mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 14:14:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/char
History
Kees Cook e52432e164 tpm: vtpm_proxy: Check length to avoid compiler warning 
When building with -Warray-bounds under GCC 11.2, this warning was
emitted:

In function 'memset',
    inlined from 'vtpm_proxy_fops_read' at drivers/char/tpm/tpm_vtpm_proxy.c:102:2:
./include/linux/fortify-string.h:43:33: warning: '__builtin_memset' pointer overflow between offset 164 and size [2147483648, 4294967295]
[-Warray-bounds]
   43 | #define __underlying_memset     __builtin_memset
      |                                 ^

This warning appears to be triggered due to the "count < len"
check in vtpm_proxy_fops_read() splitting the CFG[1], and the compiler
attempting to reason about the possible value range in len compared
to the buffer size.

In order to silence this warning, and to keep this code robust if the
use of proxy_dev->req_len ever changes in the future, explicitly check
the size of len before reaching the memset().

[1] https://lore.kernel.org/lkml/CAG48ez1iTF9KegKJrW5a3WzXgCPZJ73nS2_e5esKJRppdzvv8g@mail.gmail.com

Cc: Peter Huewe <peterhuewe@gmx.de>
Cc: Jarkko Sakkinen <jarkko@kernel.org>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Cc: linux-integrity@vger.kernel.org
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Link: https://lore.kernel.org/lkml/4b59d305-6858-1514-751a-37853ad777be@linux.ibm.com
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220119184354.3367603-1-keescook@chromium.org
2022-02-27 10:58:04 -08:00
..
agp pci-v5.17-changes 2022-01-16 08:08:11 +02:00
hw_random virtio,vdpa,qemu_fw_cfg: features, cleanups, fixes 2022-01-18 10:05:48 +02:00
ipmi ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module 2021-12-21 08:04:42 -06:00
mwave char/mwave: Adjust io port register size 2021-12-03 14:27:06 +01:00
pcmcia cm4000_cs: Use struct_group() to zero struct cm4000_dev region 2021-09-25 08:20:49 -07:00
tpm tpm: vtpm_proxy: Check length to avoid compiler warning 2022-02-27 10:58:04 -08:00
xilinx_hwicap treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
xillybus char: xillybus: fix msg_ep UAF in xillyusb_probe() 2021-10-19 09:40:18 +02:00
adi.c
apm-emulation.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
applicom.c applicom: unneed to initialise statics to 0 2021-12-21 10:14:08 +01:00
applicom.h
bsr.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
ds1620.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
dsp56k.c
dtlk.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
hangcheck-timer.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 405 2019-06-05 17:37:13 +02:00
hpet.c hpet: simplify subdirectory registration with register_sysctl() 2022-01-22 08:33:34 +02:00
Kconfig char: move RANDOM_TRUST_CPU & RANDOM_TRUST_BOOTLOADER into the Character devices menu 2021-08-16 19:02:19 +02:00
lp.c char: lp: remove redundant space around (inside) parenthesized expressions 2021-03-24 08:26:32 +01:00
Makefile remove the raw driver 2021-06-04 15:35:03 +02:00
mem.c /dev/mem: nowait zero/null ops 2021-09-14 10:46:19 +02:00
misc.c char: misc: increase DYNAMIC_MINORS value 2020-11-03 09:52:04 +01:00
mspec.c char: mspec: Use kvzalloc() in mspec_mmap() 2020-08-28 12:10:04 +02:00
nsc_gpio.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nvram.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
nwbutton.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nwbutton.h misc: cleanup minor number definitions in c file into miscdevice.h 2020-03-18 12:27:03 +01:00
nwflash.c misc: move FLASH_MINOR into miscdevice.h and fix conflicts 2020-03-18 12:27:04 +01:00
pc8736x_gpio.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
powernv-op-panel.c powerpc/powernv: Fix fall-through warning for Clang 2021-07-13 19:21:41 -05:00
ppdev.c ppdev: Distribute switch variables for initialization 2020-02-23 20:28:12 +01:00
ps3flash.c powerpc/ps3: make system bus's remove and shutdown callbacks return void 2020-12-04 01:01:22 +11:00
random.c random: only call crng_finalize_init() for primary_crng 2022-02-04 19:22:32 +01:00
scx200_gpio.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
sonypi.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
tb0219.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
tlclk.c drivers: char: tlclk.c: Avoid data race between init and interrupt handler 2020-04-23 16:55:24 +02:00
toshiba.c module: remove never implemented MODULE_SUPPORTED_DEVICE 2021-03-17 13:16:18 -07:00
ttyprintk.c tty: drop put_tty_driver 2021-07-27 12:17:21 +02:00
uv_mmtimer.c
virtio_console.c virtio: wrap config->reset calls 2022-01-14 18:50:52 -05:00