| Message ID | 20211215232432.2069605-1-keescook@chromium.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 4599d78a820eb0a8ce2b3a1bd619620837cf906e |
| Headers | show |
| Series | iommu: Use correctly sized arguments for bit field | expand |
On Wed, Dec 15, 2021 at 3:24 PM Kees Cook <keescook@chromium.org> wrote: > > The find.h APIs are designed to be used only on unsigned long arguments. > This can technically result in a over-read, but it is harmless in this > case. Regardless, fix it to avoid the warning seen under -Warray-bounds, > which we'd like to enable globally: > > In file included from ./include/linux/bitmap.h:9, > from drivers/iommu/intel/iommu.c:17: > drivers/iommu/intel/iommu.c: In function 'domain_context_mapping_one': > ./include/linux/find.h:119:37: warning: array subscript 'long unsigned int[0]' is partly outside array bounds of 'int[1]' [-Warray-bounds] > 119 | unsigned long val = *addr & GENMASK(size - 1, 0); > | ^~~~~ > drivers/iommu/intel/iommu.c:2115:18: note: while referencing 'max_pde' > 2115 | int pds, max_pde; > | ^~~~~~~ > > Signed-off-by: Kees Cook <keescook@chromium.org> For all patches in this (not a) series Acked-by: Yury Norov <yury.norov@gmail.com> But can you explain, what for did you split this change? The Documentation/process says: "Solve only one problem per patch.", but here one problem is solved per 4 patches with identical description. I think it would be more logical to move-in this change as a single commitment rather than random scattered patches. Thanks, Yury > --- > drivers/iommu/intel/iommu.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c > index b6a8f3282411..99f9e8229384 100644 > --- a/drivers/iommu/intel/iommu.c > +++ b/drivers/iommu/intel/iommu.c > @@ -2112,10 +2112,10 @@ static void domain_exit(struct dmar_domain *domain) > */ > static inline unsigned long context_get_sm_pds(struct pasid_table *table) > { > - int pds, max_pde; > + unsigned long pds, max_pde; > > max_pde = table->max_pasid >> PASID_PDE_SHIFT; > - pds = find_first_bit((unsigned long *)&max_pde, MAX_NR_PASID_BITS); > + pds = find_first_bit(&max_pde, MAX_NR_PASID_BITS); > if (pds < 7) > return 0; > > -- > 2.30.2 >
On Wed, Dec 15, 2021 at 03:24:32PM -0800, Kees Cook wrote: > The find.h APIs are designed to be used only on unsigned long arguments. > This can technically result in a over-read, but it is harmless in this > case. Regardless, fix it to avoid the warning seen under -Warray-bounds, > which we'd like to enable globally: > > In file included from ./include/linux/bitmap.h:9, > from drivers/iommu/intel/iommu.c:17: > drivers/iommu/intel/iommu.c: In function 'domain_context_mapping_one': > ./include/linux/find.h:119:37: warning: array subscript 'long unsigned int[0]' is partly outside array bounds of 'int[1]' [-Warray-bounds] > 119 | unsigned long val = *addr & GENMASK(size - 1, 0); > | ^~~~~ > drivers/iommu/intel/iommu.c:2115:18: note: while referencing 'max_pde' > 2115 | int pds, max_pde; > | ^~~~~~~ > > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > drivers/iommu/intel/iommu.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Applied, thanks.
diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c index b6a8f3282411..99f9e8229384 100644 --- a/drivers/iommu/intel/iommu.c +++ b/drivers/iommu/intel/iommu.c @@ -2112,10 +2112,10 @@ static void domain_exit(struct dmar_domain *domain) */ static inline unsigned long context_get_sm_pds(struct pasid_table *table) { - int pds, max_pde; + unsigned long pds, max_pde; max_pde = table->max_pasid >> PASID_PDE_SHIFT; - pds = find_first_bit((unsigned long *)&max_pde, MAX_NR_PASID_BITS); + pds = find_first_bit(&max_pde, MAX_NR_PASID_BITS); if (pds < 7) return 0;
The find.h APIs are designed to be used only on unsigned long arguments. This can technically result in a over-read, but it is harmless in this case. Regardless, fix it to avoid the warning seen under -Warray-bounds, which we'd like to enable globally: In file included from ./include/linux/bitmap.h:9, from drivers/iommu/intel/iommu.c:17: drivers/iommu/intel/iommu.c: In function 'domain_context_mapping_one': ./include/linux/find.h:119:37: warning: array subscript 'long unsigned int[0]' is partly outside array bounds of 'int[1]' [-Warray-bounds] 119 | unsigned long val = *addr & GENMASK(size - 1, 0); | ^~~~~ drivers/iommu/intel/iommu.c:2115:18: note: while referencing 'max_pde' 2115 | int pds, max_pde; | ^~~~~~~ Signed-off-by: Kees Cook <keescook@chromium.org> --- drivers/iommu/intel/iommu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)