leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1c7ab9cd98
linux/drivers
History
Kees Cook 1c7ab9cd98 net: chelsio: cxgb4: Avoid potential negative array offset 
Using min_t(int, ...) as a potential array index implies to the compiler
that negative offsets should be allowed. This is not the case, though.
Replace "int" with "unsigned int". Fixes the following warning exposed
under future CONFIG_FORTIFY_SOURCE improvements:

In file included from include/linux/string.h:253,
                 from include/linux/bitmap.h:11,
                 from include/linux/cpumask.h:12,
                 from include/linux/smp.h:13,
                 from include/linux/lockdep.h:14,
                 from include/linux/rcupdate.h:29,
                 from include/linux/rculist.h:11,
                 from include/linux/pid.h:5,
                 from include/linux/sched.h:14,
                 from include/linux/delay.h:23,
                 from drivers/net/ethernet/chelsio/cxgb4/t4_hw.c:35:
drivers/net/ethernet/chelsio/cxgb4/t4_hw.c: In function 't4_get_raw_vpd_params':
include/linux/fortify-string.h:46:33: warning: '__builtin_memcpy' pointer overflow between offset 29 and size [2147483648, 4294967295] [-Warray-bounds]
   46 | #define __underlying_memcpy     __builtin_memcpy
      |                                 ^
include/linux/fortify-string.h:388:9: note: in expansion of macro '__underlying_memcpy'
  388 |         __underlying_##op(p, q, __fortify_size);                        \
      |         ^~~~~~~~~~~~~
include/linux/fortify-string.h:433:26: note: in expansion of macro '__fortify_memcpy_chk'
  433 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,                  \
      |                          ^~~~~~~~~~~~~~~~~~~~
drivers/net/ethernet/chelsio/cxgb4/t4_hw.c:2796:9: note: in expansion of macro 'memcpy'
 2796 |         memcpy(p->id, vpd + id, min_t(int, id_len, ID_LEN));
      |         ^~~~~~
include/linux/fortify-string.h:46:33: warning: '__builtin_memcpy' pointer overflow between offset 0 and size [2147483648, 4294967295] [-Warray-bounds]
   46 | #define __underlying_memcpy     __builtin_memcpy
      |                                 ^
include/linux/fortify-string.h:388:9: note: in expansion of macro '__underlying_memcpy'
  388 |         __underlying_##op(p, q, __fortify_size);                        \
      |         ^~~~~~~~~~~~~
include/linux/fortify-string.h:433:26: note: in expansion of macro '__fortify_memcpy_chk'
  433 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,                  \
      |                          ^~~~~~~~~~~~~~~~~~~~
drivers/net/ethernet/chelsio/cxgb4/t4_hw.c:2798:9: note: in expansion of macro 'memcpy'
 2798 |         memcpy(p->sn, vpd + sn, min_t(int, sn_len, SERNUM_LEN));
      |         ^~~~~~

Additionally remove needless cast from u8[] to char * in last strim()
call.

Reported-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/lkml/202205031926.FVP7epJM-lkp@intel.com
Fixes: fc9279298e ("cxgb4: Search VPD with pci_vpd_find_ro_info_keyword()")
Fixes: 24c521f81c ("cxgb4: Use pci_vpd_find_id_string() to find VPD ID string")
Cc: Raju Rangoju <rajur@chelsio.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220505233101.1224230-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-05-06 15:41:27 -07:00
..
accessibility
acpi Revert "ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40" 2022-04-21 19:58:14 +02:00
amba
android binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 2022-04-22 17:22:51 +02:00
ata ata: pata_marvell: Check the 'bmdma_addr' beforing reading 2022-04-22 08:45:06 +09:00
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-03-17 13:56:58 -07:00
auxdisplay auxdisplay: lcd2s: Use array size explicitly in lcd2s_gotoxy() 2022-03-18 20:31:14 +01:00
base Driver core fixes for 5.18-rc5 2022-04-30 10:24:21 -07:00
bcma Core MTD changes: 2022-03-25 13:35:34 -07:00
block floppy: disable FDRAWCMD by default 2022-04-27 09:41:54 -07:00
bluetooth Bluetooth: ath3k: remove superfluous header files 2022-03-18 17:12:09 +01:00
bus - Fix locking when accessing device MSI descriptors 2022-05-01 09:30:47 -07:00
cdrom cdrom: remove unused variable 2022-04-06 08:47:52 -06:00
char Fix some issues that were reported 2022-05-04 11:01:31 -07:00
clk Add missing sentinel, check return value and mark rtc-32k as critical 2022-04-25 16:47:24 -07:00
clocksource asm-generic updates for 5.18 2022-03-23 18:03:08 -07:00
comedi
connector
counter Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
cpufreq cpufreq: qcom-cpufreq-hw: Clear dcvs interrupts 2022-04-26 12:08:31 +05:30
cpuidle cpuidle: riscv: support non-SMP config 2022-04-19 17:42:08 -07:00
crypto virtio: features, fixes 2022-03-31 13:57:15 -07:00
cxl cxl/pci: Drop shadowed variable 2022-04-08 12:59:43 -07:00
dax dax for 5.18 2022-03-24 18:12:09 -07:00
dca
devfreq
dio
dma dmaengine: idxd: skip clearing device context when device is read-only 2022-04-20 17:24:43 +05:30
dma-buf dma-buf: handle empty dma_fence_arrays gracefully 2022-03-29 09:14:30 +02:00
edac EDAC/synopsys: Read the error count from the correct register 2022-04-14 14:44:49 +02:00
eisa
extcon
firewire
firmware sound fixes for 5.18-rc4 2022-04-22 13:11:38 -07:00
fpga
fsi
gnss
gpio gpio: Request interrupts after IRQ is initialized 2022-04-22 13:59:19 -07:00
gpu Merge tag 'amd-drm-fixes-5.18-2022-04-27' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes 2022-04-29 10:27:05 +10:00
greybus
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2022-04-01 10:14:32 -07:00
hsi
hv hyperv-fixes for 5.18-rc2 2022-04-07 06:35:34 -10:00
hwmon hwmon: (pmbus) delta-ahe50dc-fan: work around hardware quirk 2022-04-27 04:52:18 -07:00
hwspinlock
hwtracing Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
i2c i2c: ismt: Fix undefined behavior due to shift overflowing the constant 2022-04-15 23:49:02 +02:00
i3c
idle intel_idle: Fix SPR C6 optimization 2022-04-27 20:36:47 +02:00
iio iio: imu: inv_icm42600: Fix I2C init possible nack 2022-04-16 15:03:58 +01:00
infiniband RDMA/hfi1: Fix use-after-free bug for mm struct 2022-04-08 15:40:06 -03:00
input Input updates for v5.18-rc3 2022-04-23 09:52:07 -07:00
interconnect interconnect: qcom: sdx55: Drop IP0 interconnects 2022-04-14 09:47:16 +03:00
iommu iommu: Make sysfs robust for non-API groups 2022-05-04 15:13:39 +02:00
ipack
irqchip irqchip/gic, gic-v3: Prevent GSI to SGI translations 2022-04-05 16:33:47 +01:00
isdn mISDN: fix typo "frame to short" -> "frame too short" 2022-03-21 13:26:38 +00:00
leds LED updates for 5.18-rc1. Nothing major here, there are two drivers 2022-03-27 14:09:48 -07:00
macintosh
mailbox
mcb
md block-5.18-2022-04-22 2022-04-23 09:46:44 -07:00
media media: si2157: unknown chip version Si2147-A30 ROM 0x50 2022-04-09 17:45:49 +02:00
memory memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode 2022-04-21 17:00:24 +02:00
memstick
message scsi: message: fusion: Remove redundant variable dmp 2022-04-06 22:28:07 -04:00
mfd - New Drivers 2022-03-25 13:56:18 -07:00
misc eeprom: at25: Use DMA safe buffers 2022-04-24 17:25:10 +02:00
mmc mmc: core: improve API to make clear mmc_hw_reset is for cards 2022-04-08 11:00:08 +02:00
most
mtd mtd: rawnand: qcom: fix memory corruption that causes panic 2022-04-21 09:29:07 +02:00
mux
net net: chelsio: cxgb4: Avoid potential negative array offset 2022-05-06 15:41:27 -07:00
nfc nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs 2022-05-01 13:26:05 +01:00
ntb
nubus
nvdimm libnvdimm for 5.18 2022-03-30 10:04:11 -07:00
nvme nvme-pci: disable namespace identifiers for Qemu controllers 2022-04-15 06:56:17 +02:00
nvmem nvmem: brcm_nvram: parse NVRAM content into NVMEM cells 2022-03-18 14:08:36 +01:00
of Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
opp
parisc parisc: Fix CPU affinity for Lasi, WAX and Dino chips 2022-03-29 21:37:12 +02:00
parport parport_pc: Also enable driver for PCI systems 2022-03-18 14:01:41 +01:00
pci hyperv-fixes for 5.18-rc2 2022-04-07 06:35:34 -10:00
pcmcia
peci
perf arm_pmu: Validate single/group leader events 2022-04-13 11:48:45 +01:00
phy phy: amlogic: fix error path in phy_g12a_usb3_pcie_probe() 2022-04-20 14:42:44 +05:30
pinctrl pinctrl: pistachio: fix use of irq_of_parse_and_map() 2022-04-24 16:24:09 +02:00
platform platform/x86/intel: pmc/core: change pmc_lpm_modes to static 2022-04-27 16:55:54 +02:00
pnp PNP update for 5.18-rc1 2022-03-21 14:46:01 -07:00
power power: supply: Reset err after not finding static battery 2022-04-13 12:05:22 +02:00
powercap
pps pps: generators: pps_gen_parport: Switch to use module_parport_driver() 2022-03-18 14:01:19 +01:00
ps3
ptp ptp: ocp: handle error from nvmem_device_find 2022-03-30 12:08:11 -07:00
pwm
rapidio
ras
regulator regulator: atc260x: Fix missing active_discharge_on setting 2022-04-04 08:59:43 +01:00
remoteproc remoteproc updates for v5.18 2022-03-30 10:50:48 -07:00
reset reset: tegra-bpmp: Restore Handle errors in BPMP response 2022-04-04 11:14:13 +02:00
rpmsg
rtc RTC for 5.18 2022-04-01 09:37:18 -07:00
s390 s390: cleanup timer API use 2022-03-27 22:18:39 +02:00
sbus
scsi scsi: sr: Do not leak information in ioctl 2022-04-18 22:48:31 -04:00
sh
siox
slimbus
soc soc: imx: imx8m-blk-ctrl: Fix IMX8MN_DISPBLK_PD_ISI hang 2022-04-10 09:32:08 +08:00
soundwire Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
spi spi: Fixes for v5.18 2022-04-19 10:30:43 -07:00
spmi
ssb
staging staging: r8188eu: Fix PPPoE tag insertion on little endian systems 2022-04-04 16:35:20 +02:00
target scsi: target: pscsi: Set SCF_TREAT_READ_AS_NORMAL flag only if there is valid data 2022-04-27 22:40:09 -04:00
tc
tee tee: optee: add missing mutext_destroy in optee_ffa_probe 2022-04-05 08:56:26 +02:00
thermal Merge branch 'thermal-int340x' 2022-04-28 16:51:24 +02:00
thunderbolt Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
tty tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() 2022-04-26 08:09:46 +02:00
uio
usb usb: phy: generic: Get the vbus supply 2022-04-26 14:10:54 +02:00
vdpa virtio: fixes, cleanups 2022-04-05 10:40:52 -07:00
vfio vfio/pci: Fix vf_token mechanism when device-specific VF drivers are used 2022-04-13 11:37:44 -06:00
vhost virtio: features, fixes 2022-03-31 13:57:15 -07:00
video fbdev fixes and updates for kernel v5.18-rc5 2022-04-26 11:32:01 -07:00
virt Random number generator fixes for Linux 5.18-rc1. 2022-03-31 14:51:34 -07:00
virtio virtio: fixes, cleanups 2022-04-05 10:40:52 -07:00
visorbus
vlynq
vme
w1 w1: w1_therm: Add support for Maxim MAX31850 thermoelement IF. 2022-03-18 14:07:09 +01:00
watchdog linux-watchdog 5.18-rc1 tag 2022-03-31 14:14:03 -07:00
xen xen: Convert kmap() to kmap_local_page() 2022-04-20 15:22:18 -05:00
zorro
Kconfig
Makefile