From: Kees Cook <keescook@chromium.org>
To: "Christian König" <christian.koenig@amd.com>
Cc: "Christian König" <ckoenig.leichtzumerken@gmail.com>,
"Alex Deucher" <alexdeucher@gmail.com>,
"David Airlie" <airlied@gmail.com>,
"Pan, Xinhui" <Xinhui.Pan@amd.com>,
"Karol Herbst" <kherbst@redhat.com>, "Tom Rix" <trix@redhat.com>,
"Joonas Lahtinen" <joonas.lahtinen@linux.intel.com>,
dri-devel@lists.freedesktop.org,
"Chris Wilson" <chris@chris-wilson.co.uk>,
"Prike Liang" <Prike.Liang@amd.com>,
"Huang Rui" <ray.huang@amd.com>,
"Gerd Hoffmann" <kraxel@redhat.com>,
"Andrzej Hajda" <andrzej.hajda@intel.com>,
"Marijn Suijten" <marijn.suijten@somainline.org>,
"Matthew Brost" <matthew.brost@intel.com>,
"Evan Quan" <evan.quan@amd.com>, "Emma Anholt" <emma@anholt.net>,
amd-gfx@lists.freedesktop.org,
"Kuogee Hsieh" <quic_khsieh@quicinc.com>,
"Lijo Lazar" <lijo.lazar@amd.com>,
"VMware Graphics Reviewers"
<linux-graphics-maintainer@vmware.com>,
"Ben Skeggs" <bskeggs@redhat.com>,
"Andi Shyti" <andi.shyti@linux.intel.com>,
nouveau@lists.freedesktop.org,
"David Airlie" <airlied@redhat.com>,
"Dmitry Baryshkov" <dmitry.baryshkov@linaro.org>,
"Chia-I Wu" <olvaffe@gmail.com>,
llvm@lists.linux.dev, "Yifan Zhang" <yifan1.zhang@amd.com>,
linux-arm-msm@vger.kernel.org, intel-gfx@lists.freedesktop.org,
"Kevin Wang" <kevin1.wang@amd.com>,
"Abhinav Kumar" <quic_abhinavk@quicinc.com>,
"Jani Nikula" <jani.nikula@linux.intel.com>,
"Tvrtko Ursulin" <tvrtko.ursulin@linux.intel.com>,
"Nathan Chancellor" <nathan@kernel.org>, "Le Ma" <le.ma@amd.com>,
"Gurchetan Singh" <gurchetansingh@chromium.org>,
"Maxime Ripard" <mripard@kernel.org>,
"Rodrigo Vivi" <rodrigo.vivi@intel.com>,
virtualization@lists.linux-foundation.org,
"Sean Paul" <sean@poorly.run>,
"Neil Armstrong" <neil.armstrong@linaro.org>,
"Xiaojian Du" <Xiaojian.Du@amd.com>, "Lang Yu" <Lang.Yu@amd.com>,
"Bjorn Andersson" <andersson@kernel.org>,
"Tejas Upadhyay" <tejas.upadhyay@intel.com>,
"Nick Desaulniers" <ndesaulniers@google.com>,
linux-kernel@vger.kernel.org,
"Hawking Zhang" <Hawking.Zhang@amd.com>,
"Rob Clark" <robdclark@gmail.com>,
"Melissa Wen" <mwen@igalia.com>,
"John Harrison" <john.c.harrison@intel.com>,
"Daniel Vetter" <daniel@ffwll.ch>,
"Alex Deucher" <alexander.deucher@amd.com>,
"Nirmoy Das" <nirmoy.das@intel.com>,
freedreno@lists.freedesktop.org, "Zack Rusin" <zackr@vmware.com>,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH 0/9] drm: Annotate structs with __counted_by
Date: Mon, 2 Oct 2023 11:22:22 -0700 [thread overview]
Message-ID: <202310021122.B6DA850FB0@keescook> (raw)
In-Reply-To: <0be2dfa4-b6c1-f62a-66e1-615da7aa3c76@amd.com>
On Mon, Oct 02, 2023 at 08:11:41PM +0200, Christian König wrote:
> Am 02.10.23 um 20:08 schrieb Kees Cook:
> > On Mon, Oct 02, 2023 at 08:01:57PM +0200, Christian König wrote:
> > > Am 02.10.23 um 18:53 schrieb Kees Cook:
> > > > On Mon, Oct 02, 2023 at 11:06:19AM -0400, Alex Deucher wrote:
> > > > > On Mon, Oct 2, 2023 at 5:20 AM Christian König
> > > > > <ckoenig.leichtzumerken@gmail.com> wrote:
> > > > > > Am 29.09.23 um 21:33 schrieb Kees Cook:
> > > > > > > On Fri, 22 Sep 2023 10:32:05 -0700, Kees Cook wrote:
> > > > > > > > This is a batch of patches touching drm for preparing for the coming
> > > > > > > > implementation by GCC and Clang of the __counted_by attribute. Flexible
> > > > > > > > array members annotated with __counted_by can have their accesses
> > > > > > > > bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS (for array
> > > > > > > > indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family functions).
> > > > > > > >
> > > > > > > > As found with Coccinelle[1], add __counted_by to structs that would
> > > > > > > > benefit from the annotation.
> > > > > > > >
> > > > > > > > [...]
> > > > > > > Since this got Acks, I figure I should carry it in my tree. Let me know
> > > > > > > if this should go via drm instead.
> > > > > > >
> > > > > > > Applied to for-next/hardening, thanks!
> > > > > > >
> > > > > > > [1/9] drm/amd/pm: Annotate struct smu10_voltage_dependency_table with __counted_by
> > > > > > > https://git.kernel.org/kees/c/a6046ac659d6
> > > > > > STOP! In a follow up discussion Alex and I figured out that this won't work.
> > > > I'm so confused; from the discussion I saw that Alex said both instances
> > > > were false positives?
> > > >
> > > > > > The value in the structure is byte swapped based on some firmware
> > > > > > endianness which not necessary matches the CPU endianness.
> > > > > SMU10 is APU only so the endianess of the SMU firmware and the CPU
> > > > > will always match.
> > > > Which I think is what is being said here?
> > > >
> > > > > > Please revert that one from going upstream if it's already on it's way.
> > > > > >
> > > > > > And because of those reasons I strongly think that patches like this
> > > > > > should go through the DRM tree :)
> > > > Sure, that's fine -- please let me know. It was others Acked/etc. Who
> > > > should carry these patches?
> > > Probably best if the relevant maintainer pick them up individually.
> > >
> > > Some of those structures are filled in by firmware/hardware and only the
> > > maintainers can judge if that value actually matches what the compiler
> > > needs.
> > >
> > > We have cases where individual bits are used as flags or when the size is
> > > byte swapped etc...
> > >
> > > Even Alex and I didn't immediately say how and where that field is actually
> > > used and had to dig that up. That's where the confusion came from.
> > Okay, I've dropped them all from my tree. Several had Acks/Reviews, so
> > hopefully those can get picked up for the DRM tree?
>
> I will pick those up to go through drm-misc-next.
>
> Going to ping maintainers once more when I'm not sure if stuff is correct or
> not.
Sounds great; thanks!
-Kees
--
Kees Cook
next prev parent reply other threads:[~2023-10-02 18:22 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-22 17:32 [PATCH 0/9] drm: Annotate structs with __counted_by Kees Cook
2023-09-22 17:32 ` [PATCH 1/9] drm/amd/pm: Annotate struct smu10_voltage_dependency_table " Kees Cook
2023-09-22 17:41 ` Alex Deucher
2023-09-25 6:30 ` Christian König
2023-09-25 14:07 ` Alex Deucher
2023-09-25 14:14 ` Alex Deucher
2023-09-25 17:52 ` Kees Cook
2023-09-25 17:56 ` Alex Deucher
2023-09-23 2:13 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 2/9] drm/amdgpu/discovery: Annotate struct ip_hw_instance " Kees Cook
2023-09-22 17:42 ` Alex Deucher
2023-09-23 2:14 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 3/9] drm/i915/selftests: Annotate struct perf_series " Kees Cook
2023-09-23 2:14 ` Gustavo A. R. Silva
2023-09-25 10:08 ` Andrzej Hajda
2023-09-25 17:50 ` Kees Cook
2023-09-25 12:20 ` Andi Shyti
2023-09-22 17:32 ` [PATCH 4/9] drm/msm/dpu: Annotate struct dpu_hw_intr " Kees Cook
2023-09-23 2:15 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 5/9] drm/nouveau/pm: Annotate struct nvkm_perfdom " Kees Cook
2023-09-22 19:00 ` Lyude Paul
2023-09-23 2:15 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 6/9] drm/vc4: Annotate struct vc4_perfmon " Kees Cook
2023-09-23 2:16 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 7/9] drm/virtio: Annotate struct virtio_gpu_object_array " Kees Cook
2023-09-23 2:36 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 8/9] drm/vmwgfx: Annotate struct vmw_surface_dirty " Kees Cook
2023-09-22 21:50 ` Zack Rusin
2023-09-23 2:37 ` Gustavo A. R. Silva
2023-09-22 17:32 ` [PATCH 9/9] drm/v3d: Annotate struct v3d_perfmon " Kees Cook
2023-09-28 15:16 ` Maira Canal
2023-09-29 19:33 ` [PATCH 0/9] drm: Annotate structs " Kees Cook
2023-10-02 9:20 ` Christian König
2023-10-02 15:06 ` Alex Deucher
2023-10-02 16:53 ` Kees Cook
2023-10-02 18:01 ` Christian König
2023-10-02 18:08 ` Kees Cook
2023-10-02 18:11 ` Christian König
2023-10-02 18:22 ` Kees Cook [this message]
2023-10-05 9:42 ` Christian König
2023-10-05 16:16 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202310021122.B6DA850FB0@keescook \
--to=keescook@chromium.org \
--cc=Hawking.Zhang@amd.com \
--cc=Lang.Yu@amd.com \
--cc=Prike.Liang@amd.com \
--cc=Xiaojian.Du@amd.com \
--cc=Xinhui.Pan@amd.com \
--cc=airlied@gmail.com \
--cc=airlied@redhat.com \
--cc=alexander.deucher@amd.com \
--cc=alexdeucher@gmail.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=andersson@kernel.org \
--cc=andi.shyti@linux.intel.com \
--cc=andrzej.hajda@intel.com \
--cc=bskeggs@redhat.com \
--cc=chris@chris-wilson.co.uk \
--cc=christian.koenig@amd.com \
--cc=ckoenig.leichtzumerken@gmail.com \
--cc=daniel@ffwll.ch \
--cc=dmitry.baryshkov@linaro.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=emma@anholt.net \
--cc=evan.quan@amd.com \
--cc=freedreno@lists.freedesktop.org \
--cc=gurchetansingh@chromium.org \
--cc=intel-gfx@lists.freedesktop.org \
--cc=jani.nikula@linux.intel.com \
--cc=john.c.harrison@intel.com \
--cc=joonas.lahtinen@linux.intel.com \
--cc=kevin1.wang@amd.com \
--cc=kherbst@redhat.com \
--cc=kraxel@redhat.com \
--cc=le.ma@amd.com \
--cc=lijo.lazar@amd.com \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-graphics-maintainer@vmware.com \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=marijn.suijten@somainline.org \
--cc=matthew.brost@intel.com \
--cc=mripard@kernel.org \
--cc=mwen@igalia.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=neil.armstrong@linaro.org \
--cc=nirmoy.das@intel.com \
--cc=nouveau@lists.freedesktop.org \
--cc=olvaffe@gmail.com \
--cc=quic_abhinavk@quicinc.com \
--cc=quic_khsieh@quicinc.com \
--cc=ray.huang@amd.com \
--cc=robdclark@gmail.com \
--cc=rodrigo.vivi@intel.com \
--cc=sean@poorly.run \
--cc=tejas.upadhyay@intel.com \
--cc=trix@redhat.com \
--cc=tvrtko.ursulin@linux.intel.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=yifan1.zhang@amd.com \
--cc=zackr@vmware.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).