Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp4058680pxb; Tue, 2 Nov 2021 03:24:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwHF0o7ovXLVO8TY73O3W30kMdvZksjSkhPCG68J3PWcW1KG25iH0GVTL5gAX67WcmmvD+0 X-Received: by 2002:a05:6e02:16c6:: with SMTP id 6mr24755027ilx.273.1635848689817; Tue, 02 Nov 2021 03:24:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635848689; cv=none; d=google.com; s=arc-20160816; b=GJm0sEB9jo3GSlrJJ6svRj3Cd+5mvvAVlrnVIICqkHnKorioCtSXALfjWmoXJhnCAI HIm5DC+NrS0qV4JsnlndXXEk96kPWS/DEaHM1JSmQU38SENE+dd8uUuXcYd470fqvmps dHZziEy4rF4GnbJ7D1ZB3RGEuDAyQ8IYwI9sDlWzDc+SWf+QUdYvZP4q5gtBk2YYLpjs XB0CSFsneibQeA5K7stnPZh0oxTS+xROao6ULimFRJkvmUl/zBGPxfi2Y+RcslbYQFAH PcuQ+TABJNSfxXb59OyxJ5t3bv8pCbSANDljSILmHYsNbALClxqyQxYrQbus0koSrKqt DZtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=qa6+wCqcNDPXl2fWEsIq64G+wGj+Q82/McwIG3Qh1bo=; b=EdK6GHiGBpvdQDbldDHgpFYYJa5nNM9GYjxWsDlI1iKtEa2YQ5X91wLWCSWqz+P5HG vEtDhicuCudgzDDISqQy5ldgQANatXhoy8edNe4fSbKfFqcUHAYHXVzR6chyS9KMpKrw 0HbXLpoEEJdslbi1wMLWmhhSi277KTcMQ9+yPT/sDVDsN5GAoDesbVicbzFsCUWwn0Cf uwnQ/9m3G1SDU2kujTApvgCajzr2HBnHJKmkn30aO0QfktaOScZS04LnFmgGjSeDA3CA 9VxVt1pn0yuCjL8oojLJblYV+ncJxcLxoVv4OGquZiaZ8/M6oPkYU0D3v/98O2ePdK6M qzug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s12si11540555ilv.122.2021.11.02.03.24.35; Tue, 02 Nov 2021 03:24:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229924AbhKBK0R (ORCPT + 99 others); Tue, 2 Nov 2021 06:26:17 -0400 Received: from elvis.franken.de ([193.175.24.41]:55788 "EHLO elvis.franken.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229720AbhKBK0Q (ORCPT ); Tue, 2 Nov 2021 06:26:16 -0400 Received: from uucp (helo=alpha) by elvis.franken.de with local-bsmtp (Exim 3.36 #1) id 1mhqx9-0003gx-02; Tue, 02 Nov 2021 11:23:39 +0100 Received: by alpha.franken.de (Postfix, from userid 1000) id C61D7C291E; Tue, 2 Nov 2021 11:21:37 +0100 (CET) Date: Tue, 2 Nov 2021 11:21:37 +0100 From: Thomas Bogendoerfer To: Geert Uytterhoeven Cc: Markos Chandras , Ralf Baechle , linux-mips@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] mips: cm: Convert to bitfield API to fix out-of-bounds access Message-ID: <20211102102137.GB7512@alpha.franken.de> References: <0471c545117c5fa05bd9c73005cda9b74608a61e.1635501373.git.geert+renesas@glider.be> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0471c545117c5fa05bd9c73005cda9b74608a61e.1635501373.git.geert+renesas@glider.be> User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 29, 2021 at 11:58:16AM +0200, Geert Uytterhoeven wrote: > mips_cm_error_report() extracts the cause and other cause from the error > register using shifts. This works fine for the former, as it is stored > in the top bits, and the shift will thus remove all non-related bits. > However, the latter is stored in the bottom bits, hence thus needs masking > to get rid of non-related bits. Without such masking, using it as an > index into the cm2_causes[] array will lead to an out-of-bounds access, > probably causing a crash. > > Fix this by using FIELD_GET() instead. Bite the bullet and convert all > MIPS CM handling to the bitfield API, to improve readability and safety. > > Fixes: 3885c2b463f6a236 ("MIPS: CM: Add support for reporting CM cache errors") > Signed-off-by: Geert Uytterhoeven > --- > Compile-tested only, but assembler output before/after compared. > --- > arch/mips/include/asm/mips-cm.h | 12 ++++++------ > arch/mips/kernel/mips-cm.c | 21 ++++++++++----------- > 2 files changed, 16 insertions(+), 17 deletions(-) applied to mips-next. Thomas. -- Crap can work. Given enough thrust pigs will fly, but it's not necessarily a good idea. [ RFC1925, 2.3 ]