From: Julia Lawall <julia.lawall@lip6.fr>
To: Christophe LEROY <christophe.leroy@c-s.fr>
Cc: Kim Phillips <kim.phillips@freescale.com>,
kernel-janitors@vger.kernel.org,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org,
Dan Carpenter <dan.carpenter@oracle.com>
Subject: Re: [PATCH] powerpc/ipic: Fix a bounds check in ipic_set_priority()
Date: Thu, 06 Dec 2018 08:12:12 +0000 [thread overview]
Message-ID: <alpine.DEB.2.20.1812060908000.5574@hadrien> (raw)
In-Reply-To: <f570563c-1cc7-fecf-2ed2-58164047ec9d@c-s.fr>
[-- Attachment #1: Type: text/plain, Size: 2086 bytes --]
On Thu, 6 Dec 2018, Christophe LEROY wrote:
>
>
> Le 05/12/2018 à 04:26, Michael Ellerman a écrit :
> > Hi Dan,
> >
> > Thanks for the patch.
> >
> > Dan Carpenter <dan.carpenter@oracle.com> writes:
> > > The ipic_info[] array only has 95 elements so I have made the bounds
> > > check smaller to prevent a read overflow. It was Smatch that found
> > > this issue:
> > >
> > > arch/powerpc/sysdev/ipic.c:784 ipic_set_priority()
> > > error: buffer overflow 'ipic_info' 95 <= 127
> > >
> > > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> > > ---
> > > I wasn't able to find any callers of this code. Maybe we removed the
> > > last one in commit b9f0f1bb2bca ("[POWERPC] Adapt ipic driver to new
> > > host_ops interface, add set_irq_type to set IRQ sense"). So perhaps we
> > > should just remove it. I'm not really comfortable doing that myself,
> > > because I don't know the code well enough and can't build test
> > > it properly.
> >
> > Hah wow, last usage removed in 2006!
> >
> > I don't see any mention of it since then, so I'll remove it. If it
> > breaks something we can put it back.
> >
> > Can smatch help us find things like this that are defined non-static but
> > never used?
> >
>
> I think we have to do that carrefully. Some of those functions might be used
> by out-of-tree boards.
>
> I'm thinking especially at ipic_get_mcp_status() and ipic_set_mcp_status().
> They are used in my 832x boards's machine check handler to know when a machine
> check is a timeout from the 832x watchdog.
The message I have gotten in the past is that the Linux kernel doesn't
support code that is not used in the Linux kernel. However, if I were to
do this, I would send the code to the individual maintainers, who
presumably would know what is actually needed and what is not.
Perhaps a good sanity check would be if the code has been used in the
past. If there was a use in the past that has been removed, then perhaps
it is more likely that the function was intended for internal kernel use
rather than the case that you are describing.
julia
WARNING: multiple messages have this Message-ID (diff)
From: Julia Lawall <julia.lawall@lip6.fr>
To: Christophe LEROY <christophe.leroy@c-s.fr>
Cc: Kim Phillips <kim.phillips@freescale.com>,
kernel-janitors@vger.kernel.org,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org,
Dan Carpenter <dan.carpenter@oracle.com>
Subject: Re: [PATCH] powerpc/ipic: Fix a bounds check in ipic_set_priority()
Date: Thu, 6 Dec 2018 09:12:12 +0100 (CET) [thread overview]
Message-ID: <alpine.DEB.2.20.1812060908000.5574@hadrien> (raw)
In-Reply-To: <f570563c-1cc7-fecf-2ed2-58164047ec9d@c-s.fr>
[-- Attachment #1: Type: text/plain, Size: 2086 bytes --]
On Thu, 6 Dec 2018, Christophe LEROY wrote:
>
>
> Le 05/12/2018 à 04:26, Michael Ellerman a écrit :
> > Hi Dan,
> >
> > Thanks for the patch.
> >
> > Dan Carpenter <dan.carpenter@oracle.com> writes:
> > > The ipic_info[] array only has 95 elements so I have made the bounds
> > > check smaller to prevent a read overflow. It was Smatch that found
> > > this issue:
> > >
> > > arch/powerpc/sysdev/ipic.c:784 ipic_set_priority()
> > > error: buffer overflow 'ipic_info' 95 <= 127
> > >
> > > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> > > ---
> > > I wasn't able to find any callers of this code. Maybe we removed the
> > > last one in commit b9f0f1bb2bca ("[POWERPC] Adapt ipic driver to new
> > > host_ops interface, add set_irq_type to set IRQ sense"). So perhaps we
> > > should just remove it. I'm not really comfortable doing that myself,
> > > because I don't know the code well enough and can't build test
> > > it properly.
> >
> > Hah wow, last usage removed in 2006!
> >
> > I don't see any mention of it since then, so I'll remove it. If it
> > breaks something we can put it back.
> >
> > Can smatch help us find things like this that are defined non-static but
> > never used?
> >
>
> I think we have to do that carrefully. Some of those functions might be used
> by out-of-tree boards.
>
> I'm thinking especially at ipic_get_mcp_status() and ipic_set_mcp_status().
> They are used in my 832x boards's machine check handler to know when a machine
> check is a timeout from the 832x watchdog.
The message I have gotten in the past is that the Linux kernel doesn't
support code that is not used in the Linux kernel. However, if I were to
do this, I would send the code to the individual maintainers, who
presumably would know what is actually needed and what is not.
Perhaps a good sanity check would be if the code has been used in the
past. If there was a use in the past that has been removed, then perhaps
it is more likely that the function was intended for internal kernel use
rather than the case that you are describing.
julia
next prev parent reply other threads:[~2018-12-06 8:12 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-03 14:48 [PATCH] powerpc/ipic: Fix a bounds check in ipic_set_priority() Dan Carpenter
2018-12-03 14:48 ` Dan Carpenter
2018-12-05 3:26 ` Michael Ellerman
2018-12-05 3:26 ` Michael Ellerman
2018-12-05 8:11 ` Julia Lawall
2018-12-05 8:11 ` Julia Lawall
2018-12-05 12:04 ` Michael Ellerman
2018-12-05 12:04 ` Michael Ellerman
2018-12-05 12:06 ` Julia Lawall
2018-12-05 12:06 ` Julia Lawall
2018-12-06 7:18 ` Christophe LEROY
2018-12-06 7:18 ` Christophe LEROY
2018-12-06 8:12 ` Julia Lawall [this message]
2018-12-06 8:12 ` Julia Lawall
2018-12-11 14:26 ` Dan Carpenter
2018-12-11 14:26 ` Dan Carpenter
2018-12-07 2:07 ` Michael Ellerman
2018-12-07 2:07 ` Michael Ellerman
2018-12-10 12:05 ` Christophe Leroy
2018-12-10 12:05 ` Christophe Leroy
2018-12-06 9:34 ` Dan Carpenter
2018-12-06 9:34 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.20.1812060908000.5574@hadrien \
--to=julia.lawall@lip6.fr \
--cc=christophe.leroy@c-s.fr \
--cc=dan.carpenter@oracle.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=kim.phillips@freescale.com \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.