lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAPbMC74ShG6R8JEoiv29082GqN5jbkHrLcsw6fXfjWu=oAqmAg@mail.gmail.com>
Date: Mon, 19 Aug 2024 12:05:30 -0700
From: Haoyu Li <lihaoyu499@...il.com>
To: Michael Turquette <mturquette@...libre.com>, Stephen Boyd <sboyd@...nel.org>
Cc: linux-clk@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [drivers/clk] Question about `en7523_register_clocks` func: misuse of __counted_by

Dear Linux Developers for COMMON CLK FRAMEWORK,

We are curious about the use of `struct clk_hw_onecell_data *clk_data`
in function `en7523_register_clocks`.
The definition of `struct clk_hw_onecell_data` is at
https://elixir.bootlin.com/linux/v6.10.6/source/include/linux/clk-provider.h#L1405.
```
struct clk_hw_onecell_data {
        unsigned int num;
        struct clk_hw *hws[] __counted_by(num);
};
```

Our question is: The `hws` member of `struct clk_hw_onecell_data` is annotated
with "__counted_by", which means the size of the array is indicated by
`num`. Only if we set `num` before accessing `hws[n]`, the flexible
member `hws` can be properly bounds-checked at run-time when enabling
CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Or there will be a
warning from each array access that is prior to the initialization
because the number of elements is zero.

In function `en7523_register_clocks` at
https://elixir.bootlin.com/linux/v6.10.6/source/drivers/clk/clk-en7523.c#L428,
we think relocating `clk_data->num = EN7523_NUM_CLOCKS` before
accessing `clk_data->hws[EN7523_CLK_PCIE]` is needed.

Here is a fix example of a similar situation :
https://lore.kernel.org/stable/20240613113225.898955993@linuxfoundation.org/.

Please kindly correct us if we missed any key information. Looking
forward to your response!

Best,
Haoyu Li

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ