Received: by 2002:a05:7412:3784:b0:e2:908c:2ebd with SMTP id jk4csp1604293rdb;
        Mon, 2 Oct 2023 15:10:58 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFoL9tKmHSgAyAejKjwr1EPe8DiigpQ0ZWD+avDk51O6cIr3euu11C1UlK3JYqoBurhf5gP
X-Received: by 2002:a05:6870:f10d:b0:1c8:d72a:d6b8 with SMTP id k13-20020a056870f10d00b001c8d72ad6b8mr15063061oac.36.1696284658169;
        Mon, 02 Oct 2023 15:10:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1696284658; cv=none;
        d=google.com; s=arc-20160816;
        b=L81nVxG1sKbbpf5wH12kzegNeLUa7Oig+3HJyoPjNtFNEoKhpyVb2jW9oY7KMN/5n/
         o/rMM9oIC++oWFBlS46ia8rNeSCVx7tMCNsy7+Wue3cJ/BK4Ngmw0a5QzcIOB4XYCtBE
         UVSb85m89eua8bogcC1kXJNF2EI/G190q92F+pdXuOAuNZSEsfKmCSGI72uZgIO4t1z6
         Kc5lA+OF8SIoUPzqNSJq5LeNU4brkz6AZ4wTozY3gayc9i0gvRoMnXa43eXmrpo/dXFk
         vlcewwX+3Zq8pGf9UdUY58R9kqayEbj56vmntYRQ/o5wV2rExd+XerOjImNmMPVVSmVx
         UAYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:subject:content-transfer-encoding:in-reply-to
         :from:references:cc:to:content-language:user-agent:mime-version:date
         :message-id:dkim-signature;
        bh=XGVVjLtCy/b7XBDMrd+l3TWnpYYLvXFcVZSGnHlFQ0I=;
        fh=YynLMRNa8hIHN38xNpZw2eGAyWBGYUbM9AInJOFttHg=;
        b=xPZZ+Z14gZz/xe1uKjQ/uR1lv96x4BD9GVdPbyQ5LuQjRAA9jbynb1JyNpPxlgS1h3
         zizaQ4lk7lp7demumyzHDfUthZyxSgi+b7YOoEt4OM/dqKKaxtzmoyL3px1fcsiXAKYO
         kdcN5HMWwhY5JzJx0URugmmtWP8W0s8YD+57OsW5yUqxcvLqMfUZRHZyiCMtlWdf6sS6
         LHVMxyRhf+CcjRfKCvO6JYHs1OUzs+EiKaQG2UKqxn1dVnaK6J7e1ttyJCopXw6Wi8Rp
         qQt1yknzcRdFCGtVFkaNjUYJNG4A3uw7cpS6oTDL4C4Rv86eRjksFJLYh3a/mhaU4Hef
         HwSw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@deltatee.com header.s=20200525 header.b=mJQqcPDw;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=deltatee.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5])
        by mx.google.com with ESMTPS id e26-20020a63545a000000b005704f061aecsi28711610pgm.279.2023.10.02.15.10.57
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 02 Oct 2023 15:10:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@deltatee.com header.s=20200525 header.b=mJQqcPDw;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=deltatee.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by groat.vger.email (Postfix) with ESMTP id 9F6D1807665F;
	Mon,  2 Oct 2023 09:40:57 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231815AbjJBQku (ORCPT <rfc822;recursive.nomad@gmail.com>
        + 99 others); Mon, 2 Oct 2023 12:40:50 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46018 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230107AbjJBQkt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 2 Oct 2023 12:40:49 -0400
X-Greylist: delayed 1991 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Mon, 02 Oct 2023 09:40:44 PDT
Received: from ale.deltatee.com (ale.deltatee.com [204.191.154.188])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BFD7A9B;
        Mon,  2 Oct 2023 09:40:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
        d=deltatee.com; s=20200525; h=Subject:In-Reply-To:From:References:Cc:To:
        MIME-Version:Date:Message-ID:content-disposition;
        bh=XGVVjLtCy/b7XBDMrd+l3TWnpYYLvXFcVZSGnHlFQ0I=; b=mJQqcPDwO7ipsx68RKWvm0jKtr
        FhyNNxdJSAYCuqGp617XQ+BSogb8Pfn7INKEXNbGv1t8ftDBmR86NY0yWTghteijc+FPWNLX5LowD
        vZdlqta/hTH0lChornsXgF/i4XXA/64c7kmp5LvFJaiq4XXQdR46f+y4m7m1TOlbzkpDnyQQT2f+y
        W4eZXQvVqtVFivZr4qskUjmy48juNz3iDo3x1PmuwRFaNkQR0PqRbkA9eC64D+/mILIafBxGaXdRf
        S2JyxGWZLtDxNFClQvZdZMQfK9qxxn3Rf2/p8Du7URV62I8opHx9O1l4KRAYBOg5/9CR0i4KvXJuu
        MyYHwAOQ==;
Received: from guinness.priv.deltatee.com ([172.16.1.162])
        by ale.deltatee.com with esmtpsa  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        (Exim 4.94.2)
        (envelope-from <logang@deltatee.com>)
        id 1qnLS5-002kN1-J5; Mon, 02 Oct 2023 10:07:23 -0600
Message-ID: <29da763d-1570-7197-2d5a-03c5659b8b52@deltatee.com>
Date:   Mon, 2 Oct 2023 10:07:21 -0600
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.15.1
Content-Language: en-CA
To:     "Gustavo A. R. Silva" <gustavoars@kernel.org>,
        Bjorn Helgaas <bhelgaas@google.com>
Cc:     linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-hardening@vger.kernel.org
References: <ZRnf6wVOu0IJQ2Ok@work>
From:   Logan Gunthorpe <logang@deltatee.com>
In-Reply-To: <ZRnf6wVOu0IJQ2Ok@work>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 172.16.1.162
X-SA-Exim-Rcpt-To: gustavoars@kernel.org, bhelgaas@google.com, linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
X-SA-Exim-Mail-From: logang@deltatee.com
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email
X-Spam-Level: 
X-Spam-Status: No, score=-3.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
	autolearn_force=no version=3.4.6
Subject: Re: [PATCH][next] PCI/P2PDMA: Fix undefined behavior bug in struct
 pci_p2pdma_pagemap
X-SA-Exim-Version: 4.2.1 (built Sat, 13 Feb 2021 17:57:42 +0000)
X-SA-Exim-Scanned: Yes (on ale.deltatee.com)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 02 Oct 2023 09:40:57 -0700 (PDT)



On 2023-10-01 15:08, Gustavo A. R. Silva wrote:
> `struct dev_pagemap` is a flexible structure, which means that it
> contains a flexible-array member at the bottom. This could potentially
> lead to an overwrite of the objects following `pgmap` in `struct
> pci_p2pdma_pagemap`, when `nr_range > 1`.
> 
> Fix this by placing the declaration of object `pgmap` at the end of
> `struct pci_p2pdma_pagemap`.
> 
> -Wflex-array-member-not-at-end is coming in GCC-14, and we are getting
> ready to enable it globally.
> 
> Fixes: 0afea3814358 ("PCI/P2PDMA: Add provider's pci_dev to pci_p2pdma_pagemap struct")
> Fixes: a6e6fe6549f6 ("PCI/P2PDMA: Introduce private pagemap structure")
> Cc: stable@vger.kernel.org
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>


Makes sense to me, thanks.

Although, I'm not sure the fixes tags are appropriate. The
flexible-array member was introduced in 5.10 (b7b3c01b19) and both the
"fixed" commits predate that change by a number of releases.

Also, it's probably worth noting in the commit message that the p2pdma
code hardcodes nr_ranges to 1 (in pci_p2pdma_add_resource); so there is
no way to actually hit any bug with the current code.

I totally agree that the patch should be applied to prevent possible
bugs being introduced in the future:

Reviewed-by: Logan Gunthorpe <logang@deltatee.com>

Logan