| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250114133035.20178-1-yangtiezhu@loongson.cn>
Date: Tue, 14 Jan 2025 21:30:35 +0800
From: Tiezhu Yang <yangtiezhu@...ngson.cn>
To: Alex Deucher <alexander.deucher@....com>,
Christian König <christian.koenig@....com>,
Xinhui Pan <Xinhui.Pan@....com>,
Harry Wentland <harry.wentland@....com>,
Leo Li <sunpeng.li@....com>,
Rodrigo Siqueira <Rodrigo.Siqueira@....com>
Cc: Nathan Chancellor <nathan@...nel.org>,
Josh Poimboeuf <jpoimboe@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
loongarch@...ts.linux.dev,
amd-gfx@...ts.freedesktop.org,
llvm@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: [PATCH v4 3/3] drm/amd/display: Harden callers of division functions
There are objtool warnings compiled with the latest mainline LLVM:
dc_fixpt_recip() falls through to next function dc_fixpt_sinc()
spl_fixpt_recip() falls through to next function spl_fixpt_sinc()
Here are the call paths:
dc_fixpt_recip()
dc_fixpt_from_fraction()
complete_integer_division_u64()
div64_u64_rem()
spl_fixpt_recip()
spl_fixpt_from_fraction()
spl_complete_integer_division_u64()
spl_div64_u64_rem()
This was introduced by a change in Clang from a few months:
[SimplifyCFG] Deduce paths unreachable if they cause div/rem UB)
https://github.com/llvm/llvm-project/commit/37932643abab
The current ASSERT() and SPL_ASSERT() do not do anything to prevent
the divide by zero and the rest of the code does not either, this
is the root cause.
The callers of division functions should be hardened against dividing
by zero to avoid undefined behavior, so use the new added ASSERT_BUG()
and SPL_ASSERT_BUG() to stop the control flow if the divisior is zero.
Suggested-by: Nathan Chancellor <nathan@...nel.org>
Suggested-by: Xi Ruoyao <xry111@...111.site>
Suggested-by: Rui Wang <wangrui@...ngson.cn>
Signed-off-by: Tiezhu Yang <yangtiezhu@...ngson.cn>
Link: https://lore.kernel.org/lkml/20241220223403.GA2605890@ax162/
---
drivers/gpu/drm/amd/display/dc/basics/fixpt31_32.c | 2 +-
drivers/gpu/drm/amd/display/dc/spl/spl_fixpt31_32.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/amd/display/dc/basics/fixpt31_32.c b/drivers/gpu/drm/amd/display/dc/basics/fixpt31_32.c
index 88d3f9d7dd55..f78c6702bc42 100644
--- a/drivers/gpu/drm/amd/display/dc/basics/fixpt31_32.c
+++ b/drivers/gpu/drm/amd/display/dc/basics/fixpt31_32.c
@@ -51,7 +51,7 @@ static inline unsigned long long complete_integer_division_u64(
{
unsigned long long result;
- ASSERT(divisor);
+ ASSERT_BUG(divisor);
result = div64_u64_rem(dividend, divisor, remainder);
diff --git a/drivers/gpu/drm/amd/display/dc/spl/spl_fixpt31_32.c b/drivers/gpu/drm/amd/display/dc/spl/spl_fixpt31_32.c
index 131f1e3949d3..b3e6840e4715 100644
--- a/drivers/gpu/drm/amd/display/dc/spl/spl_fixpt31_32.c
+++ b/drivers/gpu/drm/amd/display/dc/spl/spl_fixpt31_32.c
@@ -29,7 +29,7 @@ static inline unsigned long long spl_complete_integer_division_u64(
{
unsigned long long result;
- SPL_ASSERT(divisor);
+ SPL_ASSERT_BUG(divisor);
result = spl_div64_u64_rem(dividend, divisor, remainder);
--
2.42.0
Powered by blists - more mailing lists