Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp151747pxx; Wed, 28 Oct 2020 00:49:00 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyScyAUyvUNYv9IA0nJWmLUGjrmDT/9V4GgpWuBvx+PkmRIYu2cHW1nwuR8hJQsrNJZKhiv X-Received: by 2002:a17:906:3a8d:: with SMTP id y13mr6485292ejd.460.1603871340281; Wed, 28 Oct 2020 00:49:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603871340; cv=none; d=google.com; s=arc-20160816; b=Kxuu6zb726VCAfHaa0t54/BJRkz1dnncleX+YVnbBaGKart/+d/0Ss9xHpEMkBMQH8 kRBjISI5JQNXY8K6ujsPrmTVlctr0ZMBisIaL4gFK8I0DqMsMJreh0o1bTdaQ/hofKNI D3XENytbwtRMTSs4cLtvb+MgjGiXJ9XhOQDnAYaxPtMn78DmP5GoUTz1+4BSNQL2o6lQ YIi7M7HkxLtiE9XgMOaQCy6ucuQcZCT0vM4CmHXWgLlkBW5LFTqNPpbTcC3/eOLGyaUk jOy4HPLdI+AXano95Nh96VZnx3jdzkbb5o+vUlw3H5DVuVwFY9DUmI7TB7eOBzWfd60O jQRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=x6p4cyxu94mdNhfYDuJ9IcEyJbUvoE+RnlIaFQijvqI=; b=S1uOypGQRc1jVijh6qzZP75YdMuJIkeN28lNn+/1ALBxCxGA4pYU+xT2wmEBg+PAmR 9geS5+7CG4KsqaKFvApdN32mzGFoMn7zq8Rm/RIhiT5+42Pjll3SXiCB9dyIjJ8drZFz bsSqCzwiF7Mn8V1jzAXONB7Ncx7Bqr9ynGlP9usMKI32zwT4HK/UyrI7O1ek1pY41+qY lefPZW8dnZPCHTfd7r9IkrncNKR54IFN2uTwcG2EtDJgyXcuX7XGPxhYtdcGzTQ1PtZy oAn0KnXSD1Vp4I24xiyBEf3xbyt3zREZpGF0vSgwyBK6et87iazQesgqqseWcMB2RJyy KcZQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=TYfKssTN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b29si2827715edn.354.2020.10.28.00.48.32; Wed, 28 Oct 2020 00:49:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=TYfKssTN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752134AbgJ0Nc3 (ORCPT + 99 others); Tue, 27 Oct 2020 09:32:29 -0400 Received: from mail.kernel.org ([198.145.29.99]:36182 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752128AbgJ0Nc1 (ORCPT ); Tue, 27 Oct 2020 09:32:27 -0400 Received: from mail-qv1-f54.google.com (mail-qv1-f54.google.com [209.85.219.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id CC19021707 for ; Tue, 27 Oct 2020 13:32:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1603805547; bh=CbUeUpMdw/X/SyWGfEXt6jB93bwDky53wIkxwqqVWKI=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=TYfKssTNNZmwDMbEYlSUpaFdFQEidgNbsrNVyHSOPsIsUzDZwv4e2qAtnxCubWTuG PRaymH184FNwV0nz+8UeCCydsKMZBH54Pb2kqc/+jSfKpBmmI65gdKO9+t1gVum9O4 f8+r37c7zPiJ0iFUnfBeSmtEkxWZ6IjAGbpePWBc= Received: by mail-qv1-f54.google.com with SMTP id bl9so615334qvb.10 for ; Tue, 27 Oct 2020 06:32:26 -0700 (PDT) X-Gm-Message-State: AOAM531V3iAyOd97VeYcSjh0NJSXxYAoeK4YHADvbjle0zdemIAegPsl Fb5PgnyeXGJ6ETWXeHdFxnC1Ns3AQdHG/CG5uKw= X-Received: by 2002:a0c:f447:: with SMTP id h7mr2384178qvm.7.1603805545978; Tue, 27 Oct 2020 06:32:25 -0700 (PDT) MIME-Version: 1.0 References: <20201026155449.3703142-1-arnd@kernel.org> <459e03f1-2a9e-5bc4-4bf6-9a0ddf5c4a70@xilinx.com> In-Reply-To: <459e03f1-2a9e-5bc4-4bf6-9a0ddf5c4a70@xilinx.com> From: Arnd Bergmann Date: Tue, 27 Oct 2020 14:32:09 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] firmware: xilinx: fix out-of-bounds access To: Michal Simek Cc: Rajan Vaja , Rajan Vaja , Greg Kroah-Hartman , Tejas Patel , Linux ARM , "linux-kernel@vger.kernel.org" , git Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 27, 2020 at 10:53 AM Michal Simek wrote: > On 26. 10. 20 16:54, Arnd Bergmann wrote: > > From: Arnd Bergmann > > > > The zynqmp_pm_set_suspend_mode() and zynqmp_pm_get_trustzone_version() > > functions pass values as api_id into zynqmp_pm_invoke_fn > > that are beyond PM_API_MAX, resulting in an out-of-bounds access: > > > > drivers/firmware/xilinx/zynqmp.c: In function 'zynqmp_pm_set_suspend_mode': > > drivers/firmware/xilinx/zynqmp.c:150:24: warning: array subscript 2562 is above array bounds of 'u32[64]' {aka 'unsigned int[64]'} [-Warray-bounds] > > 150 | if (zynqmp_pm_features[api_id] != PM_FEATURE_UNCHECKED) > > | ~~~~~~~~~~~~~~~~~~^~~~~~~~ > > drivers/firmware/xilinx/zynqmp.c:28:12: note: while referencing 'zynqmp_pm_features' > > 28 | static u32 zynqmp_pm_features[PM_API_MAX]; > > | ^~~~~~~~~~~~~~~~~~ > > Which CONFIG option/tool is reporting this issue? This is with gcc-10. Commit 44720996e2d7 ("gcc-10: disable 'array-bounds' warning for now") turned off this warning globally, but most of the reported warnings got fixed in the meantime. I'm trying to take care of the rest so we can enabled it again. You should be able to reproduce the problem by removing the cc-disable-warning line from the top-level Makefile. Arnd