From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BBDC8107761C for ; Wed, 18 Mar 2026 21:19:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:References:To:From:Subject: Cc:Message-Id:Date:Mime-Version:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=y2AwA0GGSqzUZTgeWWNRt/QkRNvC7GJB1S4x0xOuQts=; b=nbdqwr6ARBRiMP w3JsqmkpAcuTbr9sAigVPoXZQ0dicUM23tkmDCeq2WOEZBx9S5bKYqFOGpz+vSMjQ9ZfAKAS6ZPmR zselWPFZOLJ6BGWlLkgWM/19+CtNyfqOkaSlqWQOWnPlqotk+n1cnm1NlIS2gIgEEUqiQhm6486cl YTUGvEysccrOJ3KO281QvbOQ2hhYEKoiGBFiYmHOM/A7MQq/XhpS63Q1tFRB95jO5IzXubpJLOiGL sWjluLIkSAT7VV+ANZkOy8xgdq5rXUMtUzSEo2Q2QQC+EO1YTnUwk6CQrcjVHPsf4ThXQPgg9ypXD oOzkEBz4aFY6ep4nhIVQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1w2yIa-00000009NDX-0yyo; Wed, 18 Mar 2026 21:19:28 +0000 Received: from mail-yw1-x112e.google.com ([2607:f8b0:4864:20::112e]) by bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux)) id 1w2yIY-00000009NCu-0HI5 for kvm-riscv@lists.infradead.org; Wed, 18 Mar 2026 21:19:27 +0000 Received: by mail-yw1-x112e.google.com with SMTP id 00721157ae682-79a46260385so3861667b3.3 for ; Wed, 18 Mar 2026 14:19:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773868764; x=1774473564; darn=lists.infradead.org; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; b=DubDZY/87GoCPOJi0ahxlHKpbCVOFfdW5jWWi1itdhhC+tg2v/hfi+pbis7+07JcA+ SqjqjGsLxuCWeFhAY7PLyvB58F0Onz0cYaaAmzJFjQhWaXVK5y91HjLLV2Xf73aHuiX2 i7j6x0xlVZv/QdF0WrS8HIzfe+2GegWvSPeUsqDpEIK/vD3mwfdEWecXtHBylTt7HCy8 gs0xSUuiEi6KQXTnyL/vOoSHx2U1pQHazewRI7ijIZbu9dItNfCcWBO4qrrN1lDXJxnm peeULC+uNdLS+bUE9dfH84PRJwTff50auSfdP67zyI/b4eNO5ej1z8RKmNSD0/m1wfjv wOTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773868764; x=1774473564; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; b=oaGhr5ewk4xPWtOvZ4/rKniOnjgcKX6/n+pCfIM5XJj8bSpjhVcuHuzXXRYgD7hqWG fZIMkhOUbktG097DIEUKabCXWaKxiEDzLMFS2n7zXsP2KRxon7XCVjXPCNXl7ydIxzdb 7dAgx6RN9ysMuZpt/cGMJ0u9P1vqw6pfn0PfvqeKLHtNi6peutGPUd2qOaIxw/UkZDt7 umhfbPmASRZIY+QghzoKli6kXrNRGLSiwWKPDaDbNNZVY3eOsXLOQX2aOu6v4Xtxqj4W tLVrdYFYTOj6a7bT63tiR8IUaFtak0fZyJFlLviqajF429vIRrsnmVvI1Qab7dpbO0jc 5q/g== X-Forwarded-Encrypted: i=1; AJvYcCXyqjpwul8h9OoHe6MrSd91h8tMGhAHsuIk0QkwXamv9cFz2Vp4MCLxeSzarDBIAuCDCBtUAbHFji0=@lists.infradead.org X-Gm-Message-State: AOJu0YwPQZzK/JfzMI6Ra0mEV+qSnFdToXmJ8R41dnD4Ve3gI5mFkdD6 mWkxqYMwDqIsb15qrxFvNhXSoCHfap1qXIL1vT0qkUziJHluHEldYhAy X-Gm-Gg: ATEYQzzshsvWBP0sX2CZhNSJyTfRRdwnribqWDSGwfZQ2bAxb0w7W7lsO1bNIe+R2V+ KJ9toKLDG6+mhtsLYYqNpcVPfaoiGz1NNqc6YA+w4HePa4JTR3LG+BMFV4pA5n7Sqo6X+SAx/1D aQqnuD1emIdHZLJccbpgHUcf5E2ds97/5awMSqhLd0yV5LbJAuZNjiiRiB0GvRdPk/VsOzL5KL2 kqWUypDZ1O0c1vE5PUAfOCkfldkHlMImJeCQnWS0rYbYandaGZB9KtzfayGkMAicIiKX0U5/xIh Z2OpRwZOaDH1pOXv9DohWUwVRAjCkuszmDIPtYHjWqH1PpAxXZWDGxRsmmi2RRqFC3noYEJFAFm VDoqAqVNIjSkGjKv/atnjX8o0ibJp/CicjbZhMXovPMgWBh1X6SkNim8rdGiVYAtgWVAOePLMQs 7uSXgTdiZOHKM26nbato9P351NiXvxObr8lbt5IgNm6RlEKotPEW5gwR3pxYi/s1t/jMu+cF+L8 SuzLzUEvDMr235EGPDJNLBlQixGipCZ X-Received: by 2002:a05:690c:dc4:b0:79a:2ef2:82a with SMTP id 00721157ae682-79a718c82b6mr50873677b3.20.1773868764218; Wed, 18 Mar 2026 14:19:24 -0700 (PDT) Received: from localhost ([2601:7c0:c37e:2360::f769]) by smtp.gmail.com with ESMTPSA id 00721157ae682-79a7136de7bsm24223777b3.2.2026.03.18.14.19.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 18 Mar 2026 14:19:23 -0700 (PDT) Mime-Version: 1.0 Date: Wed, 18 Mar 2026 16:19:22 -0500 Message-Id: Cc: , , , , , , , , , Subject: Re: [PATCH] RISC-V: KVM: Fix out-of-bounds by 1 From: "Ethan Tidmore" To: "Ethan Tidmore" , X-Mailer: aerc 0.21.0-0-g5549850facc2 References: <20260228152226.2116895-1-ethantidmore06@gmail.com> In-Reply-To: <20260228152226.2116895-1-ethantidmore06@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20260318_141926_108785_61ABB2B6 X-CRM114-Status: UNSURE ( 8.13 ) X-CRM114-Notice: Please train this message. X-BeenThere: kvm-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "kvm-riscv" Errors-To: kvm-riscv-bounces+kvm-riscv=archiver.kernel.org@lists.infradead.org On Sat Feb 28, 2026 at 9:22 AM CST, Ethan Tidmore wrote: > The array kvpmu->pmc is defined as: > > struct kvm_pmc pmc[RISCV_KVM_MAX_COUNTERS]; > > So, accessing it with index RISCV_KVM_MAX_COUNTERS would be > out-of-bounds by 1. > > Change index check from > to >=. > > Detected by Smatch: > arch/riscv/kvm/vcpu_pmu.c:528 kvm_riscv_vcpu_pmu_ctr_info() error: > buffer overflow 'kvpmu->pmc' 64 <= 64 > > Fixes: 8f0153ecd3bf1 ("RISC-V: KVM: Add skeleton support for perf") > Signed-off-by: Ethan Tidmore > --- Friendly ping. Thanks, ET -- kvm-riscv mailing list kvm-riscv@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kvm-riscv From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-yw1-f169.google.com (mail-yw1-f169.google.com [209.85.128.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6C1BF2DF12E for ; Wed, 18 Mar 2026 21:19:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.169 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773868766; cv=none; b=NnWyZkZlL9Q/DAGZ7P+V+qVePO0CeSift0EJCFgXEgHFJD3mGpM8frrmtTddBMlKWYj6+cEkgxaE6fhLMq0xfE/a77rPQLHw6YBhX8gmTObuIbfz420V3mImrffBqAkE5v1eTT1bNolXEZgB12+NqPHiLR/B7yc8g/SbznotR0M= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773868766; c=relaxed/simple; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=GXSiV0L3bk22V1ZdFpaJQFEWKA6NxkgMBlv0iLJ2GbKphvWY3nbWdtE9kSJEbCn/l1MQK6Ydm8nWjO1xlxdsmDL/gQJGGqq77V1ZDF6lj7/OKU1HPOMJGzMhgC8HPp9FGNdVn72JevHYWJRUaoYouRmm+jlQAUqN9nSbCbhRQeQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=FkMo/X2R; arc=none smtp.client-ip=209.85.128.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="FkMo/X2R" Received: by mail-yw1-f169.google.com with SMTP id 00721157ae682-79a5ad7cc52so4172597b3.2 for ; Wed, 18 Mar 2026 14:19:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773868764; x=1774473564; darn=vger.kernel.org; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; b=FkMo/X2RL5HwAxJFx62+IqwDiAbwfajbTlZ7deTXl4tr5SXhbRNf5wpuoRItwFEyqi PjNVZWFlv9d/iz3i3ptkzyhdHT42BM2QDYrDJIzfY7PZa96zkFnlazvvQR/NfXIfWt1I iggfM0Bj536s/mMM8vR1QaZ2C0LqLI3/C3HtOlQQmm908miFicE+t0bB88OgRu4Zvnmh SwdNGI2Nma+6C6Z2O8MuwP+dW66x2Uylm1JcTX1EffC1td0fjKXt9c/zIT3mo00E3pWy dSodlh7CWlwOXCcauJc3L/c1YqF6h3Ahnn0gDjZ2Nyo99pWxJ+YvB12zIT9o0iVrtOfB L6Xw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773868764; x=1774473564; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; b=DiXr0MUwqtE2JZ2ZEZwLYp/vfAD7ouTiQGr6b5vCRuPFyZgF8Pzy23jL5A81cOXpM2 nnQMb3+Vy1pEQl3Rli2UvSRpS6jpg79pT/Bc58xaytYqd0KG7qNp+C5TzkexLjDl9xza 6YvkYI/OHP8vvydUNf2B+1kYHuZwr8rewgx5oe7DrK0tNFXLPWorzpKivhQh0UxY8wmr vTivxvl31vM2ur6ZMWqjW0VD4uU+vXABGb2hxlvl9/u0jLbpnJ4z60kGOICO2O29uhEI cffPP1ILrmu2qnNQDIzsHd/UXqr1vuxMRENI9ef0grlBibYTar3abwLRKQgc63WeVfVz wcqw== X-Forwarded-Encrypted: i=1; AJvYcCV3NtzDUCTcWw2b572YpptXeBaY+UIUoA/B37Jp7OJLYi4651Kh3WRxrbuYVlfh8vXwwEM=@vger.kernel.org X-Gm-Message-State: AOJu0YyHiEp6oS7bwjWeI2822/zYufM/5pOBjtAQGutIuZkgwORO3bmb 4eVIDk4Md9lTxOkXLu3uTl/mmp0EmrCaC5ilCBg4t2PfWwiT/O2OVi20 X-Gm-Gg: ATEYQzzw6ji9HHCVI6BUbyXUzYkg+oZkkhYi/vwreWwHU9xypBexL4CHLb7rguQcdB9 nTYp0ZB0cy1h7h2n/drDtVsxi7LF4V452jh5hYNaDq9Fa+nqbRYiORJa5aOeUfQCS+aEJ7+KqMC eBaXZeMmbwF1Pmpr7sFVDF27osz1tpu4sLLhxMfIvwp31u/YgNvhnj96a00ykXyfqDpReWNVEoz 91NrOjnUh8NImFjfnvwMXZhFJTmx3Vi6Sc2IgKQksd1azupMTogv7UT/18EPJeTmzU3hM8PvZpG sqcbCZQopJvOUeJ5spyf7fFuN09Rii0gqJhdcq2J29cay8Kdf80ZurV56l7TDJY1f+tyNfhARfB zG+BxQeJ0daanDA03v2MClQap11rGDmNuDpI3wVTrGEYM9/eDQ+D4Sn9rDWVrCuqgvl9aVQBqUV vChAPyctNBm0gbK3hR/ohZdnjjadKMxDrV28Pl9ppsQ/4SoCYPAeJx5/CldOZkcqQkPZ8SKGv6a j3BxNIFa3V8oKREXVE/lIvAfSbFHK0u X-Received: by 2002:a05:690c:dc4:b0:79a:2ef2:82a with SMTP id 00721157ae682-79a718c82b6mr50873677b3.20.1773868764218; Wed, 18 Mar 2026 14:19:24 -0700 (PDT) Received: from localhost ([2601:7c0:c37e:2360::f769]) by smtp.gmail.com with ESMTPSA id 00721157ae682-79a7136de7bsm24223777b3.2.2026.03.18.14.19.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 18 Mar 2026 14:19:23 -0700 (PDT) Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Wed, 18 Mar 2026 16:19:22 -0500 Message-Id: Cc: , , , , , , , , , Subject: Re: [PATCH] RISC-V: KVM: Fix out-of-bounds by 1 From: "Ethan Tidmore" To: "Ethan Tidmore" , X-Mailer: aerc 0.21.0-0-g5549850facc2 References: <20260228152226.2116895-1-ethantidmore06@gmail.com> In-Reply-To: <20260228152226.2116895-1-ethantidmore06@gmail.com> On Sat Feb 28, 2026 at 9:22 AM CST, Ethan Tidmore wrote: > The array kvpmu->pmc is defined as: > > struct kvm_pmc pmc[RISCV_KVM_MAX_COUNTERS]; > > So, accessing it with index RISCV_KVM_MAX_COUNTERS would be > out-of-bounds by 1. > > Change index check from > to >=3D. > > Detected by Smatch: > arch/riscv/kvm/vcpu_pmu.c:528 kvm_riscv_vcpu_pmu_ctr_info() error: > buffer overflow 'kvpmu->pmc' 64 <=3D 64 > > Fixes: 8f0153ecd3bf1 ("RISC-V: KVM: Add skeleton support for perf") > Signed-off-by: Ethan Tidmore > --- Friendly ping. Thanks, ET From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 71AAB107760E for ; Wed, 18 Mar 2026 21:19:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:References:To:From:Subject: Cc:Message-Id:Date:Mime-Version:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=bqyl4gqVG4cPivzAHf3eucLx/G5P/eeV5E8iSQtO/f4=; b=2uMxcerRgbN6m7 YI2yk/3PNZHz2wpk6L/ajfPazQzptgHnIFQVybxmJusFaE3At5nMKD8QsOao/hTup0fgPxPfcTUUt DQGibhw4P9Yz0MdhGW8frG+l4QCGMzNoFVL47CFeT7bpfagzkN5dh99fVTN64u1yOoNYdgi+Hot41 0h6ob1yVIZmgvR+aGhEr/FXoMWyGT7EqlPTCIyy1Rix7xAy88fm19jzXrHLfJ4VFMIqcvBKKko/ii EBDKeBYWaxTEhFgpPkYzvfbyGT8L/mZUbv9Nu4k+T4U/dcmxsUOzoG2FUj8gdNz1n1Zt5niudAsh2 bnbu6bvOlwvExkrpQ1mQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1w2yIa-00000009NDc-20Ka; Wed, 18 Mar 2026 21:19:28 +0000 Received: from mail-yw1-x1135.google.com ([2607:f8b0:4864:20::1135]) by bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux)) id 1w2yIY-00000009NCt-0HYv for linux-riscv@lists.infradead.org; Wed, 18 Mar 2026 21:19:27 +0000 Received: by mail-yw1-x1135.google.com with SMTP id 00721157ae682-799001d73bdso3422327b3.0 for ; Wed, 18 Mar 2026 14:19:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773868764; x=1774473564; darn=lists.infradead.org; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; b=DubDZY/87GoCPOJi0ahxlHKpbCVOFfdW5jWWi1itdhhC+tg2v/hfi+pbis7+07JcA+ SqjqjGsLxuCWeFhAY7PLyvB58F0Onz0cYaaAmzJFjQhWaXVK5y91HjLLV2Xf73aHuiX2 i7j6x0xlVZv/QdF0WrS8HIzfe+2GegWvSPeUsqDpEIK/vD3mwfdEWecXtHBylTt7HCy8 gs0xSUuiEi6KQXTnyL/vOoSHx2U1pQHazewRI7ijIZbu9dItNfCcWBO4qrrN1lDXJxnm peeULC+uNdLS+bUE9dfH84PRJwTff50auSfdP67zyI/b4eNO5ej1z8RKmNSD0/m1wfjv wOTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773868764; x=1774473564; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=s1Qp9lS9mJbsbw6BdqhHIoqJG66lBxCc3NYAKkS9f8Q=; b=syLNrKRw3HsKSjatGFCGHrPOzyIqm57DfnlzfSYP9gRLwNUmMEEDXJYBJ2OJ/Ht6Nb p6J6wjHjXwMO3trKOOLd7/Q/9cjGdhAJhLxlO/W019uVRpcY/xFPLy0tsV/sJQjhFm+m G6uWNGalAgG2/9Op5D9S5NqDzPBnx4ZLJRIcxpsArvWpMgxYMSJsW3iWUvgCso9jHWeX f/BiF5/ou0/G4lPCL+hxcUU2Job4KwclJj0225vW9nAnMyLFMQwc07IjsW7KvBrQKc76 Q2r6VZtht+LPqXoTYZ8XDR7FJ6hZ+la//XjINI9jKvbd8yKVq3cYM0FRNqvraPYwxJMB LxuQ== X-Forwarded-Encrypted: i=1; AJvYcCVrRfy24d7ePyO1vAOHtsHbzF7A8TFZkG8wcKWAi/z2TcMXRjyWRvx8gVWwV+kFHG4Hszq3j8Tf8Cs34w==@lists.infradead.org X-Gm-Message-State: AOJu0YyfiVJVSos+ehGSy+uFANyDnzRRdQ74ZgSV/yMKZvTJrIznEBeW XdKIav7FRNiwjy486ozqmo3RBTFpP+bbkUS5hx01mLvASyrJd4f4B6Qm X-Gm-Gg: ATEYQzxwZhf1yL3DkPH+qAyT17kiEOmKquqVE7qfCib7e8+j2hHAEa/VpiylrHMA8RS WBVTx7cZT+MWUJoRLqs7ILGZmK8rRem5XOVnfNK39ym87UA9djtFoBVKZIXAkow3MVgdN77Izqq gdN+wfH4oJgmE1t+t20oI5YYwRX/HcICa1oc6hbb1tdPMG5VozIiMpSQabHbt8pDrKvWDfLXIql ITBIsaHLqPhv2MFSm0cVuX+17RqZsqXgt57KGgPaUsGpL48QOSuAbsWbA+1g273jNLqLK6V5INh XSI8x3FDAdqI5gRbX9oRsB6IQWpJKzi9lBJfqzLk026z7CotXmxEme+3L0rt+sq+PffCEHo4iiG MDNk2llpXuuEKzPmRekBxhCrxg2nI2xLLO7VEs76XWZJ4cDRoLVYIOSn62zpLRNyiFjDs0s24sP fOkHmoVjv4cukfp+cc0OtUjUUaUaOs9kJTCW4cOfCe4H7aULAm8O213tgesfPxntM1X3Q1+RU+W Xm9JPHFq9Z2j9DvKQfqENJ88bu5O0Ht X-Received: by 2002:a05:690c:dc4:b0:79a:2ef2:82a with SMTP id 00721157ae682-79a718c82b6mr50873677b3.20.1773868764218; Wed, 18 Mar 2026 14:19:24 -0700 (PDT) Received: from localhost ([2601:7c0:c37e:2360::f769]) by smtp.gmail.com with ESMTPSA id 00721157ae682-79a7136de7bsm24223777b3.2.2026.03.18.14.19.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 18 Mar 2026 14:19:23 -0700 (PDT) Mime-Version: 1.0 Date: Wed, 18 Mar 2026 16:19:22 -0500 Message-Id: Cc: , , , , , , , , , Subject: Re: [PATCH] RISC-V: KVM: Fix out-of-bounds by 1 From: "Ethan Tidmore" To: "Ethan Tidmore" , X-Mailer: aerc 0.21.0-0-g5549850facc2 References: <20260228152226.2116895-1-ethantidmore06@gmail.com> In-Reply-To: <20260228152226.2116895-1-ethantidmore06@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20260318_141926_108922_B7E62888 X-CRM114-Status: UNSURE ( 8.13 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org On Sat Feb 28, 2026 at 9:22 AM CST, Ethan Tidmore wrote: > The array kvpmu->pmc is defined as: > > struct kvm_pmc pmc[RISCV_KVM_MAX_COUNTERS]; > > So, accessing it with index RISCV_KVM_MAX_COUNTERS would be > out-of-bounds by 1. > > Change index check from > to >=. > > Detected by Smatch: > arch/riscv/kvm/vcpu_pmu.c:528 kvm_riscv_vcpu_pmu_ctr_info() error: > buffer overflow 'kvpmu->pmc' 64 <= 64 > > Fixes: 8f0153ecd3bf1 ("RISC-V: KVM: Add skeleton support for perf") > Signed-off-by: Ethan Tidmore > --- Friendly ping. Thanks, ET _______________________________________________ linux-riscv mailing list linux-riscv@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-riscv