| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241011193041.GC53629@kernel.org> Date: Fri, 11 Oct 2024 20:30:41 +0100 From: Simon Horman <horms@...nel.org> To: Jeffrey Hugo <quic_jhugo@...cinc.com> Cc: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Woojung Huh <woojung.huh@...rochip.com>, Andrew Lunn <andrew@...n.ch>, Florian Fainelli <f.fainelli@...il.com>, Vladimir Oltean <olteanv@...il.com>, Richard Cochran <richardcochran@...il.com>, Jiawen Wu <jiawenwu@...stnetic.com>, Mengyuan Lou <mengyuanlou@...-swift.com>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Bill Wendling <morbo@...gle.com>, Justin Stitt <justinstitt@...gle.com>, Carl Vanderlip <quic_carlv@...cinc.com>, Oded Gabbay <ogabbay@...nel.org>, UNGLinuxDriver@...rochip.com, netdev@...r.kernel.org, llvm@...ts.linux.dev, linux-arm-msm@...r.kernel.org, dri-devel@...ts.freedesktop.org Subject: Re: [PATCH net-next 3/3] accel/qaic: Pass string literal as format argument of alloc_workqueue() On Fri, Oct 11, 2024 at 08:27:43AM -0600, Jeffrey Hugo wrote: > On 10/11/2024 3:57 AM, Simon Horman wrote: > > Recently I noticed that both gcc-14 and clang-18 report that passing > > a non-string literal as the format argument of alloc_workqueue() > > is potentially insecure. > > > > E.g. clang-18 says: > > > > .../qaic_drv.c:61:23: warning: format string is not a string literal (potentially insecure) [-Wformat-security] > > 61 | wq = alloc_workqueue(fmt, WQ_UNBOUND, 0); > > | ^~~ > > .../qaic_drv.c:61:23: note: treat the string as an argument to avoid this > > 61 | wq = alloc_workqueue(fmt, WQ_UNBOUND, 0); > > | ^ > > | "%s", > > > > It is always the case where the contents of fmt is safe to pass as the > > format argument. That is, in my understanding, it never contains any > > format escape sequences. > > > > But, it seems better to be safe than sorry. And, as a bonus, compiler > > output becomes less verbose by addressing this issue as suggested by > > clang-18. > > > > Also, change the name of the parameter of qaicm_wq_init from > > fmt to name to better reflect it's purpose. > > > > Compile tested only. > > I'm not sure why this looks like it is targeted for net-next. I'm not > seeing any dependencies on net code, nor is this a net driver. My confusion > makes me think I might be missing something. > > I'll plan on independently taking this through DRM, unless something is > brought to my attention. > > Regarding the patch itself, looks sane to me. I'll give it run through on > hardware soon. Sorry, the error is on my side. I should not targeted this patch at net-next. Let me know if I should repost it. As the series isn't entirely for net-next, I'll mark it as changes requested in netdev patchwork. And plan on reposting the other two patches for net-next some time soon. -- pw-bot: cr
Powered by blists - more mailing lists