| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZuG5VKBcbHN2kiut@bogus> Date: Wed, 11 Sep 2024 16:37:56 +0100 From: Sudeep Holla <sudeep.holla@....com> To: "Arnd Bergmann" <arnd@...db.de> Cc: "Arnd Bergmann" <arnd@...nel.org>, "Cristian Marussi" <cristian.marussi@....com>, "Jens Wiklander" <jens.wiklander@...aro.org>, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] firmware: arm_ffa: avoid string-fortify warningn in export_uuid() On Wed, Sep 11, 2024 at 02:44:25PM +0000, Arnd Bergmann wrote: > On Wed, Sep 11, 2024, at 14:14, Sudeep Holla wrote: > > On Mon, Sep 09, 2024 at 11:09:24AM +0000, Arnd Bergmann wrote: > >> From: Arnd Bergmann <arnd@...db.de> > >> > >> Copying to a 16 byte structure into an 8-byte struct member > >> causes a compile-time warning: > >> > >> In file included from drivers/firmware/arm_ffa/driver.c:25: > >> In function 'fortify_memcpy_chk', > >> inlined from 'export_uuid' at include/linux/uuid.h:88:2, > >> inlined from 'ffa_msg_send_direct_req2' at drivers/firmware/arm_ffa/driver.c:488:2: > >> include/linux/fortify-string.h:571:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] > >> 571 | __write_overflow_field(p_size_field, size); > >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >> > >> Use a union for the conversion instead and make sure the byte order > >> is fixed in the process. > >> > > > > Thanks for spotting and fixing the issue. I tested enabling > > CONFIG_FORTIFY_SOURCE but couldn't hit this with gcc 13 and clang 20 > > Unfortunately I also don't have a reproducer at the moment, > but I know it was from a randconfig build with gcc-14.2. I tried > another few hundred randconfigs now with my patch reverted but it > didn't come back. I assume it only shows up in rare combinations > of some options, > Oh OK. > Do you have any additional information on the endianess question? > Is this arm_ffa firmware code supposed to work with big-endian > kernels? > I am trying to check if that is a requirement. Also the specification doesn't have any specific mention about it. Since it executes on the same AP cores as Linux in different EL, I assume the entire stack must be running same endian-ness. I will check internally. Unlike SCMI, I haven't tested FF-A with big-endian kernel so far. > > Also do you want this sent as fix on top of my FF-A PR now or after -rc1 ? > > Earlier would be better I think. I usually have one set of > bugfixes before rc1 even if it doesn't make it into the > first set of branches. > I will try to send earlier unless this endian-ness triggers more questions. I will update here anyways. -- Regards, Sudeep
Powered by blists - more mailing lists