* [PATCH] ARM: fix out-of-bound access to ipi_types[]
@ 2019-03-19 15:52 Masahiro Yamada
2019-03-19 16:37 ` Marc Zyngier
0 siblings, 1 reply; 2+ messages in thread
From: Masahiro Yamada @ 2019-03-19 15:52 UTC (permalink / raw)
To: linux-arm-kernel
Cc: Marc Zyngier, Russell King, Masahiro Yamada, Grygorii Strashko,
linux-kernel, Yufen Wang, Russell King, Dietmar Eggemann
Since commit e7273ff49acf ("ARM: 8488/1: Make IPI_CPU_BACKTRACE a
"non-secure" SGI"), IPI_CPU_BACKTRACE is assigned to SGI7.
raise_nmi() passes IPI_CPU_BACKTRACE (=7) into smp_cross_call(),
but it is above the array bound of ipi_types[].
Increase NR_IPI, and add the entry to ipi_types[].
This fixes the following GCC warning:
CC arch/arm/kernel/smp.o
arch/arm/kernel/smp.c: In function 'raise_nmi':
arch/arm/kernel/smp.c:522:2: warning: array subscript 7 is above array bounds of 'const char *[7]' [-Warray-bounds]
trace_ipi_raise_rcuidle(target, ipi_types[ipinr]);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
---
arch/arm/include/asm/hardirq.h | 2 +-
arch/arm/kernel/smp.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/arm/include/asm/hardirq.h b/arch/arm/include/asm/hardirq.h
index cba23ea..c7e3a71 100644
--- a/arch/arm/include/asm/hardirq.h
+++ b/arch/arm/include/asm/hardirq.h
@@ -6,7 +6,7 @@
#include <linux/threads.h>
#include <asm/irq.h>
-#define NR_IPI 7
+#define NR_IPI 8
typedef struct {
unsigned int __softirq_pending;
diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c
index facd424..8046f9b 100644
--- a/arch/arm/kernel/smp.c
+++ b/arch/arm/kernel/smp.c
@@ -515,6 +515,7 @@ static const char *ipi_types[NR_IPI] __tracepoint_string = {
S(IPI_CPU_STOP, "CPU stop interrupts"),
S(IPI_IRQ_WORK, "IRQ work interrupts"),
S(IPI_COMPLETION, "completion interrupts"),
+ S(IPI_CPU_BACKTRACE, "Backtrace interrupts"),
};
static void smp_cross_call(const struct cpumask *target, unsigned int ipinr)
--
2.7.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] ARM: fix out-of-bound access to ipi_types[]
2019-03-19 15:52 [PATCH] ARM: fix out-of-bound access to ipi_types[] Masahiro Yamada
@ 2019-03-19 16:37 ` Marc Zyngier
0 siblings, 0 replies; 2+ messages in thread
From: Marc Zyngier @ 2019-03-19 16:37 UTC (permalink / raw)
To: Masahiro Yamada
Cc: linux-arm-kernel, Russell King, Grygorii Strashko, linux-kernel,
Yufen Wang, Russell King, Dietmar Eggemann, Arnd Bergmann
On Tue, 19 Mar 2019 15:52:25 +0000,
Masahiro Yamada <yamada.masahiro@socionext.com> wrote:
>
> Since commit e7273ff49acf ("ARM: 8488/1: Make IPI_CPU_BACKTRACE a
> "non-secure" SGI"), IPI_CPU_BACKTRACE is assigned to SGI7.
>
> raise_nmi() passes IPI_CPU_BACKTRACE (=7) into smp_cross_call(),
> but it is above the array bound of ipi_types[].
>
> Increase NR_IPI, and add the entry to ipi_types[].
>
> This fixes the following GCC warning:
>
> CC arch/arm/kernel/smp.o
> arch/arm/kernel/smp.c: In function 'raise_nmi':
> arch/arm/kernel/smp.c:522:2: warning: array subscript 7 is above array bounds of 'const char *[7]' [-Warray-bounds]
> trace_ipi_raise_rcuidle(target, ipi_types[ipinr]);
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
> ---
+Arnd.
A fix for this has been around since 2016:
http://lists.infradead.org/pipermail/linux-arm-kernel/2016-February/409393.html
and reposted several times since. I don't know why it hasn't been
picked up.
M.
--
Jazz is not dead, it just smell funny.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-03-19 16:37 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-19 15:52 [PATCH] ARM: fix out-of-bound access to ipi_types[] Masahiro Yamada
2019-03-19 16:37 ` Marc Zyngier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).