Re: LZ4 decompressor broken on ARM due to missing strchrnul() string traverse in cpumask_parse"

[Rasmus Villemoes]

On 28/05/2019 13.04, Sebastian Andrzej Siewior wrote:
> |  CC      arch/arm/boot/compressed/decompress.o
> |In file included from include/linux/mm_types_task.h:14,
> |                 from include/linux/mm_types.h:5,
> |                 from include/linux/mmzone.h:21,
> |                 from include/linux/gfp.h:6,
> |                 from include/linux/umh.h:4,
> |                 from include/linux/kmod.h:22,
> |                 from include/linux/module.h:13,
> |                 from arch/arm/boot/compressed/../../../../lib/lz4/lz4_decompress.c:39,
> |                 from arch/arm/boot/compressed/../../../../lib/decompress_unlz4.c:13,
> |                 from arch/arm/boot/compressed/decompress.c:55:
> |include/linux/cpumask.h: In function âcpumask_parseâ:
> |include/linux/cpumask.h:636:21: error: implicit declaration of function âstrchrnulâ; did you mean âstrchrâ? [-Werror=implicit-function-declaration]
> |  unsigned int len = strchrnul(buf, '\n') - buf;
> |                     ^~~~~~~~~
> |                     strchr
> |include/linux/cpumask.h:636:42: error: invalid operands to binary - (have âintâ and âconst char *â)
> |  unsigned int len = strchrnul(buf, '\n') - buf;
> |                     ~~~~~~~~~~~~~~~~~~~~ ^
> |cc1: some warnings being treated as errors
> 
> 3713a4e1fdb8da86f96a3e770b08e278d97529b4 is the first bad commit
> commit 3713a4e1fdb8da86f96a3e770b08e278d97529b4
> Author: Yury Norov <ynorov@xxxxxxxxxxx>
> Date:   Tue May 14 15:44:46 2019 -0700
> 
>     include/linux/cpumask.h: fix double string traverse in cpumask_parse
> 
>     cpumask_parse() finds first occurrence of either or strchr() and
>     strlen().  We can do it better with a single call of strchrnul().
> 
>     [akpm@xxxxxxxxxxxxxxxxxxxx: remove unneeded cast]
>     Link: http://lkml.kernel.org/r/20190409204208.12190-1-ynorov@xxxxxxxxxxx
>     Signed-off-by: Yury Norov <ynorov@xxxxxxxxxxx>
>     Acked-by: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
>     Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
>     Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> 
> :040000 040000 f20d8a9ec1755b3981520ecf015248f6a0d9f116 db67caf64f99a9be808cd73e413c106c5aee15b7 M      include
> 
> This commit is v5.2-rc1~62^2~49.
> How do we deal with this one?

Urgh. The problem is really in arch/arm/boot/compressed/decompress.c
which does

#define _LINUX_STRING_H_

preventing linux/string.h from providing strchrnul. It also #includes
asm/string.h, which for arm has a declaration of strchr(), explaining
why this didn't use to fail.

However, the solution is also in the same file, it already has a section

/* Not needed, but used in some headers pulled in by decompressors */
extern char * strstr(const char * s1, const char *s2);
extern size_t strlen(const char *s);
extern int memcmp(const void *cs, const void *ct, size_t count);

so just add another declaration to that list - I strongly assume we
won't get a link failure since I find it hard to believe the
decompressor would actually call cpumask_parse...

I'm wondering why this wasn't caught by 0day and/or while in -next?

Rasmus