| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241107144156.GA2236807@yaz-khff2.amd.com> Date: Thu, 7 Nov 2024 09:41:56 -0500 From: Yazen Ghannam <yazen.ghannam@....com> To: Karan Sanghavi <karansanghvi98@...il.com> Cc: Shuah Khan <skhan@...uxfoundation.org>, Tony Luck <tony.luck@...el.com>, Borislav Petkov <bp@...en8.de>, linux-edac@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] RAS/AMD/ATL: Fix unintended sign extension issue from coverity On Tue, Nov 05, 2024 at 04:20:27PM +0000, Karan Sanghavi wrote: > On Mon, Nov 04, 2024 at 02:51:56PM -0700, Shuah Khan wrote: > > On 11/4/24 11:34, Karan Sanghavi wrote: > > > Explicit cast pc to u32 to avoid sign extension while left shift > > > > > > Issue reported by coverity with CID: 1593397 > > > > > > Signed-off-by: Karan Sanghavi <karansanghvi98@...il.com> > > > --- > > > Coverity Link: > > > https://scan7.scan.coverity.com/#/project-view/51975/11354?selectedIssue=1593397 > > > > Please include the coverity message instead of this link so > > reviewers without coverity accounts can see the report. > > > sure will keep it in mind. Please do share this as it'll help provide context. > > > --- > > > drivers/ras/amd/atl/umc.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/drivers/ras/amd/atl/umc.c b/drivers/ras/amd/atl/umc.c > > > index dc8aa12f63c8..916c867faaf8 100644 > > > --- a/drivers/ras/amd/atl/umc.c > > > +++ b/drivers/ras/amd/atl/umc.c > > > @@ -293,7 +293,7 @@ static unsigned long convert_dram_to_norm_addr_mi300(unsigned long addr) > > > } > > > /* PC bit */ > > > - addr |= pc << bit_shifts.pc; > > > + addr |= (u32)pc << bit_shifts.pc; > > > > How did you determine this is the right fix and how did > > test this change? > > > #define ADDR_SEL_2_CHAN GENMASK(15, 12) > > bit_shifts.pc = 5 + FIELD_GET(ADDR_SEL_2_CHAN, temp); > > After reviewing the code, I found that bit_shifts.pc can reach a maximum value of 20. > Left-shifting a u16 pc by this amount results in an implicit promotion to an int64_t, > which can cause sign extension and lead to unintended negative values. > The 'pc' variable holds a single bit in practice. #define MI300_UMC_MCA_PC BIT(25) pc = FIELD_GET(MI300_UMC_MCA_PC, addr); > To avoid this, casting to a larger data type (such as u64) woulbe be most > appropriate solution here. > > Also,using u64 would be more appropriate rather than u32. > > Should I send a new patch with u64? > Another option is to follow the style in the rest of the function and use the 'temp' variable. /* PC bit */ - addr |= pc << bit_shifts.pc; + temp = pc; + addr |= temp << bit_shifts.pc; Or we can change the variable declarations to all be 'unsigned long' to match input/return value. Thanks, Yazen
Powered by blists - more mailing lists