| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Zw0tqoVCU0xPS-X1@bogus> Date: Mon, 14 Oct 2024 15:41:46 +0100 From: Sudeep Holla <sudeep.holla@....com> To: Gavin Shan <gshan@...hat.com> Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, shan.gavin@...il.com Subject: Re: [PATCH] firmware: arm_ffa: Fix warning caused by export_uuid() On Mon, Oct 14, 2024 at 08:25:54PM +1000, Gavin Shan wrote: > On 10/14/24 8:08 PM, Sudeep Holla wrote: > > On Mon, Oct 14, 2024 at 10:47:24AM +1000, Gavin Shan wrote: > > > Run into build warning caused by export_uuid() where the UUID's > > > length exceeds that of ffa_value_t::a2, as the following warning > > > messages indicate. > > > > > > In function ‘fortify_memcpy_chk’, > > > inlined from ‘export_uuid’ at ./include/linux/uuid.h:88:2, > > > inlined from ‘ffa_msg_send_direct_req2’ at drivers/firmware/arm_ffa/driver.c:488:2: > > > ./include/linux/fortify-string.h:571:25: error: call to ‘__write_overflow_field’ \ > > > declared with attribute warning: detected write beyond size of field (1st parameter); \ > > > maybe use struct_group()? [-Werror=attribute-warning] > > > 571 | __write_overflow_field(p_size_field, size); > > > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > > Fix it by not passing a plain buffer to memcpy() to avoid the overflow > > > and underflow warning, similar to what have been done to copy over the > > > struct ffa_send_direct_data2. > > > > > > > Are you observing this just on the upstream or -next as well? There is a > > fix in the -next which I haven't sent to soc team yet, will do so soon. > > > > I just tried the upstream when the patch was posted. I just have a try with -next > and similar error exists. > > [root@...dia-grace-hopper-01 linux-next]# git remote -v > origin git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git (fetch) > origin git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git (push) > [root@...dia-grace-hopper-01 linux-next]# make W=1 drivers/firmware/arm_ffa/driver.o > : > In function ‘fortify_memcpy_chk’, > inlined from ‘ffa_msg_send_direct_req2’ at drivers/firmware/arm_ffa/driver.c:504:3: > ./include/linux/fortify-string.h:580:25: error: call to ‘__read_overflow2_field’ declared with attribute warning: \ > detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror=attribute-warning] > 580 | __read_overflow2_field(q_size_field, size); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > cc1: all warnings being treated as errors > > > Part of the changes included this patch is still needed by -next. Could you please > squeeze the changes to that one to be pulled? Sure I can do that. Can you share the build command(specifically if any extra warning are enabled) and the toolchain used ? I am unable to reproduce it with clang 20.0.0, not sure if it my toolchain or build command/flags that differs here. -- Regards, Sudeep
Powered by blists - more mailing lists