Received: by 2002:ac0:e34a:0:0:0:0:0 with SMTP id g10csp525637imn; Tue, 26 Jul 2022 02:22:34 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tjY4Wkgn+wCiGKgb/glC7ROgKI2wN6ml6Jdh1dkxwuy1GDPRnQBJSStf4xSTTMzqD+2GH3 X-Received: by 2002:a17:907:67b0:b0:72b:7792:5e0a with SMTP id qu48-20020a17090767b000b0072b77925e0amr13435040ejc.400.1658827354484; Tue, 26 Jul 2022 02:22:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658827354; cv=none; d=google.com; s=arc-20160816; b=bNuzJqpS14U1iHsvtgtEFQ6yXSFdVXuUcRjWLjYPuLC1+pCjuLqPiRLU/2SP7KeWCE ZwOdd2Ju21O8WqkE+OS24AQ82uH/CzgoZUjybSul4YqnCa0X6g/lj+BNypOFAXftwOrL 0JhsPpmL5IQOWN63A4QJITp0fg+JBPEoL1KoOjtUWMZ/ssmLIJ1s5CQlt9D2/x5a+Fpf w8dFvAvAQKM5nAjHe2PjP/SBI7meD12OQZoo+jIQMUJwHX6+ef9swQKw0lUfqrSObgmZ wU3TRE5prIiNhWhvotMT4pz6isL3tVwXbBGIF9Uepi9jL9xG77JZpqgwj6EXz46OlCEU NXLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=nqCjJ8kaHKzTLbqQdlUfZDxdXr9VqNvKjOu3J0+NLh0=; b=wRVYnDAeZUMzSX5nqr3TERuoaPQlMLcIuN7AbIxeykgVtqIhHjqR4MwypJVgPQ1cUQ Ew4r/TwlFk00w9ssswKj16MCX8RqxVgQfBuwEMGwDktRhqSy1ijFgnGGnX68slBzphUy oxCHCBgDej0ReKNvwC22cpr7/OdLGUS1I8vN2yfs6W/OBoprBmzQJDUhSsmJ+Tlbxwjx 3Y9+Zl41tOTDfiDVaCFpnEkTC8lVTjlponDQ8nlOyb7HzsmxLCXiVjiKGzATVAdsnuib AqlbSC9EdGL3cvh+M1CwK6eOC6QaKU+o0XDtYCIZW4oFb7GZET0kbzj8oHaCkZK7JDCq dQwA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail (test mode) header.i=@armlinux.org.uk header.s=pandora-2019 header.b=h12PMr8i; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=armlinux.org.uk Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hz15-20020a1709072cef00b0072b91f3d51dsi12929130ejc.290.2022.07.26.02.22.09; Tue, 26 Jul 2022 02:22:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=fail (test mode) header.i=@armlinux.org.uk header.s=pandora-2019 header.b=h12PMr8i; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=armlinux.org.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231345AbiGZJMc (ORCPT + 99 others); Tue, 26 Jul 2022 05:12:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229527AbiGZJMa (ORCPT ); Tue, 26 Jul 2022 05:12:30 -0400 Received: from pandora.armlinux.org.uk (pandora.armlinux.org.uk [IPv6:2001:4d48:ad52:32c8:5054:ff:fe00:142]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CAFCA2AC64 for ; Tue, 26 Jul 2022 02:12:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2019; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=nqCjJ8kaHKzTLbqQdlUfZDxdXr9VqNvKjOu3J0+NLh0=; b=h12PMr8iUOzEoNmQfmqzjSQ0fJ vBoM4A+cD5Mrlah5ydibxZadnAzIcbNduv1kzgmD82A3eVm95RqueKLoZHsIGukYZq7Z17OpNbKRd ZjvwP5xRlqOSGtr4jYUWTALlWRMu4wxLOlDKBKwWqR/QxnJu5fJpNKIak0anE5ivOCl6Wwo2mK/b3 eLgE9Sz6anrcFvzWqh6LMD/NMhcofbgYpqhT8dkpHp0q4UjriTvnXEYSDX0/yWg7DT8ty0L/DRJv/ KLYBnc/5BlQ3Cp7RyLuvtqdLXcPbcNzZG5SGFBuKIz5yu8H1exGZd5Y4XR0yDkQfqjZrn0bWGkAkd CekRWtKg==; Received: from shell.armlinux.org.uk ([fd8f:7570:feb6:1:5054:ff:fe00:4ec]:33564) by pandora.armlinux.org.uk with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oGGc3-0003tK-OZ; Tue, 26 Jul 2022 10:12:23 +0100 Received: from linux by shell.armlinux.org.uk with local (Exim 4.94.2) (envelope-from ) id 1oGGc1-00016W-Df; Tue, 26 Jul 2022 10:12:21 +0100 Date: Tue, 26 Jul 2022 10:12:21 +0100 From: "Russell King (Oracle)" To: Linus Torvalds Cc: Guenter Roeck , Yury Norov , Dennis Zhou , Catalin Marinas , Linux Kernel Mailing List Subject: Re: Linux 5.19-rc8 Message-ID: References: <20220725161141.GA1306881@roeck-us.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: Russell King (Oracle) X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 25, 2022 at 10:55:18AM -0700, Linus Torvalds wrote: > On Mon, Jul 25, 2022 at 9:11 AM Guenter Roeck wrote: > > > > BUG: KFENCE: out-of-bounds read in _find_next_bit_le+0x10/0x48 > > Ok, I was hoping somebody more ARMy would look at this, particularly > since there is no call trace beyond the actual fault. First I'm aware of it. Was it reported to linux-arm-kernel? I'm guessing the report wasn't Cc'd to me - I can't find anything in my mailbox about it. > I think the fix might be something like this: > > diff --git a/arch/arm/lib/findbit.S b/arch/arm/lib/findbit.S > index b5e8b9ae4c7d..b36ca301892e 100644 > --- a/arch/arm/lib/findbit.S > +++ b/arch/arm/lib/findbit.S > @@ -83,6 +83,8 @@ ENDPROC(_find_first_bit_le) > ENTRY(_find_next_bit_le) > teq r1, #0 > beq 3b > + cmp r2, r1 > + bhs 3b > ands ip, r2, #7 > beq 1b @ If new byte, goto old routine > ARM( ldrb r3, [r0, r2, lsr #3] ) > > but my ARM asm is so broken that the above is just really random noise > that may or may not build - much less work. > > I'll leave it to Russell &co to have a tested and working patch. I think it needs a bit more than that, but as you point out in later emails, the compiler may do a better job for this. One of the reasons for using byte loads was to avoid problems in the early days of Linux where these took void pointers and thus could be misaligned - and using word accesses would have resulted in much pain. However, that was changed to unsigned long pointers back in 2017, so in theory that should no longer be a concern. I don't remember why we used void pointers there originally - that's something which dates back to the 1990s. -- RMK's Patch system: https://www.armlinux.org.uk/developer/patches/ FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!