In preparation for FORTIFY_SOURCE performing compile-time and run-time
field array bounds checking for memcpy(), memmove(), and memset(),
avoid intentionally reading across neighboring array fields.
Add a wrapping structure to serve as the memcpy() source, so the compiler
can do appropriate bounds checking, avoiding this future warning:
In function '__fortify_memcpy',
inlined from 'create_uid' at drivers/s390/block/dasd_eckd.c:749:2:
./include/linux/fortify-string.h:246:4: error: call to '__read_overflow2_field' declared with attribute error: detected read beyond size of field (2nd parameter)
Signed-off-by: Kees Cook <[email protected]>
---
drivers/s390/block/dasd_eckd.c | 2 +-
drivers/s390/block/dasd_eckd.h | 6 ++++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/s390/block/dasd_eckd.c b/drivers/s390/block/dasd_eckd.c
index a6ac505cbdd7..0de1a463c509 100644
--- a/drivers/s390/block/dasd_eckd.c
+++ b/drivers/s390/block/dasd_eckd.c
@@ -746,7 +746,7 @@ static void create_uid(struct dasd_eckd_private *private)
memcpy(uid->vendor, private->ned->HDA_manufacturer,
sizeof(uid->vendor) - 1);
EBCASC(uid->vendor, sizeof(uid->vendor) - 1);
- memcpy(uid->serial, private->ned->HDA_location,
+ memcpy(uid->serial, &private->ned->serial,
sizeof(uid->serial) - 1);
EBCASC(uid->serial, sizeof(uid->serial) - 1);
uid->ssid = private->gneq->subsystemID;
diff --git a/drivers/s390/block/dasd_eckd.h b/drivers/s390/block/dasd_eckd.h
index 73651211789f..65e4630ad2ae 100644
--- a/drivers/s390/block/dasd_eckd.h
+++ b/drivers/s390/block/dasd_eckd.h
@@ -332,8 +332,10 @@ struct dasd_ned {
__u8 dev_type[6];
__u8 dev_model[3];
__u8 HDA_manufacturer[3];
- __u8 HDA_location[2];
- __u8 HDA_seqno[12];
+ struct {
+ __u8 HDA_location[2];
+ __u8 HDA_seqno[12];
+ } serial;
__u8 ID;
__u8 unit_addr;
} __attribute__ ((packed));
--
2.25.1
On Wed, Jun 16, 2021 at 01:19:17PM -0700, Kees Cook wrote:
> In preparation for FORTIFY_SOURCE performing compile-time and run-time
> field array bounds checking for memcpy(), memmove(), and memset(),
> avoid intentionally reading across neighboring array fields.
>
> Add a wrapping structure to serve as the memcpy() source, so the compiler
> can do appropriate bounds checking, avoiding this future warning:
>
> In function '__fortify_memcpy',
> inlined from 'create_uid' at drivers/s390/block/dasd_eckd.c:749:2:
> ./include/linux/fortify-string.h:246:4: error: call to '__read_overflow2_field' declared with attribute error: detected read beyond size of field (2nd parameter)
>
> Signed-off-by: Kees Cook <[email protected]>
> ---
> drivers/s390/block/dasd_eckd.c | 2 +-
> drivers/s390/block/dasd_eckd.h | 6 ++++--
> 2 files changed, 5 insertions(+), 3 deletions(-)
I'll leave it up to Stefan Haberland and Jan Hoeppner to handle this one.
Am 16.06.21 um 22:19 schrieb Kees Cook:
> In preparation for FORTIFY_SOURCE performing compile-time and run-time
> field array bounds checking for memcpy(), memmove(), and memset(),
> avoid intentionally reading across neighboring array fields.
>
> Add a wrapping structure to serve as the memcpy() source, so the compiler
> can do appropriate bounds checking, avoiding this future warning:
>
> In function '__fortify_memcpy',
> inlined from 'create_uid' at drivers/s390/block/dasd_eckd.c:749:2:
> ./include/linux/fortify-string.h:246:4: error: call to '__read_overflow2_field' declared with attribute error: detected read beyond size of field (2nd parameter)
>
> Signed-off-by: Kees Cook <[email protected]
Thanks,
applied.