, q, __fortify_size);                        \
>          |         ^~~~~~~~~~~~~
>    include/linux/fortify-string.h:483:26: note: in expansion of macro '__fortify_memcpy_chk'
>      483 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,                  \
>          |                          ^~~~~~~~~~~~~~~~~~~~
>    arch/um/drivers/virt-pci.c:100:9: note: in expansion of macro 'memcpy'
>      100 |         memcpy(buf, cmd, cmd_size);
>          |         ^~~~~~
>    arch/um/drivers/virt-pci.c: In function 'um_pci_cfgspace_read':
> >> include/linux/fortify-string.h:50:33: warning: '__builtin_memset' offset [0, 7] is out of the bounds [0, 0] [-Warray-bounds]
>       50 | #define __underlying_memset     __builtin_memset
>          |                                 ^
>    include/linux/fortify-string.h:316:9: note: in expansion of macro '__underlying_memset'
>      316 |         __underlying_memset(p, c, __fortify_size);                      \
>          |         ^~~~~~~~~~~~~~~~~~~
>    include/linux/fortify-string.h:323:25: note: in expansion of macro '__fortify_memset_chk'
>      323 | #define memset(p, c, s) __fortify_memset_chk(p, c, s,                   \
>          |                         ^~~~~~~~~~~~~~~~~~~~
>    arch/um/drivers/virt-pci.c:192:9: note: in expansion of macro 'memset'
>      192 |         memset(buf->data, 0xff, sizeof(buf->data));
>          |         ^~~~~~

I had noticed this too while running kunit tests, but never tracked it
down. That's done now. Patch sent:

https://lore.kernel.org/lkml/20221202003137.never.887-kees@kernel.org

Thanks!

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ