Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp586189rdb; Thu, 30 Nov 2023 12:32:01 -0800 (PST) X-Google-Smtp-Source: AGHT+IGHe1lMrfbYRmZMJVCvGp3+yiddaUQ92tNuR+gx3PRGTY0VxTODI6EOtX8YqDT8TRZI+98v X-Received: by 2002:a05:6a20:e121:b0:18c:651:66cd with SMTP id kr33-20020a056a20e12100b0018c065166cdmr27158542pzb.60.1701376320726; Thu, 30 Nov 2023 12:32:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701376320; cv=none; d=google.com; s=arc-20160816; b=b4sQdmot6f4nxMKz6lye+c16kPt+R8TJ36eTEI0Cl2Ms+s4JQixrDr3vUSrkZmCZ7/ UvWHPnNF500d0QuWaUelIlEXUB/B8gMpdcB/N/FNC+U/H1scwCG+O3CXgP/Ck4aJJA7S 7b87oEB3vMG6BawFP3JUtfFrL0476P0DQMijPX4ham2QGRbLu1nhJGcZ62pgTwAroI5D ScsB7IrmnHNJvx0HJlYDxxhYStXFxLMrIPygIfPdfdHWsRsk09eTaoKs+Ea+V39dc84Z sJKAe/oVhUc15uKadnqsuatS9YoXC8jvGnTslS2gqzhHMyPGJl1vY0cWCwmydsbWglq3 Sg4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:autocrypt :from:references:cc:to:content-language:subject:user-agent :mime-version:date:message-id:sender:dkim-signature; bh=lT0qrYRiDsoV72KTkVoQoxtzRhRHGxESaqbx7R1F6QI=; fh=dxF1Vy/iae6m6RvPK1WFGKzMNeW80h3y99FSMtMY9GM=; b=rHrsbhsF0pSp7vs+XKtUm0QxDdy+ucN3gQe6UDUqmDPH2HzeNGqf4AXyRdZVYpmasL U+7UAZ38kpEBwkWk8gltZygaTKTx4W5NQ/+5Zqklp9neo/JuHoD6Fvm/ZL9C+sKLi/Da IhAXknfQx787wPJdDqfNVtVnNjx4GjhAe26yHoON/Wn4t0jR1PUrYw6mIB8kqe6fRL6H Mnvbs27HUR+Y6s0ZlgVMIAf2i3JN+29KCY1fLPNWPi5XhH/RTXTzu1K1lMeL3BhndL6w itHWuAY9L3gsxFIPfu7eUQQ2FJ0yYoMQ1QSRcepPCx+MmmMVpec2NWjHvt2nWwfOtp4g EpZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=LdM7Q6hA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id w4-20020a056a0014c400b006b618af5cd5si1954753pfu.300.2023.11.30.12.31.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Nov 2023 12:32:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=LdM7Q6hA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id B693480DF98A; Thu, 30 Nov 2023 12:31:47 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376667AbjK3Ubf (ORCPT + 99 others); Thu, 30 Nov 2023 15:31:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34858 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235171AbjK3UbY (ORCPT ); Thu, 30 Nov 2023 15:31:24 -0500 Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3CC43170D; Thu, 30 Nov 2023 12:31:30 -0800 (PST) Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1cfd78f8a12so13332255ad.2; Thu, 30 Nov 2023 12:31:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701376290; x=1701981090; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:autocrypt:from:references:cc :to:content-language:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=lT0qrYRiDsoV72KTkVoQoxtzRhRHGxESaqbx7R1F6QI=; b=LdM7Q6hAcp15xEH1rfR+GbqvsNlXhLE+gIJ/oINoOTRXgGiOBE5f64jDTilhoOvlHI FTY3+uW6NZcsiLtRMUERioA+k/KSayE1n12BC92GRvvYaDcljhq8NCNX/QPWeQRphaIX bkWjGAdj4+qYVqe2qwE5SRntQYOzh7ZdtIRUK71PuxSfB2e0Y0rPEqkCBjGJTd69MyGP DcBurbkVIGea2iQApqp3mt4exPbVF0IAF46Rrr96CPzCjNaWmrRBzgrVGZoAvF5u55mR JZ4YmclYH0iiqDZ0o+oVHQN9SaOUmYZs8z4ajJcLfMGONiTDdBZI7FtsXnMo0aFU/8p/ QTXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701376290; x=1701981090; h=content-transfer-encoding:in-reply-to:autocrypt:from:references:cc :to:content-language:subject:user-agent:mime-version:date:message-id :sender:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lT0qrYRiDsoV72KTkVoQoxtzRhRHGxESaqbx7R1F6QI=; b=n96OvYiA9GXX38g0X6zIfxo7BLuwxoBSzVgkRLevG8d2gIIP//H7qvzZv6Yp7h67WV eiSEuiecvEx6+dAj2ITYz4ybBimeqkV6qJt3kwINpTfaYRvLpciX8e3TbFCrxVY1x1cV 7jL2fJ63EH08LQr2AnwJMi5hM9xwPgqqfkfz1EJnY4/f2W3Rljr6nt5Tod+oPodWUvJ+ ngFeCCIONxC9ZL23b6EaR+/Z/ypIqg03/yEOdmqEYUzfOjYgVyuAR85A9FLAvsbiEtHc 2H3PPaNvzBs4Hkt6Gg4zZH6JqF9Bu1y12e5atRdgW3Zrthe1/FvTkB8+fAeQrWmo+KTl f9Tw== X-Gm-Message-State: AOJu0Yzn9QuZzZBuBA9MUeRnyaj/mqQTx+3L2T6BU+p5yDu6RvTlhb2y fpI4gRCjUeY+03WnmDsbWYon0OEYJRI= X-Received: by 2002:a17:902:d303:b0:1cc:5691:5113 with SMTP id b3-20020a170902d30300b001cc56915113mr24799769plc.26.1701376289637; Thu, 30 Nov 2023 12:31:29 -0800 (PST) Received: from ?IPV6:2600:1700:e321:62f0:329c:23ff:fee3:9d7c? ([2600:1700:e321:62f0:329c:23ff:fee3:9d7c]) by smtp.gmail.com with ESMTPSA id d13-20020a170903230d00b001cf68d103easm1824937plh.46.2023.11.30.12.31.27 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 30 Nov 2023 12:31:28 -0800 (PST) Sender: Guenter Roeck Message-ID: <43effb57-abbd-46bb-ac7d-cab9616a4532@roeck-us.net> Date: Thu, 30 Nov 2023 12:31:26 -0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] hwmon: (pc87360) Bounds check data->innr usage Content-Language: en-US To: "Gustavo A. R. Silva" , Kees Cook , Jim Cromie Cc: Jean Delvare , linux-hwmon@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org References: <20231130200207.work.679-kees@kernel.org> From: Guenter Roeck Autocrypt: addr=linux@roeck-us.net; keydata= xsFNBE6H1WcBEACu6jIcw5kZ5dGeJ7E7B2uweQR/4FGxH10/H1O1+ApmcQ9i87XdZQiB9cpN RYHA7RCEK2dh6dDccykQk3bC90xXMPg+O3R+C/SkwcnUak1UZaeK/SwQbq/t0tkMzYDRxfJ7 nyFiKxUehbNF3r9qlJgPqONwX5vJy4/GvDHdddSCxV41P/ejsZ8PykxyJs98UWhF54tGRWFl 7i1xvaDB9lN5WTLRKSO7wICuLiSz5WZHXMkyF4d+/O5ll7yz/o/JxK5vO/sduYDIlFTvBZDh gzaEtNf5tQjsjG4io8E0Yq0ViobLkS2RTNZT8ICq/Jmvl0SpbHRvYwa2DhNsK0YjHFQBB0FX IdhdUEzNefcNcYvqigJpdICoP2e4yJSyflHFO4dr0OrdnGLe1Zi/8Xo/2+M1dSSEt196rXaC kwu2KgIgmkRBb3cp2vIBBIIowU8W3qC1+w+RdMUrZxKGWJ3juwcgveJlzMpMZNyM1jobSXZ0 VHGMNJ3MwXlrEFPXaYJgibcg6brM6wGfX/LBvc/haWw4yO24lT5eitm4UBdIy9pKkKmHHh7s jfZJkB5fWKVdoCv/omy6UyH6ykLOPFugl+hVL2Prf8xrXuZe1CMS7ID9Lc8FaL1ROIN/W8Vk BIsJMaWOhks//7d92Uf3EArDlDShwR2+D+AMon8NULuLBHiEUQARAQABzTJHdWVudGVyIFJv ZWNrIChMaW51eCBhY2NvdW50KSA8bGludXhAcm9lY2stdXMubmV0PsLBgQQTAQIAKwIbAwYL CQgHAwIGFQgCCQoLBBYCAwECHgECF4ACGQEFAlVcphcFCRmg06EACgkQyx8mb86fmYFg0RAA nzXJzuPkLJaOmSIzPAqqnutACchT/meCOgMEpS5oLf6xn5ySZkl23OxuhpMZTVX+49c9pvBx hpvl5bCWFu5qC1jC2eWRYU+aZZE4sxMaAGeWenQJsiG9lP8wkfCJP3ockNu0ZXXAXwIbY1O1 c+l11zQkZw89zNgWgKobKzrDMBFOYtAh0pAInZ9TSn7oA4Ctejouo5wUugmk8MrDtUVXmEA9 7f9fgKYSwl/H7dfKKsS1bDOpyJlqhEAH94BHJdK/b1tzwJCFAXFhMlmlbYEk8kWjcxQgDWMu GAthQzSuAyhqyZwFcOlMCNbAcTSQawSo3B9yM9mHJne5RrAbVz4TWLnEaX8gA5xK3uCNCeyI sqYuzA4OzcMwnnTASvzsGZoYHTFP3DQwf2nzxD6yBGCfwNGIYfS0i8YN8XcBgEcDFMWpOQhT Pu3HeztMnF3HXrc0t7e5rDW9zCh3k2PA6D2NV4fews9KDFhLlTfCVzf0PS1dRVVWM+4jVl6l HRIAgWp+2/f8dx5vPc4Ycp4IsZN0l1h9uT7qm1KTwz+sSl1zOqKD/BpfGNZfLRRxrXthvvY8 BltcuZ4+PGFTcRkMytUbMDFMF9Cjd2W9dXD35PEtvj8wnEyzIos8bbgtLrGTv/SYhmPpahJA l8hPhYvmAvpOmusUUyB30StsHIU2LLccUPPOwU0ETofVZwEQALlLbQeBDTDbwQYrj0gbx3bq 7kpKABxN2MqeuqGr02DpS9883d/t7ontxasXoEz2GTioevvRmllJlPQERVxM8gQoNg22twF7 pB/zsrIjxkE9heE4wYfN1AyzT+AxgYN6f8hVQ7Nrc9XgZZe+8IkuW/Nf64KzNJXnSH4u6nJM J2+Dt274YoFcXR1nG76Q259mKwzbCukKbd6piL+VsT/qBrLhZe9Ivbjq5WMdkQKnP7gYKCAi pNVJC4enWfivZsYupMd9qn7Uv/oCZDYoBTdMSBUblaLMwlcjnPpOYK5rfHvC4opxl+P/Vzyz 6WC2TLkPtKvYvXmdsI6rnEI4Uucg0Au/Ulg7aqqKhzGPIbVaL+U0Wk82nz6hz+WP2ggTrY1w ZlPlRt8WM9w6WfLf2j+PuGklj37m+KvaOEfLsF1v464dSpy1tQVHhhp8LFTxh/6RWkRIR2uF I4v3Xu/k5D0LhaZHpQ4C+xKsQxpTGuYh2tnRaRL14YMW1dlI3HfeB2gj7Yc8XdHh9vkpPyuT nY/ZsFbnvBtiw7GchKKri2gDhRb2QNNDyBnQn5mRFw7CyuFclAksOdV/sdpQnYlYcRQWOUGY HhQ5eqTRZjm9z+qQe/T0HQpmiPTqQcIaG/edgKVTUjITfA7AJMKLQHgp04Vylb+G6jocnQQX JqvvP09whbqrABEBAAHCwWUEGAECAA8CGwwFAlVcpi8FCRmg08MACgkQyx8mb86fmYHNRQ/+ J0OZsBYP4leJvQF8lx9zif+v4ZY/6C9tTcUv/KNAE5leyrD4IKbnV4PnbrVhjq861it/zRQW cFpWQszZyWRwNPWUUz7ejmm9lAwPbr8xWT4qMSA43VKQ7ZCeTQJ4TC8kjqtcbw41SjkjrcTG wF52zFO4bOWyovVAPncvV9eGA/vtnd3xEZXQiSt91kBSqK28yjxAqK/c3G6i7IX2rg6pzgqh hiH3/1qM2M/LSuqAv0Rwrt/k+pZXE+B4Ud42hwmMr0TfhNxG+X7YKvjKC+SjPjqp0CaztQ0H nsDLSLElVROxCd9m8CAUuHplgmR3seYCOrT4jriMFBtKNPtj2EE4DNV4s7k0Zy+6iRQ8G8ng QjsSqYJx8iAR8JRB7Gm2rQOMv8lSRdjva++GT0VLXtHULdlzg8VjDnFZ3lfz5PWEOeIMk7Rj trjv82EZtrhLuLjHRCaG50OOm0hwPSk1J64R8O3HjSLdertmw7eyAYOo4RuWJguYMg5DRnBk WkRwrSuCn7UG+qVWZeKEsFKFOkynOs3pVbcbq1pxbhk3TRWCGRU5JolI4ohy/7JV1TVbjiDI HP/aVnm6NC8of26P40Pg8EdAhajZnHHjA7FrJXsy3cyIGqvg9os4rNkUWmrCfLLsZDHD8FnU mDW4+i+XlNFUPUYMrIKi9joBhu18ssf5i5Q= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Thu, 30 Nov 2023 12:31:48 -0800 (PST) On 11/30/23 12:11, Gustavo A. R. Silva wrote: > > > On 11/30/23 14:02, Kees Cook wrote: >> Without visibility into the initializers for data->innr, GCC suspects >> using it as an index could walk off the end of the various 14-element >> arrays in data. Perform an explicit clamp to the array size. Silences >> the following warning with GCC 12+: >> >> ../drivers/hwmon/pc87360.c: In function 'pc87360_update_device': >> ../drivers/hwmon/pc87360.c:341:49: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] >>    341 |                                 data->in_max[i] = pc87360_read_value(data, >>        |                                 ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~ >>    342 |                                                   LD_IN, i, >>        |                                                   ~~~~~~~~~ >>    343 |                                                   PC87365_REG_IN_MAX); >>        |                                                   ~~~~~~~~~~~~~~~~~~~ >> ../drivers/hwmon/pc87360.c:209:12: note: at offset 255 into destination object 'in_max' of size 14 >>    209 |         u8 in_max[14];          /* Register value */ >>        |            ^~~~~~ >> >> Cc: Jim Cromie >> Cc: Jean Delvare >> Cc: Guenter Roeck >> Cc: linux-hwmon@vger.kernel.org >> Signed-off-by: Kees Cook > > Looks good to me. > > Reviewed-by: Gustavo A. R. Silva > Guess I'll apply it, even though it is quite pointless. But arguing against such changes seems like shouting into the wind, so whatever. There are several other similar "unchecked" loops, including loops for fannr and tempnr. The driver would misbehave badly if any of those would ever be outside the valid range, both when accessing the hardware and writing into various arrays. Guenter