From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: Re: [PATCH 64/64] fortify: Add run-time WARN for cross-field memcpy()
Date: Thu, 29 Jul 2021 03:44:12 +0800 [thread overview]
Message-ID: <202107290329.uzNKBqGM-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 6256 bytes --]
CC: kbuild-all(a)lists.01.org
In-Reply-To: <20210727205855.411487-65-keescook@chromium.org>
References: <20210727205855.411487-65-keescook@chromium.org>
TO: Kees Cook <keescook@chromium.org>
Hi Kees,
I love your patch! Perhaps something to improve:
[auto build test WARNING on staging/staging-testing]
[also build test WARNING on linus/master v5.14-rc3]
[cannot apply to wireless-drivers-next/master wireless-drivers/master next-20210727]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Kees-Cook/Introduce-strict-memcpy-bounds-checking/20210728-053749
base: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git 39f9137268ee3df0047706df4e9b7357a40ffc98
:::::: branch date: 22 hours ago
:::::: commit date: 22 hours ago
config: mips-randconfig-m031-20210728 (attached as .config)
compiler: mips-linux-gcc (GCC) 10.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
net/ncsi/ncsi-rsp.c:471 ncsi_rsp_handler_sma() warn: potential spectre issue 'ncf->addrs' [r]
net/bluetooth/hci_event.c:730 hci_cc_read_local_ext_features() warn: potential spectre issue 'hdev->features' [r] (local cap)
net/bluetooth/hci_event.c:4305 hci_remote_ext_features_evt() warn: potential spectre issue 'conn->features' [r] (local cap)
net/ipv4/ip_options.c:167 __ip_options_echo() warn: potential spectre issue 'start' [r]
net/ipv4/ip_options.c:629 ip_options_rcv_srr() warn: potential spectre issue 'optptr' [r]
Old smatch warnings:
net/ncsi/ncsi-rsp.c:373 ncsi_rsp_handler_svf() warn: potential spectre issue 'ncf->vids' [w]
net/bluetooth/hci_event.c:5685 hci_le_adv_report_evt() warn: potential spectre issue 'ev->data' [r] (local cap)
net/bluetooth/hci_event.c:5687 hci_le_adv_report_evt() warn: possible spectre second half. 'rssi'
net/ipv4/ip_options.c:560 ip_forward_options() warn: potential spectre issue 'optptr' [w]
net/ipv4/ip_options.c:569 ip_forward_options() warn: possible spectre second half. 'srrptr'
net/ipv4/ip_options.c:569 ip_forward_options() warn: possible spectre second half. 'srrspace'
vim +471 net/ncsi/ncsi-rsp.c
138635cc27c9737 Gavin Shan 2016-07-19 434
138635cc27c9737 Gavin Shan 2016-07-19 435 static int ncsi_rsp_handler_sma(struct ncsi_request *nr)
138635cc27c9737 Gavin Shan 2016-07-19 436 {
138635cc27c9737 Gavin Shan 2016-07-19 437 struct ncsi_cmd_sma_pkt *cmd;
138635cc27c9737 Gavin Shan 2016-07-19 438 struct ncsi_rsp_pkt *rsp;
138635cc27c9737 Gavin Shan 2016-07-19 439 struct ncsi_dev_priv *ndp = nr->ndp;
138635cc27c9737 Gavin Shan 2016-07-19 440 struct ncsi_channel *nc;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 441 struct ncsi_channel_mac_filter *ncf;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 442 unsigned long flags;
138635cc27c9737 Gavin Shan 2016-07-19 443 void *bitmap;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 444 bool enabled;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 445 int index;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 446
138635cc27c9737 Gavin Shan 2016-07-19 447
138635cc27c9737 Gavin Shan 2016-07-19 448 /* Find the package and channel */
138635cc27c9737 Gavin Shan 2016-07-19 449 rsp = (struct ncsi_rsp_pkt *)skb_network_header(nr->rsp);
138635cc27c9737 Gavin Shan 2016-07-19 450 ncsi_find_package_and_channel(ndp, rsp->rsp.common.channel,
138635cc27c9737 Gavin Shan 2016-07-19 451 NULL, &nc);
138635cc27c9737 Gavin Shan 2016-07-19 452 if (!nc)
138635cc27c9737 Gavin Shan 2016-07-19 453 return -ENODEV;
138635cc27c9737 Gavin Shan 2016-07-19 454
138635cc27c9737 Gavin Shan 2016-07-19 455 /* According to NCSI spec 1.01, the mixed filter table
138635cc27c9737 Gavin Shan 2016-07-19 456 * isn't supported yet.
138635cc27c9737 Gavin Shan 2016-07-19 457 */
138635cc27c9737 Gavin Shan 2016-07-19 458 cmd = (struct ncsi_cmd_sma_pkt *)skb_network_header(nr->cmd);
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 459 enabled = cmd->at_e & 0x1;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 460 ncf = &nc->mac_filter;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 461 bitmap = &ncf->bitmap;
138635cc27c9737 Gavin Shan 2016-07-19 462
990a9d4975c974b Dan Carpenter 2018-05-17 463 if (cmd->index == 0 ||
990a9d4975c974b Dan Carpenter 2018-05-17 464 cmd->index > ncf->n_uc + ncf->n_mc + ncf->n_mixed)
138635cc27c9737 Gavin Shan 2016-07-19 465 return -ERANGE;
138635cc27c9737 Gavin Shan 2016-07-19 466
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 467 index = (cmd->index - 1) * ETH_ALEN;
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 468 spin_lock_irqsave(&nc->lock, flags);
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 469 if (enabled) {
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 470 set_bit(cmd->index - 1, bitmap);
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 @471 memcpy(&ncf->addrs[index], cmd->mac, ETH_ALEN);
138635cc27c9737 Gavin Shan 2016-07-19 472 } else {
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 473 clear_bit(cmd->index - 1, bitmap);
49b0aa1b6585705 Miaohe Lin 2020-07-23 474 eth_zero_addr(&ncf->addrs[index]);
138635cc27c9737 Gavin Shan 2016-07-19 475 }
062b3e1b6d4f2a3 Samuel Mendoza-Jonas 2018-04-17 476 spin_unlock_irqrestore(&nc->lock, flags);
138635cc27c9737 Gavin Shan 2016-07-19 477
138635cc27c9737 Gavin Shan 2016-07-19 478 return 0;
138635cc27c9737 Gavin Shan 2016-07-19 479 }
138635cc27c9737 Gavin Shan 2016-07-19 480
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 37605 bytes --]
next reply other threads:[~2021-07-28 19:44 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-28 19:44 kernel test robot [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-07-27 20:57 [PATCH 00/64] Introduce strict memcpy() bounds checking Kees Cook
2021-07-27 20:58 ` [PATCH 64/64] fortify: Add run-time WARN for cross-field memcpy() Kees Cook
2021-07-27 20:58 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202107290329.uzNKBqGM-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.