| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID:
<CH0PR18MB433904A22EE2C4F2E408B6F6CD1F2@CH0PR18MB4339.namprd18.prod.outlook.com>
Date: Fri, 3 May 2024 06:20:02 +0000
From: Geethasowjanya Akula <gakula@...vell.com>
To: Simon Horman <horms@...nel.org>, "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
Paolo
Abeni <pabeni@...hat.com>
CC: Sunil Kovvuri Goutham <sgoutham@...vell.com>,
Subbaraya Sundeep Bhatta
<sbhatta@...vell.com>,
Hariprasad Kelam <hkelam@...vell.com>,
Dan Carpenter
<dan.carpenter@...aro.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: RE: [EXTERNAL] [PATCH net-next] octeontx2-pf: Treat truncation of IRQ
name as an error
> -----Original Message-----
> From: Simon Horman <horms@...nel.org>
> Sent: Wednesday, May 1, 2024 11:57 PM
> To: David S. Miller <davem@...emloft.net>; Eric Dumazet
> <edumazet@...gle.com>; Jakub Kicinski <kuba@...nel.org>; Paolo Abeni
> <pabeni@...hat.com>
> Cc: Sunil Kovvuri Goutham <sgoutham@...vell.com>; Geethasowjanya
> Akula <gakula@...vell.com>; Subbaraya Sundeep Bhatta
> <sbhatta@...vell.com>; Hariprasad Kelam <hkelam@...vell.com>; Dan
> Carpenter <dan.carpenter@...aro.org>; netdev@...r.kernel.org
> Subject: [EXTERNAL] [PATCH net-next] octeontx2-pf: Treat truncation of IRQ
> name as an error
>
> ----------------------------------------------------------------------
> According to GCC, the constriction of irq_name in otx2_open() may,
> theoretically, be truncated.
>
> This patch takes the approach of treating such a situation as an error which it
> detects by making use of the return value of snprintf, which is the total
> number of bytes, including the trailing '\0', that would have been written.
>
> Based on the approach taken to a similar problem in commit 54b909436ede
> ("rtc: fix snprintf() checking in is_rtc_hctosys()")
>
> Flagged by gcc-13 W=1 builds as:
>
> .../otx2_pf.c:1933:58: warning: 'snprintf' output may be truncated before the
> last format character [-Wformat-truncation=]
> 1933 | snprintf(irq_name, NAME_SIZE, "%s-rxtx-%d", pf->netdev-
> >name,
> | ^
> .../otx2_pf.c:1933:17: note: 'snprintf' output between 8 and 33 bytes into a
> destination of size 32
> 1933 | snprintf(irq_name, NAME_SIZE, "%s-rxtx-%d", pf->netdev-
> >name,
> |
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1934 | qidx);
> | ~~~~~
>
> Compile tested only.
>
> Signed-off-by: Simon Horman <horms@...nel.org>
> ---
> drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c
> b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c
> index 6a44dacff508..14bccff0ee5c 100644
> --- a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c
> +++ b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c
> @@ -1886,9 +1886,17 @@ int otx2_open(struct net_device *netdev)
> vec = pf->hw.nix_msixoff + NIX_LF_CINT_VEC_START;
> for (qidx = 0; qidx < pf->hw.cint_cnt; qidx++) {
> irq_name = &pf->hw.irq_name[vec * NAME_SIZE];
> + int name_len;
>
> - snprintf(irq_name, NAME_SIZE, "%s-rxtx-%d", pf->netdev-
> >name,
> - qidx);
> + name_len = snprintf(irq_name, NAME_SIZE, "%s-rxtx-%d",
> + pf->netdev->name, qidx);
> + if (name_len >= NAME_SIZE) {
> + dev_err(pf->dev,
> + "RVUPF%d: IRQ registration failed for CQ%d,
> irq name is too long\n",
> + rvu_get_pf(pf->pcifunc), qidx);
> + err = -EINVAL;
> + goto err_free_cints;
> + }
>
> err = request_irq(pci_irq_vector(pf->pdev, vec),
> otx2_cq_intr_handler, 0, irq_name,
Tested-by: Geetha sowjanya <gakula@...vell.com>
Powered by blists - more mailing lists