Re: [PATCH] find: Do not read beyond variable boundaries on small sizes

From: Rasmus Villemoes
Date: Wed Dec 08 2021 - 18:23:16 EST

Next message: kernel test robot: "[tobetter:odroid-5.16.y 47/75] drivers/power/reset/odroid-reboot.c:63:6: warning: no previous prototype for 'odroid_card_reset'"
Previous message: Peter Zijlstra: "Re: [PATCH v3] perf/core: Set event shadow time for inactive events too"
In reply to: Kees Cook: "Re: [PATCH] find: Do not read beyond variable boundaries on small sizes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/12/2021 11.08, Kees Cook wrote:
> It's common practice to cast small variable arguments to the find_*_bit()
> helpers to unsigned long and then use a size argument smaller than
> sizeof(unsigned long):
>
> unsigned int bits;
> ...
> out = find_first_bit((unsigned long *)&bits, 32);

Those call sites need to be fixed, they are broken on BE anyway. And
your __find_bits_deref does nothing to fix (paper over) that if, say,
the caller uses an u32 to store an 8-bit bitmap.

So NAK.

Rasmus

Next message: kernel test robot: "[tobetter:odroid-5.16.y 47/75] drivers/power/reset/odroid-reboot.c:63:6: warning: no previous prototype for 'odroid_card_reset'"
Previous message: Peter Zijlstra: "Re: [PATCH v3] perf/core: Set event shadow time for inactive events too"
In reply to: Kees Cook: "Re: [PATCH] find: Do not read beyond variable boundaries on small sizes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]