Re: [PATCH] irqchip/gic: prevent buffer overflow in gic_ipi_send_mask()

[Sergey Shtylyov]

On 9/5/24 10:29 AM, Thomas Gleixner wrote:
[...]

>> ARM GIC arch v2 spec claims support for just 8 CPU interfaces.  However,
>> looking at the GIC driver's irq_set_affinity() method, it seems that the
>> passed CPU mask may contain the logical CPU #s beyond 8, and that method

   s/8/7/, of course... :-<

>> filters them out before reading gic_cpu_map[], bailing out with
>> -EINVAL.
> 
> The reasoning is correct in theory, but in reality it's a non problem.

   Frankly, before finalizing this patch I had tried to ascertain whether
cpumask could contain CPUs with the logical #s higher than 8 but that was
taking way too much time and I gave up... :-)

> Simply because processors which use this GIC version cannot have more
> than 8 cores.

   And big.LITTLE not involved?

> That means num_possible_cpus() <= 8 so the cpumask handed in cannot have
> bits >= 8 set. Ergo for_each_cpu() can't return a bit which is >= 8.

   Perhaps adding WARN_ON() would make some sense though? :-)

> Thanks
> 
>         tglx

MBR, Sergey