[PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[Peng Hao]

Fix error usage to sizeof. It should not use sizeof to pointer.

Signed-off-by: Peng Hao <peng.hao2@zte.com.cn>
---
 arch/x86/mm/mem_encrypt_identity.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
index a19ef1a..4aa9b14 100644
--- a/arch/x86/mm/mem_encrypt_identity.c
+++ b/arch/x86/mm/mem_encrypt_identity.c
@@ -158,8 +158,8 @@ static void __init sme_populate_pgd(struct sme_populate_pgd_data *ppd)
 	pmd = pmd_offset(pud, ppd->vaddr);
 	if (pmd_none(*pmd)) {
 		pte = ppd->pgtable_area;
-		memset(pte, 0, sizeof(pte) * PTRS_PER_PTE);
-		ppd->pgtable_area += sizeof(pte) * PTRS_PER_PTE;
+		memset(pte, 0, sizeof(*pte) * PTRS_PER_PTE);
+		ppd->pgtable_area += sizeof(*pte) * PTRS_PER_PTE;
 		set_pmd(pmd, __pmd(PMD_FLAGS | __pa(pte)));
 	}
 
-- 
1.8.3.1

Re: [PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[Borislav Petkov]

On Sat, Dec 29, 2018 at 02:34:12PM +0800, Peng Hao wrote:
> Fix error usage to sizeof. It should not use sizeof to pointer.

... because?

The commit message needs to explain what the potential issue could be
and why it doesn't matter in this case.

Thx.

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.
--

[tip:x86/urgent] x86/mm/mem_encrypt: Fix erroneous sizeof()

[tip-bot for Peng Hao]

Commit-ID:  bf7d28c53453ea904584960de55e33e03b9d93b1
Gitweb:     https://git.kernel.org/tip/bf7d28c53453ea904584960de55e33e03b9d93b1
Author:     Peng Hao <peng.hao2@zte.com.cn>
AuthorDate: Sat, 29 Dec 2018 14:34:12 +0800
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Tue, 15 Jan 2019 11:41:58 +0100

x86/mm/mem_encrypt: Fix erroneous sizeof()

Using sizeof(pointer) for determining the size of a memset() only works
when the size of the pointer and the size of type to which it points are
the same. For pte_t this is only true for 64bit and 32bit-NONPAE. On 32bit
PAE systems this is wrong as the pointer size is 4 byte but the PTE entry
is 8 bytes. It's actually not a real world issue as this code depends on
64bit, but it's wrong nevertheless.

Use sizeof(*p) for correctness sake.

Fixes: aad983913d77 ("x86/mm/encrypt: Simplify sme_populate_pgd() and sme_populate_pgd_large()")
Signed-off-by: Peng Hao <peng.hao2@zte.com.cn>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: dave.hansen@linux.intel.com
Cc: peterz@infradead.org
Cc: luto@kernel.org
Link: https://lkml.kernel.org/r/1546065252-97996-1-git-send-email-peng.hao2@zte.com.cn

---
 arch/x86/mm/mem_encrypt_identity.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
index a19ef1a416ff..4aa9b1480866 100644
--- a/arch/x86/mm/mem_encrypt_identity.c
+++ b/arch/x86/mm/mem_encrypt_identity.c
@@ -158,8 +158,8 @@ static void __init sme_populate_pgd(struct sme_populate_pgd_data *ppd)
 	pmd = pmd_offset(pud, ppd->vaddr);
 	if (pmd_none(*pmd)) {
 		pte = ppd->pgtable_area;
-		memset(pte, 0, sizeof(pte) * PTRS_PER_PTE);
-		ppd->pgtable_area += sizeof(pte) * PTRS_PER_PTE;
+		memset(pte, 0, sizeof(*pte) * PTRS_PER_PTE);
+		ppd->pgtable_area += sizeof(*pte) * PTRS_PER_PTE;
 		set_pmd(pmd, __pmd(PMD_FLAGS | __pa(pte)));
 	}
 

Re: [PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[Thomas Gleixner]

On Tue, 15 Jan 2019, Thomas Gleixner wrote:

> On Tue, 15 Jan 2019, Juergen Gross wrote:
> > On 15/01/2019 11:13, Thomas Gleixner wrote:
> > > On Mon, 7 Jan 2019, peng.hao2@zte.com.cn wrote:
> > > 
> > >>>> Fix error usage to sizeof. It should not use sizeof to pointer.
> > >>>
> > >>> .... because?
> > >>>
> > >>> The commit message needs to explain what the potential issue could be
> > >>> and why it doesn't matter in this case.
> > >> I see the definition of pte_t may be more than sizeof(unsigned long).
> > >> So I think sizeof(pte_t) is safer.
> > > 
> > > What exactly is the difference between:
> > > 
> > > 	pte_t	*p;
> > > 
> > > 	sizeof(*p)
> > > 
> > > and
> > > 
> > > 	sizeof(pte_t)
> > > 
> > > and what is safer about the latter?
> > 
> > Please note that the current code is using sizeof(p) instead of sizeof(*p).
> 
> Ooops. That's wrong indeed, but we should not change it to sizeof(pte_t)
> and change it to sizeof(*p) instead.

Which is what the patch actually does. Just the above reply:

> > >> So I think sizeof(pte_t) is safer.

confused the hell out of me. -ENOTENOUGHCOFFEE

Re: [PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[Juergen Gross]

On 15/01/2019 11:25, Thomas Gleixner wrote:
> On Tue, 15 Jan 2019, Juergen Gross wrote:
>> On 15/01/2019 11:13, Thomas Gleixner wrote:
>>> On Mon, 7 Jan 2019, peng.hao2@zte.com.cn wrote:
>>>
>>>>>> Fix error usage to sizeof. It should not use sizeof to pointer.
>>>>>
>>>>> .... because?
>>>>>
>>>>> The commit message needs to explain what the potential issue could be
>>>>> and why it doesn't matter in this case.
>>>> I see the definition of pte_t may be more than sizeof(unsigned long).
>>>> So I think sizeof(pte_t) is safer.
>>>
>>> What exactly is the difference between:
>>>
>>> 	pte_t	*p;
>>>
>>> 	sizeof(*p)
>>>
>>> and
>>>
>>> 	sizeof(pte_t)
>>>
>>> and what is safer about the latter?
>>
>> Please note that the current code is using sizeof(p) instead of sizeof(*p).
> 
> Ooops. That's wrong indeed, but we should not change it to sizeof(pte_t)
> and change it to sizeof(*p) instead.

And that's what the patch does.


Juergen

Re: [PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[Thomas Gleixner]

On Tue, 15 Jan 2019, Juergen Gross wrote:
> On 15/01/2019 11:13, Thomas Gleixner wrote:
> > On Mon, 7 Jan 2019, peng.hao2@zte.com.cn wrote:
> > 
> >>>> Fix error usage to sizeof. It should not use sizeof to pointer.
> >>>
> >>> .... because?
> >>>
> >>> The commit message needs to explain what the potential issue could be
> >>> and why it doesn't matter in this case.
> >> I see the definition of pte_t may be more than sizeof(unsigned long).
> >> So I think sizeof(pte_t) is safer.
> > 
> > What exactly is the difference between:
> > 
> > 	pte_t	*p;
> > 
> > 	sizeof(*p)
> > 
> > and
> > 
> > 	sizeof(pte_t)
> > 
> > and what is safer about the latter?
> 
> Please note that the current code is using sizeof(p) instead of sizeof(*p).

Ooops. That's wrong indeed, but we should not change it to sizeof(pte_t)
and change it to sizeof(*p) instead.

Thanks,

	tglx

Re: [PATCH] x86/mm/mem_encrypt_identity : fix error useage to sizeof

[Juergen Gross]

On 15/01/2019 11:13, Thomas Gleixner wrote:
> On Mon, 7 Jan 2019, peng.hao2@zte.com.cn wrote:
> 
>>>> Fix error usage to sizeof. It should not use sizeof to pointer.
>>>
>>> .... because?
>>>
>>> The commit message needs to explain what the potential issue could be
>>> and why it doesn't matter in this case.
>> I see the definition of pte_t may be more than sizeof(unsigned long).
>> So I think sizeof(pte_t) is safer.
> 
> What exactly is the difference between:
> 
> 	pte_t	*p;
> 
> 	sizeof(*p)
> 
> and
> 
> 	sizeof(pte_t)
> 
> and what is safer about the latter?

Please note that the current code is using sizeof(p) instead of sizeof(*p).

And this is really different for X86_32 PAE.


Juergen

> 
> Answer: No difference and nothing is safer because it's exactly the same.
> 
> In general we use sizeof(*p) simply because when the data type of p changes
> you don't have to update the code, it just works and stays correct.
> 
> Thanks,
> 
> 	tglx
>