| Message ID | ZHkseX6TiFahvxJA@work |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp684099vqr;
Thu, 1 Jun 2023 16:44:32 -0700 (PDT)
X-Google-Smtp-Source:
ACHHUZ5ZT1dtYWq2L7+4dK4TSo6pjC2KMz8sUPZcIklejQgl50k8vDX/bAu588gzgwp2cQFsp8/l
X-Received: by 2002:a05:6a00:a96:b0:63b:54e4:871b with SMTP id
b22-20020a056a000a9600b0063b54e4871bmr4012656pfl.8.1685663071772;
Thu, 01 Jun 2023 16:44:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1685663071; cv=none;
d=google.com; s=arc-20160816;
b=wpIeo5jxVI5jhEUQLtU6HIgl+8J2evIQNhdxAIgiFsVWCSky1thFQK7zNn+arUjO2C
HqkujwZWBRnJ1Nduku/klEHCEUlyOSgZ7EldsQ3PFVvOWS8AbbByGdbTwq5+TVm57S5j
05CHBydicCm/fFjPr3vdaH9WDHsLEBE9PQdDRTTe7/VcX3eg/VFVLpkUuXron125ZW9b
X3wGSRzoOOexlf/R04ERrB4TM7eXqTHSi9oQvc9k+4EDMmMrGofqxrqTyF/mF8uIaiP4
ydLhz3vGAejs0TMjEgOBVIzL4EpN5QHZyLdmB4weAPgv/hTYeJ/B3d0r6gcLOAE00lNc
WbIQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:content-disposition
:mime-version:message-id:subject:cc:to:from:date:dkim-signature;
bh=DRycZ9Osm79dPEQ0VPJYJSCqckkzJOHIsU1lEndOD9k=;
b=x53s0tBHQCm8SmxQPccEkedcoHd+BDgIGNCci8UeqMCzeEH/TTJq/3ujRUzhnvNhH7
M5sEJ7iS68amR6sLMXgaHW8URpm1Gm/McNpZ/KPNHXWhGq2ERzjlXYcpNtBGoL9nAgWB
kjHhhiKoZvRcADDIYaNkoUBkxpZQYvnUvFws3hgV5aO+bHC4cvXw76jpUBmJuDJWto9E
lCdsuaPWLvr08QGnGkEuxmXFTrj5vO8pEGf0bPlTmnrYfy+7yc/FGMogt5VvepybqSIi
MdvlfUDPFkZ8mOfoGtRsC42kc0VZaVJGA1ehjV9mihFm4gyojA13/P1WSVRDm2OE5025
F+Jg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fwc7Tv0D;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
e5-20020a056a0000c500b0064f98fbcac8si1854923pfj.293.2023.06.01.16.44.17;
Thu, 01 Jun 2023 16:44:31 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fwc7Tv0D;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S232932AbjFAXkC (ORCPT <rfc822;limurcpp@gmail.com> + 99 others);
Thu, 1 Jun 2023 19:40:02 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41434 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S232746AbjFAXjv (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 1 Jun 2023 19:39:51 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A3FEE136;
Thu, 1 Jun 2023 16:39:50 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by dfw.source.kernel.org (Postfix) with ESMTPS id 3B6EE646B3;
Thu, 1 Jun 2023 23:39:50 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9DA09C433EF;
Thu, 1 Jun 2023 23:39:48 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
s=k20201202; t=1685662789;
bh=3jR6coTEIcQtDZcNzSMSFv+M4QM62RvBoRRP0rTVqDY=;
h=Date:From:To:Cc:Subject:From;
b=fwc7Tv0DaRLNwBp0LIrrU8Ot+TZ8GxkknFOtF7HdZbG2BM2+QkEHGkrNQAhjeqfKC
95COu5tIu/DBAA9fFFzhQzVZG0gZBic5SJzHbJJIGGUGSyuDRZQfJgSRWRjOjahJtL
v5QQVcdPfunXzlsLY0XhxNr9yg0W2SMHZO6Me3den1nsWJWcablV46r1Wh+rSqhM+3
8OT+OgEPDdJf+Dy37ih6KM1QJ75q7NnSQj42MVexWoBqIWxH48DlgR1d5Q/IEw6Q0R
MhBTJXdyGFnICpULkSxMc/POPCMFpRJJCCMErrRmjGRxyZN2/B3A8B6qNtral0teVk
s7p9MKckvfIVw==
Date: Thu, 1 Jun 2023 17:40:41 -0600
From: "Gustavo A. R. Silva" <gustavoars@kernel.org>
To: James Smart <james.smart@broadcom.com>,
Dick Kennedy <dick.kennedy@broadcom.com>,
"James E.J. Bottomley" <jejb@linux.ibm.com>,
"Martin K. Petersen" <martin.petersen@oracle.com>,
Kees Cook <keescook@chromium.org>
Cc: linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
linux-hardening@vger.kernel.org
Subject: [PATCH v2][next] scsi: lpfc: Avoid -Wstringop-overflow warning
Message-ID: <ZHkseX6TiFahvxJA@work>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1767356506113554637?=
X-GMAIL-MSGID: =?utf-8?q?1767545841372083967?=
|
| Series |
[v2,next] scsi: lpfc: Avoid -Wstringop-overflow warning
|
|
Commit Message
Gustavo A. R. Silva
June 1, 2023, 11:40 p.m. UTC
Prevent any potential integer wrapping issue, and avoid a
-Wstringop-overflow warning by using the check_mul_overflow() helper.
drivers/scsi/lpfc/lpfc.h:
837:#define LPFC_RAS_MIN_BUFF_POST_SIZE (256 * 1024)
drivers/scsi/lpfc/lpfc_debugfs.c:
2266 size = LPFC_RAS_MIN_BUFF_POST_SIZE * phba->cfg_ras_fwlog_buffsize;
this can wrap to negative if cfg_ras_fwlog_buffsize is large
enough. And even when in practice this is not possible (due to
phba->cfg_ras_fwlog_buffsize never being larger than 4[1]), the
compiler is legitimately warning us about potentially buggy code.
Fix the following warning seen under GCC-13:
In function ‘lpfc_debugfs_ras_log_data’,
inlined from ‘lpfc_debugfs_ras_log_open’ at drivers/scsi/lpfc/lpfc_debugfs.c:2271:15:
drivers/scsi/lpfc/lpfc_debugfs.c:2210:25: warning: ‘memcpy’ specified bound between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
2210 | memcpy(buffer + copied, dmabuf->virt,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2211 | size - copied - 1);
| ~~~~~~~~~~~~~~~~~~
Link: https://github.com/KSPP/linux/issues/305
Link: https://lore.kernel.org/linux-hardening/CABPRKS8zyzrbsWt4B5fp7kMowAZFiMLKg5kW26uELpg1cDKY3A@mail.gmail.com/ [1]
Co-developed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
Changes in v2:
- Use check_mul_overflow() helper (Kees).
v1:
- Link: https://lore.kernel.org/linux-hardening/ZHZq7AV9Q2WG1xRB@work/
drivers/scsi/lpfc/lpfc_debugfs.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
Comments
Thanks Gustavo and Kees. Reviewed-by: Justin Tee <justin.tee@broadcom.com> On Thu, Jun 1, 2023 at 4:43 PM Gustavo A. R. Silva <gustavoars@kernel.org> wrote: > > Prevent any potential integer wrapping issue, and avoid a > -Wstringop-overflow warning by using the check_mul_overflow() helper. > > drivers/scsi/lpfc/lpfc.h: > 837:#define LPFC_RAS_MIN_BUFF_POST_SIZE (256 * 1024) > > drivers/scsi/lpfc/lpfc_debugfs.c: > 2266 size = LPFC_RAS_MIN_BUFF_POST_SIZE * phba->cfg_ras_fwlog_buffsize; > > this can wrap to negative if cfg_ras_fwlog_buffsize is large > enough. And even when in practice this is not possible (due to > phba->cfg_ras_fwlog_buffsize never being larger than 4[1]), the > compiler is legitimately warning us about potentially buggy code. > > Fix the following warning seen under GCC-13: > In function ‘lpfc_debugfs_ras_log_data’, > inlined from ‘lpfc_debugfs_ras_log_open’ at drivers/scsi/lpfc/lpfc_debugfs.c:2271:15: > drivers/scsi/lpfc/lpfc_debugfs.c:2210:25: warning: ‘memcpy’ specified bound between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] > 2210 | memcpy(buffer + copied, dmabuf->virt, > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 2211 | size - copied - 1); > | ~~~~~~~~~~~~~~~~~~ > > Link: https://github.com/KSPP/linux/issues/305 > Link: https://lore.kernel.org/linux-hardening/CABPRKS8zyzrbsWt4B5fp7kMowAZFiMLKg5kW26uELpg1cDKY3A@mail.gmail.com/ [1] > Co-developed-by: Kees Cook <keescook@chromium.org> > Signed-off-by: Kees Cook <keescook@chromium.org> > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> > --- > Changes in v2: > - Use check_mul_overflow() helper (Kees). > > v1: > - Link: https://lore.kernel.org/linux-hardening/ZHZq7AV9Q2WG1xRB@work/ > > drivers/scsi/lpfc/lpfc_debugfs.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/drivers/scsi/lpfc/lpfc_debugfs.c b/drivers/scsi/lpfc/lpfc_debugfs.c > index bdf34af4ef36..7f9b221e7c34 100644 > --- a/drivers/scsi/lpfc/lpfc_debugfs.c > +++ b/drivers/scsi/lpfc/lpfc_debugfs.c > @@ -2259,11 +2259,15 @@ lpfc_debugfs_ras_log_open(struct inode *inode, struct file *file) > goto out; > } > spin_unlock_irq(&phba->hbalock); > - debug = kmalloc(sizeof(*debug), GFP_KERNEL); > + > + if (check_mul_overflow(LPFC_RAS_MIN_BUFF_POST_SIZE, > + phba->cfg_ras_fwlog_buffsize, &size)) > + goto out; > + > + debug = kzalloc(sizeof(*debug), GFP_KERNEL); > if (!debug) > goto out; > > - size = LPFC_RAS_MIN_BUFF_POST_SIZE * phba->cfg_ras_fwlog_buffsize; > debug->buffer = vmalloc(size); > if (!debug->buffer) > goto free_debug; > -- > 2.34.1 >
Gustavo, > Prevent any potential integer wrapping issue, and avoid a > -Wstringop-overflow warning by using the check_mul_overflow() helper. Applied to 6.5/scsi-staging, thanks!
On Thu, 01 Jun 2023 17:40:41 -0600, Gustavo A. R. Silva wrote: > Prevent any potential integer wrapping issue, and avoid a > -Wstringop-overflow warning by using the check_mul_overflow() helper. > > drivers/scsi/lpfc/lpfc.h: > 837:#define LPFC_RAS_MIN_BUFF_POST_SIZE (256 * 1024) > > drivers/scsi/lpfc/lpfc_debugfs.c: > 2266 size = LPFC_RAS_MIN_BUFF_POST_SIZE * phba->cfg_ras_fwlog_buffsize; > > [...] Applied to 6.5/scsi-queue, thanks! [1/1] scsi: lpfc: Avoid -Wstringop-overflow warning https://git.kernel.org/mkp/scsi/c/a48e2c328c65
diff --git a/drivers/scsi/lpfc/lpfc_debugfs.c b/drivers/scsi/lpfc/lpfc_debugfs.c index bdf34af4ef36..7f9b221e7c34 100644 --- a/drivers/scsi/lpfc/lpfc_debugfs.c +++ b/drivers/scsi/lpfc/lpfc_debugfs.c @@ -2259,11 +2259,15 @@ lpfc_debugfs_ras_log_open(struct inode *inode, struct file *file) goto out; } spin_unlock_irq(&phba->hbalock); - debug = kmalloc(sizeof(*debug), GFP_KERNEL); + + if (check_mul_overflow(LPFC_RAS_MIN_BUFF_POST_SIZE, + phba->cfg_ras_fwlog_buffsize, &size)) + goto out; + + debug = kzalloc(sizeof(*debug), GFP_KERNEL); if (!debug) goto out; - size = LPFC_RAS_MIN_BUFF_POST_SIZE * phba->cfg_ras_fwlog_buffsize; debug->buffer = vmalloc(size); if (!debug->buffer) goto free_debug;