# git rev-parse -q --verify a73bbfba991f8bb5d1814affcf1f7642ca0cdd35^{commit} # git fetch -q -n -f https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git for-next/kspp warning: The last gc run reported the following. Please correct the root cause and remove .git/gc.log. Automatic cleanup will not be performed until the file is removed. warning: There are too many unreachable loose objects; run 'git prune' to remove them. # git rev-parse -q --verify a73bbfba991f8bb5d1814affcf1f7642ca0cdd35^{commit} a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # git checkout -q -f -B kisskb a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # git clean -qxdf # < git log -1 # commit a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # Author: Gustavo A. R. Silva # Date: Wed Mar 10 19:40:43 2021 -0600 # # media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() # # Rename struct sms_msg_data4 to sms_msg_data5 and increase the size of # its msg_data array from 4 to 5 elements. Notice that at some point # the 5th element of msg_data is being accessed in function # smscore_load_firmware_family2(): # # 1006 trigger_msg->msg_data[4] = 4; /* Task ID */ # # Also, there is no need for the object _trigger_msg_ of type struct # sms_msg_data *, when _msg_ can be used, directly. Notice that msg_data # in struct sms_msg_data is a one-element array, which causes multiple # out-of-bounds warnings when accessing beyond its first element # in function smscore_load_firmware_family2(): # # 992 struct sms_msg_data *trigger_msg = # 993 (struct sms_msg_data *) msg; # 994 # 995 pr_debug("sending MSG_SMS_SWDOWNLOAD_TRIGGER_REQ\n"); # 996 SMS_INIT_MSG(&msg->x_msg_header, # 997 MSG_SMS_SWDOWNLOAD_TRIGGER_REQ, # 998 sizeof(struct sms_msg_hdr) + # 999 sizeof(u32) * 5); # 1000 # 1001 trigger_msg->msg_data[0] = firmware->start_address; # 1002 /* Entry point */ # 1003 trigger_msg->msg_data[1] = 6; /* Priority */ # 1004 trigger_msg->msg_data[2] = 0x200; /* Stack size */ # 1005 trigger_msg->msg_data[3] = 0; /* Parameter */ # 1006 trigger_msg->msg_data[4] = 4; /* Task ID */ # # even when enough dynamic memory is allocated for _msg_: # # 929 /* PAGE_SIZE buffer shall be enough and dma aligned */ # 930 msg = kmalloc(PAGE_SIZE, GFP_KERNEL | coredev->gfp_buf_flags); # # but as _msg_ is casted to (struct sms_msg_data *): # # 992 struct sms_msg_data *trigger_msg = # 993 (struct sms_msg_data *) msg; # # the out-of-bounds warnings are actually valid and should be addressed. # # Fix this by declaring object _msg_ of type struct sms_msg_data5 *, # which contains a 5-elements array, instead of just 4. And use # _msg_ directly, instead of creating object trigger_msg. # # This helps with the ongoing efforts to enable -Warray-bounds by fixing # the following warnings: # # CC [M] drivers/media/common/siano/smscoreapi.o # drivers/media/common/siano/smscoreapi.c: In function ‘smscore_load_firmware_family2’: # drivers/media/common/siano/smscoreapi.c:1003:24: warning: array subscript 1 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1003 | trigger_msg->msg_data[1] = 6; /* Priority */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # drivers/media/common/siano/smscoreapi.c:1004:24: warning: array subscript 2 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1004 | trigger_msg->msg_data[2] = 0x200; /* Stack size */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # drivers/media/common/siano/smscoreapi.c:1005:24: warning: array subscript 3 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1005 | trigger_msg->msg_data[3] = 0; /* Parameter */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # drivers/media/common/siano/smscoreapi.c:1006:24: warning: array subscript 4 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1006 | trigger_msg->msg_data[4] = 4; /* Task ID */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # # Fixes: 018b0c6f8acb ("[media] siano: make load firmware logic to work with newer firmwares") # Co-developed-by: Kees Cook # Signed-off-by: Kees Cook # Signed-off-by: Gustavo A. R. Silva # < /opt/cross/kisskb/korg/gcc-9.2.0-nolibc/powerpc64-linux/bin/powerpc64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-9.2.0-nolibc/powerpc64-linux/bin/powerpc64-linux-ld --version # < git log --format=%s --max-count=1 a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # < make -s -j 8 ARCH=powerpc O=/kisskb/build/gustavoars_mpc85xx_defconfig_powerpc-gcc9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-9.2.0-nolibc/powerpc64-linux/bin/powerpc64-linux- mpc85xx_defconfig # < make -s -j 8 ARCH=powerpc O=/kisskb/build/gustavoars_mpc85xx_defconfig_powerpc-gcc9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-9.2.0-nolibc/powerpc64-linux/bin/powerpc64-linux- help # make -s -j 8 ARCH=powerpc O=/kisskb/build/gustavoars_mpc85xx_defconfig_powerpc-gcc9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-9.2.0-nolibc/powerpc64-linux/bin/powerpc64-linux- olddefconfig # make -s -j 8 ARCH=powerpc O=/kisskb/build/gustavoars_mpc85xx_defconfig_powerpc-gcc9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-9.2.0-nolibc/powerpc64-linux/bin/powerpc64-linux- In file included from /kisskb/src/include/linux/kernel.h:11, from /kisskb/src/include/linux/list.h:9, from /kisskb/src/include/linux/module.h:12, from /kisskb/src/drivers/net/ethernet/freescale/fs_enet/mac-scc.c:15: /kisskb/src/drivers/net/ethernet/freescale/fs_enet/mac-scc.c: In function 'allocate_bd': /kisskb/src/include/linux/err.h:22:49: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 22 | #define IS_ERR_VALUE(x) unlikely((unsigned long)(void *)(x) >= (unsigned long)-MAX_ERRNO) | ^ /kisskb/src/include/linux/compiler.h:78:42: note: in definition of macro 'unlikely' 78 | # define unlikely(x) __builtin_expect(!!(x), 0) | ^ /kisskb/src/drivers/net/ethernet/freescale/fs_enet/mac-scc.c:139:6: note: in expansion of macro 'IS_ERR_VALUE' 139 | if (IS_ERR_VALUE(fep->ring_mem_addr)) | ^~~~~~~~~~~~ /kisskb/src/arch/powerpc/boot/dts/fsl/mpc8541cds.dts:330.3-21: Warning (pci_device_bus_num): /pci@e0008000/i8259@19000:bus-range: PCI bus number 1 out of range, expected (0 - 0) /kisskb/src/arch/powerpc/boot/dts/fsl/mpc8555cds.dts:330.3-21: Warning (pci_device_bus_num): /pci@e0008000/i8259@19000:bus-range: PCI bus number 1 out of range, expected (0 - 0) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf11638) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:10 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7085854 Bytes = 6919.78 KiB = 6.76 MiB Load Address: 00000000 Entry Point: 00000000 INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:11 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7119123 Bytes = 6952.27 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 0100031c INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:12 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7122627 Bytes = 6955.69 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:12 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118978 Bytes = 6952.13 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:12 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7121573 Bytes = 6954.66 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:12 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7120900 Bytes = 6954.00 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:12 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118970 Bytes = 6952.12 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:13 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118674 Bytes = 6951.83 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) INFO: Uncompressed kernel (size 0xf21d64) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x1000000) Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:16 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7122693 Bytes = 6955.75 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:16 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118577 Bytes = 6951.74 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:17 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118775 Bytes = 6951.93 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 0100031c Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:18 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7119986 Bytes = 6953.11 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:19 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118777 Bytes = 6951.93 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 0100031c Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:19 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7118776 Bytes = 6951.93 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 0100031c Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:19 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7119201 Bytes = 6952.34 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 010002cc Image Name: Linux-5.13.0-rc2-ga73bbfba991f Created: Wed Jun 23 09:24:19 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 7119238 Bytes = 6952.38 KiB = 6.79 MiB Load Address: 01000000 Entry Point: 0100031c Completed OK # rm -rf /kisskb/build/gustavoars_mpc85xx_defconfig_powerpc-gcc9 # Build took: 0:04:14.486894