[next] wifi: rtw89: coex: Fix -Wstringop-overflow warnings in _append_tdma()

Message ID ZVJ6lRCRaywGktxJ@work
State New
Headers
Series [next] wifi: rtw89: coex: Fix -Wstringop-overflow warnings in _append_tdma() |

Commit Message

Gustavo A. R. Silva Nov. 13, 2023, 7:35 p.m. UTC
  Copy a couple of structures directly, instead of using `memcpy()`.

This addesses the following -Wstringop-overflow warnings:
drivers/net/wireless/realtek/rtw89/coex.c: In function ‘_append_tdma’:
./include/linux/fortify-string.h:57:33: warning: writing 8 bytes into a region of size 0 [-Wstringop-overflow=]
   57 | #define __underlying_memcpy     __builtin_memcpy
      |                                 ^
./include/linux/fortify-string.h:644:9: note: in expansion of macro ‘__underlying_memcpy’
  644 |         __underlying_##op(p, q, __fortify_size);                        \
      |         ^~~~~~~~~~~~~
./include/linux/fortify-string.h:689:26: note: in expansion of macro ‘__fortify_memcpy_chk’
  689 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,                  \
      |                          ^~~~~~~~~~~~~~~~~~~~
drivers/net/wireless/realtek/rtw89/coex.c:1585:17: note: in expansion of macro ‘memcpy’
 1585 |                 memcpy(&v3->tdma, &dm->tdma, sizeof(v3->tdma));
      |                 ^~~~~~
drivers/net/wireless/realtek/rtw89/core.h:2703:37: note: at offset [5714, 71249] into destination object ‘ver’ of size 8
 2703 |         const struct rtw89_btc_ver *ver;
      |                                     ^~~
./include/linux/fortify-string.h:57:33: warning: writing 8 bytes into a region of size 0 [-Wstringop-overflow=]
   57 | #define __underlying_memcpy     __builtin_memcpy
      |                                 ^
./include/linux/fortify-string.h:644:9: note: in expansion of macro ‘__underlying_memcpy’
  644 |         __underlying_##op(p, q, __fortify_size);                        \
      |         ^~~~~~~~~~~~~
./include/linux/fortify-string.h:689:26: note: in expansion of macro ‘__fortify_memcpy_chk’
  689 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,                  \
      |                          ^~~~~~~~~~~~~~~~~~~~
drivers/net/wireless/realtek/rtw89/coex.c:1579:17: note: in expansion of macro ‘memcpy’
 1579 |                 memcpy(v, &dm->tdma, sizeof(*v));
      |                 ^~~~~~
drivers/net/wireless/realtek/rtw89/core.h:2703:37: note: at offset [5710, 71245] into destination object ‘ver’ of size 8
 2703 |         const struct rtw89_btc_ver *ver;
      |                                     ^~~

This helps with the ongoing efforts to globally enable
-Wstringop-overflow.

Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 drivers/net/wireless/realtek/rtw89/coex.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
  

Comments

Ping-Ke Shih Nov. 14, 2023, 12:37 a.m. UTC | #1
> -----Original Message-----
> From: Gustavo A. R. Silva <gustavoars@kernel.org>
> Sent: Tuesday, November 14, 2023 3:36 AM
> To: Ping-Ke Shih <pkshih@realtek.com>; Kalle Valo <kvalo@kernel.org>
> Cc: linux-wireless@vger.kernel.org; linux-kernel@vger.kernel.org; Gustavo A. R. Silva
> <gustavoars@kernel.org>; linux-hardening@vger.kernel.org
> Subject: [PATCH][next] wifi: rtw89: coex: Fix -Wstringop-overflow warnings in _append_tdma()
> 
> Copy a couple of structures directly, instead of using `memcpy()`.
> 

wireless-next has taken my patch [1] that is identical to yours.

[1] https://lore.kernel.org/all/20231102003716.25815-1-pkshih@realtek.com/
  
Gustavo A. R. Silva Nov. 14, 2023, 1:23 a.m. UTC | #2
On 11/13/23 18:37, Ping-Ke Shih wrote:
> 
> 
>> -----Original Message-----
>> From: Gustavo A. R. Silva <gustavoars@kernel.org>
>> Sent: Tuesday, November 14, 2023 3:36 AM
>> To: Ping-Ke Shih <pkshih@realtek.com>; Kalle Valo <kvalo@kernel.org>
>> Cc: linux-wireless@vger.kernel.org; linux-kernel@vger.kernel.org; Gustavo A. R. Silva
>> <gustavoars@kernel.org>; linux-hardening@vger.kernel.org
>> Subject: [PATCH][next] wifi: rtw89: coex: Fix -Wstringop-overflow warnings in _append_tdma()
>>
>> Copy a couple of structures directly, instead of using `memcpy()`.
>>
> 
> wireless-next has taken my patch [1] that is identical to yours.

Great!

I had mine ready on Oct 31, but I was waiting for the merge window to close
before sending it.

Glad to see that the issue is fixed already. :)

Thanks
--
Gustavo

> 
> [1] https://lore.kernel.org/all/20231102003716.25815-1-pkshih@realtek.com/
> 
>
  
Kalle Valo Nov. 14, 2023, 8:03 a.m. UTC | #3
"Gustavo A. R. Silva" <gustavo@embeddedor.com> writes:

>> wireless-next has taken my patch [1] that is identical to yours.
>
> Great!
>
> I had mine ready on Oct 31, but I was waiting for the merge window to close
> before sending it.

BTW we keep wireless-next open also during merge windows. So no need to
hold up wireless patches because of the merge window. I know it's
confusing that we do differently than how net-next works but this is
easier for us, less patch build up.
  

Patch

diff --git a/drivers/net/wireless/realtek/rtw89/coex.c b/drivers/net/wireless/realtek/rtw89/coex.c
index bdcc172639e4..b842cd9a86f8 100644
--- a/drivers/net/wireless/realtek/rtw89/coex.c
+++ b/drivers/net/wireless/realtek/rtw89/coex.c
@@ -1576,13 +1576,13 @@  static void _append_tdma(struct rtw89_dev *rtwdev)
 	if (ver->fcxtdma == 1) {
 		v = (struct rtw89_btc_fbtc_tdma *)&tlv->val[0];
 		tlv->len = sizeof(*v);
-		memcpy(v, &dm->tdma, sizeof(*v));
+		*v = dm->tdma;
 		btc->policy_len += BTC_TLV_HDR_LEN + sizeof(*v);
 	} else {
 		tlv->len = sizeof(*v3);
 		v3 = (struct rtw89_btc_fbtc_tdma_v3 *)&tlv->val[0];
 		v3->fver = ver->fcxtdma;
-		memcpy(&v3->tdma, &dm->tdma, sizeof(v3->tdma));
+		v3->tdma = dm->tdma;
 		btc->policy_len += BTC_TLV_HDR_LEN + sizeof(*v3);
 	}