Re: [PATCH 4.19 174/229] x86/entry: Work around Clang __bdos() bug

From: Pavel Machek
Date: Mon Oct 24 2022 - 15:11:18 EST


Hi!

> From: Kees Cook <keescook@xxxxxxxxxxxx>
>
> [ Upstream commit 3e1730842f142add55dc658929221521a9ea62b6 ]
>
> Clang produces a false positive when building with CONFIG_FORTIFY_SOURCE=y
> and CONFIG_UBSAN_BOUNDS=y when operating on an array with a dynamic
> offset. Work around this by using a direct assignment of an empty
> instance. Avoids this warning:
>
> ../include/linux/fortify-string.h:309:4: warning: call to __write_overflow_field declared with 'warn
> ing' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Wat
> tribute-warning]
> __write_overflow_field(p_size_field, size);
> ^
>
> which was isolated to the memset() call in xen_load_idt().
>
> Note that this looks very much like another bug that was worked around:
> https://github.com/ClangBuiltLinux/linux/issues/1592

We don't have CONFIG_UBSAN_BOUNDS in 4.19, so maybe we don't need this
one?

Best regards,
Pavel

> +++ b/arch/x86/xen/enlighten_pv.c
> @@ -752,6 +752,7 @@ static void xen_load_idt(const struct desc_ptr *desc)
> {
> static DEFINE_SPINLOCK(lock);
> static struct trap_info traps[257];
> + static const struct trap_info zero = { };
> unsigned out;
>
> trace_xen_cpu_load_idt(desc);
> @@ -761,7 +762,7 @@ static void xen_load_idt(const struct desc_ptr *desc)
> memcpy(this_cpu_ptr(&idt_desc), desc, sizeof(idt_desc));
>
> out = xen_convert_trap_info(desc, traps, false);
> - memset(&traps[out], 0, sizeof(traps[0]));
> + traps[out] = zero;
>
> xen_mc_flush();
> if (HYPERVISOR_set_trap_table(traps))
> --
> 2.35.1
>
>

--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Attachment: signature.asc
Description: PGP signature