Message ID | 20221024113004.718917343@linuxfoundation.org (mailing list archive) |
---|---|
State | Accepted |
Commit | 3e1730842f142add55dc658929221521a9ea62b6 |
Headers | show |
Series | None | expand |
Hi! > From: Kees Cook <keescook@chromium.org> > > [ Upstream commit 3e1730842f142add55dc658929221521a9ea62b6 ] > > Clang produces a false positive when building with CONFIG_FORTIFY_SOURCE=y > and CONFIG_UBSAN_BOUNDS=y when operating on an array with a dynamic > offset. Work around this by using a direct assignment of an empty > instance. Avoids this warning: > > ../include/linux/fortify-string.h:309:4: warning: call to __write_overflow_field declared with 'warn > ing' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Wat > tribute-warning] > __write_overflow_field(p_size_field, size); > ^ > > which was isolated to the memset() call in xen_load_idt(). > > Note that this looks very much like another bug that was worked around: > https://github.com/ClangBuiltLinux/linux/issues/1592 We don't have CONFIG_UBSAN_BOUNDS in 4.19, so maybe we don't need this one? Best regards, Pavel > +++ b/arch/x86/xen/enlighten_pv.c > @@ -752,6 +752,7 @@ static void xen_load_idt(const struct desc_ptr *desc) > { > static DEFINE_SPINLOCK(lock); > static struct trap_info traps[257]; > + static const struct trap_info zero = { }; > unsigned out; > > trace_xen_cpu_load_idt(desc); > @@ -761,7 +762,7 @@ static void xen_load_idt(const struct desc_ptr *desc) > memcpy(this_cpu_ptr(&idt_desc), desc, sizeof(idt_desc)); > > out = xen_convert_trap_info(desc, traps, false); > - memset(&traps[out], 0, sizeof(traps[0])); > + traps[out] = zero; > > xen_mc_flush(); > if (HYPERVISOR_set_trap_table(traps)) > -- > 2.35.1 > >
On Mon, Oct 24, 2022 at 07:41:27PM +0200, Pavel Machek wrote: > Hi! > > > From: Kees Cook <keescook@chromium.org> > > > > [ Upstream commit 3e1730842f142add55dc658929221521a9ea62b6 ] > > > > Clang produces a false positive when building with CONFIG_FORTIFY_SOURCE=y > > and CONFIG_UBSAN_BOUNDS=y when operating on an array with a dynamic > > offset. Work around this by using a direct assignment of an empty > > instance. Avoids this warning: > > > > ../include/linux/fortify-string.h:309:4: warning: call to __write_overflow_field declared with 'warn > > ing' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Wat > > tribute-warning] > > __write_overflow_field(p_size_field, size); > > ^ > > > > which was isolated to the memset() call in xen_load_idt(). > > > > Note that this looks very much like another bug that was worked around: > > https://github.com/ClangBuiltLinux/linux/issues/1592 > > We don't have CONFIG_UBSAN_BOUNDS in 4.19, so maybe we don't need this > one? Good point, I'll drop this from 5.4.y and older now, thanks. greg k-h
diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index 8f1ff8dad2ce..04bfd9c3987b 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -752,6 +752,7 @@ static void xen_load_idt(const struct desc_ptr *desc) { static DEFINE_SPINLOCK(lock); static struct trap_info traps[257]; + static const struct trap_info zero = { }; unsigned out; trace_xen_cpu_load_idt(desc); @@ -761,7 +762,7 @@ static void xen_load_idt(const struct desc_ptr *desc) memcpy(this_cpu_ptr(&idt_desc), desc, sizeof(idt_desc)); out = xen_convert_trap_info(desc, traps, false); - memset(&traps[out], 0, sizeof(traps[0])); + traps[out] = zero; xen_mc_flush(); if (HYPERVISOR_set_trap_table(traps))