From: Simon Horman <horms@kernel.org>
To: Jeffrey Hugo <quic_jhugo@quicinc.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Woojung Huh <woojung.huh@microchip.com>,
Andrew Lunn <andrew@lunn.ch>,
Florian Fainelli <f.fainelli@gmail.com>,
Vladimir Oltean <olteanv@gmail.com>,
Richard Cochran <richardcochran@gmail.com>,
Jiawen Wu <jiawenwu@trustnetic.com>,
Mengyuan Lou <mengyuanlou@net-swift.com>,
Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Bill Wendling <morbo@google.com>,
Justin Stitt <justinstitt@google.com>,
Carl Vanderlip <quic_carlv@quicinc.com>,
Oded Gabbay <ogabbay@kernel.org>,
UNGLinuxDriver@microchip.com, netdev@vger.kernel.org,
llvm@lists.linux.dev, linux-arm-msm@vger.kernel.org,
dri-devel@lists.freedesktop.org
Subject: Re: [PATCH net-next 3/3] accel/qaic: Pass string literal as format argument of alloc_workqueue()
Date: Fri, 11 Oct 2024 20:30:41 +0100 [thread overview]
Message-ID: <20241011193041.GC53629@kernel.org> (raw)
In-Reply-To: <468f05e2-1717-3bd1-2ccb-280865180b0c@quicinc.com>
On Fri, Oct 11, 2024 at 08:27:43AM -0600, Jeffrey Hugo wrote:
> On 10/11/2024 3:57 AM, Simon Horman wrote:
> > Recently I noticed that both gcc-14 and clang-18 report that passing
> > a non-string literal as the format argument of alloc_workqueue()
> > is potentially insecure.
> >
> > E.g. clang-18 says:
> >
> > .../qaic_drv.c:61:23: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
> > 61 | wq = alloc_workqueue(fmt, WQ_UNBOUND, 0);
> > | ^~~
> > .../qaic_drv.c:61:23: note: treat the string as an argument to avoid this
> > 61 | wq = alloc_workqueue(fmt, WQ_UNBOUND, 0);
> > | ^
> > | "%s",
> >
> > It is always the case where the contents of fmt is safe to pass as the
> > format argument. That is, in my understanding, it never contains any
> > format escape sequences.
> >
> > But, it seems better to be safe than sorry. And, as a bonus, compiler
> > output becomes less verbose by addressing this issue as suggested by
> > clang-18.
> >
> > Also, change the name of the parameter of qaicm_wq_init from
> > fmt to name to better reflect it's purpose.
> >
> > Compile tested only.
>
> I'm not sure why this looks like it is targeted for net-next. I'm not
> seeing any dependencies on net code, nor is this a net driver. My confusion
> makes me think I might be missing something.
>
> I'll plan on independently taking this through DRM, unless something is
> brought to my attention.
>
> Regarding the patch itself, looks sane to me. I'll give it run through on
> hardware soon.
Sorry, the error is on my side.
I should not targeted this patch at net-next.
Let me know if I should repost it.
As the series isn't entirely for net-next, I'll mark
it as changes requested in netdev patchwork. And plan
on reposting the other two patches for net-next some time soon.
--
pw-bot: cr
next prev parent reply other threads:[~2024-10-11 19:30 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-11 9:57 [PATCH net-next 0/3] net: String format safety updates Simon Horman
2024-10-11 9:57 ` [PATCH net-next 1/3] net: dsa: microchip: copy string using strscpy Simon Horman
2024-10-13 9:52 ` Daniel Machon
2024-10-11 9:57 ` [PATCH net-next 2/3] net: txgbe: Pass string literal as format argument of alloc_workqueue() Simon Horman
2024-10-11 9:57 ` [PATCH net-next 3/3] accel/qaic: " Simon Horman
2024-10-11 14:27 ` Jeffrey Hugo
2024-10-11 19:30 ` Simon Horman [this message]
2024-10-18 19:38 ` Jeffrey Hugo
2024-10-18 19:41 ` Jeffrey Hugo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241011193041.GC53629@kernel.org \
--to=horms@kernel.org \
--cc=UNGLinuxDriver@microchip.com \
--cc=andrew@lunn.ch \
--cc=davem@davemloft.net \
--cc=dri-devel@lists.freedesktop.org \
--cc=edumazet@google.com \
--cc=f.fainelli@gmail.com \
--cc=jiawenwu@trustnetic.com \
--cc=justinstitt@google.com \
--cc=kuba@kernel.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=mengyuanlou@net-swift.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=netdev@vger.kernel.org \
--cc=ogabbay@kernel.org \
--cc=olteanv@gmail.com \
--cc=pabeni@redhat.com \
--cc=quic_carlv@quicinc.com \
--cc=quic_jhugo@quicinc.com \
--cc=richardcochran@gmail.com \
--cc=woojung.huh@microchip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.