Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp884320pxb; Fri, 22 Apr 2022 13:24:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyUVIqLTSu3/ecCNYywZQ/wPFg3cDqYmRFjvQlti1kfq6QPpWpHsjf/BhtijxGKzFVoMgOX X-Received: by 2002:a05:6a00:2444:b0:4fd:db81:cbdd with SMTP id d4-20020a056a00244400b004fddb81cbddmr6598283pfj.32.1650659043284; Fri, 22 Apr 2022 13:24:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1650659043; cv=none; d=google.com; s=arc-20160816; b=jHy9fTOeMGPaHEm2xGS2yttJcGjCppR89rBC/AnIGAwvV1xpcSvLEoD6cAMjQk1QAm +BnjQX7KacyhsxfU8Yo8X5vnYDeZgDXpzENQBrhSOoFAMkSlmUNwvn9JjPkHgZ9/Vxq8 MvYMVzDZYAzTQ8PlgZxS0AJWFxtBYZyOf1mZ9m+fTtr6lbADSoNxQ3kNtsie/qtBS4oQ ncYnZjYmhyaZPoynp5gHXq8FGZ+yQ1xDEWOmMa7diZNPk186GIXpNbxAzXC0KIrezFOu IYYLK9TYJcA48lxpWRU/Vwh9IsfAvxcYCHeQtqJeQiNCfUkzXR+0sliaI/0oMxRGT4r9 Ieww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=eMQI1rEiKnusZB415KCgTRyB4BP2JkpCOZ5UBRv9+2E=; b=a3YqB6+0lDOlDhwq9UK0GsDagg6pW7B9YzlTh77yuRm+5H7L+IQJm+6Ej2rqJjegA4 FKwESjFt5eZUlml5tyfOGSwvDaE/bIN43CZGK2uAGIWiqx8Ead1j3g0xHjcWwGLdRzli aOz4dAQd7CulYfmvhauM93YsMRYD3PdVq2Ee2ESJCnJmorw0mSkRFuJsLKKgPzy7m4iH QbmrkV7rz90SyUiS0MnszPTUwn+6PG/jU6RLIG0YYuuThvB3Ey8usgqbtz+PstFKOHZg eJQPw9KgfD0B9h2tvfvHCOAYJOhpyZ+5MtDDkpc6gFoqO37cixqrMTNpS/3x9PRkuhb0 OKrg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=f1mereyC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id u16-20020a056a00159000b004e1a25384f6si9724410pfk.3.2022.04.22.13.24.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Apr 2022 13:24:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=f1mereyC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 605121A8608; Fri, 22 Apr 2022 12:11:20 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231336AbiDUQ1z (ORCPT + 99 others); Thu, 21 Apr 2022 12:27:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33630 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230208AbiDUQNq (ORCPT ); Thu, 21 Apr 2022 12:13:46 -0400 Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 96D322B24E for ; Thu, 21 Apr 2022 09:10:55 -0700 (PDT) Received: by mail-lj1-x233.google.com with SMTP id y11so6372916ljh.5 for ; Thu, 21 Apr 2022 09:10:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=eMQI1rEiKnusZB415KCgTRyB4BP2JkpCOZ5UBRv9+2E=; b=f1mereyCYHXjPh8nr0o+NjPZ4hXeoK1yRpk3KiyfgkGzBpbTRBcX8emLC6FZdsVZDf rUdA58HHwqNqvkoajT1ACXwK+ClfcX9oae/fKbGBG7ZIJDeHpz/ShFS5+8IwhOWVtc9e kWuk/nBRifTouLIu2MCAugIB+i6BGTPmk2EME= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=eMQI1rEiKnusZB415KCgTRyB4BP2JkpCOZ5UBRv9+2E=; b=ZtkwCuKuSKtHcnx2IID7G3dgm8R2gPz1reTQOc8n8Cr1pZ/vNcn85tKghxaiouFU74 x+NNd8tuGURmtDA5O28UuIyf/BobkOGo034WvDIBg6e4CXZKiqWCwsYLZ9kQavHoK8eJ KtCPMq9jTxgKkUL6yXYjfTt0+4t2elZrqJD3xn7ioKG++gzpzq7oAKHVi+pF7unEAnfR S3QQet6p3gl4YL34GoJdkpZlxMa9lJ+waRC/zrSkuh11hNi6XZaqQeZ90eQn3l9ab3yD o7OaEGgoGHvd8V4wmDMBSdA10GgkiFi5IRk0fxXXZJQQ4Os8515KAEfx0FpXy9+bUTEX 0Rbg== X-Gm-Message-State: AOAM532XhGS6wAiuyGk3uus2dbBZSoi0/FHZXFFXhSdBaRa643NFqBol +cl/PknNdSEF6LrE+F75NnApiMsmaZ3gh/Fl1QQ= X-Received: by 2002:a2e:bf04:0:b0:246:7ace:e157 with SMTP id c4-20020a2ebf04000000b002467acee157mr248298ljr.241.1650557453542; Thu, 21 Apr 2022 09:10:53 -0700 (PDT) Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com. [209.85.167.52]) by smtp.gmail.com with ESMTPSA id h1-20020a2e9ec1000000b0024afb868455sm2077610ljk.5.2022.04.21.09.10.50 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 21 Apr 2022 09:10:51 -0700 (PDT) Received: by mail-lf1-f52.google.com with SMTP id d6so9540418lfv.9 for ; Thu, 21 Apr 2022 09:10:50 -0700 (PDT) X-Received: by 2002:a05:6512:108b:b0:470:90b9:fb51 with SMTP id j11-20020a056512108b00b0047090b9fb51mr175297lfg.52.1650557450232; Thu, 21 Apr 2022 09:10:50 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Thu, 21 Apr 2022 09:10:33 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: -Warray-bounds fun again To: Sven Schnelle Cc: Kees Cook , Linux Kernel Mailing List , linux-hardening@vger.kernel.org, krebbel@linux.ibm.com, Ilya Leoshkevich , Heiko Carstens Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Apr 21, 2022 at 7:02 AM Sven Schnelle wrote: > > The obvious 'fix' is to use absolute_pointer(): > > #define S390_lowcore (*((struct lowcore *)absolute_pointer(0))) > > That makes the warning go away, but unfortunately the compiler no longer > knows that the memory access is fitting into a load/store with a 12 bit > displacement. In the gcc bugzilla for us needing to do these games: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578 one of the suggestions was "I recommend suppressing the warning either by #pragma GCC diagnostic or by making the pointer volatile". But READ_ONCE() should already be doing that volatile thing, so that suggestion may not work with gcc-12 any more. It is *possible* that gcc-12 has now special-cased the very special issue of a cast of the constant zero. That is how NULL was traditionally defined. So just out of a perverse curiosity, what happens if you do something like this: #define S390_lowcore_end ((struct lowcore *)sizeof(struct lowcore)) #define S390_lowcore (S390_lowcore_end[-1]) instead? It should get the same value in the end, but it doesn't have that special case of "cast an integer constant 0 to a pointer". I suspect it probably doesn't help, because gcc will still see "oh, you're basing this off address zero". Another thing to try might be to remove the initial 16 bytes of padding from 'struct lowcore' (it looks like the first 20 bytes are not used - so leave 4 bytes of padding still), and use #define S390_lowcore (*((struct lowcore_nopad *)16)) instead. Then gcc will never see that 0, and hopefully the "he's accessing based off a NULL pointer" logic will go away. Because right now, our absolute_pointer() protection against this horrible gcc mis-feature is literally based on hiding the value from the compiler with an inline asm, and by virtue of hiding the value then yes, gcc will have to go through a register base pointer and cannot see that it fits in 12 bits. .. or you just need to disable -Warray-bounds on s390. Linus