From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0778B43AAA for ; Wed, 15 Nov 2023 20:45:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="clRhqGhC" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 53C4DC433CA; Wed, 15 Nov 2023 20:45:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1700081103; bh=aLmioOoyJo3/NmS8cW9d2WAqQA7ViVnuRPX/qYOhXH8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=clRhqGhCaquzY9tT/gYI5S4Gt30JVDTj8HGhVqMagz2RTgs97k9crgsVne1eB1E8R HVR3jvE2IRUHyf+3HgN4lGhNLKck5j1xr//5ULXOk2X4vuaphGjW93pdvj72oM521X JrWySXAVSJ231rr2uvidCbWxND+7AugdeGDX6l+Q= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Ard Biesheuvel , Linus Walleij , Kursad Oney , "Russell King (Oracle)" , Sasha Levin Subject: [PATCH 4.19 40/88] ARM: 9321/1: memset: cast the constant byte to unsigned char Date: Wed, 15 Nov 2023 15:35:52 -0500 Message-ID: <20231115191428.600906647@linuxfoundation.org> X-Mailer: git-send-email 2.42.1 In-Reply-To: <20231115191426.221330369@linuxfoundation.org> References: <20231115191426.221330369@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Kursad Oney [ Upstream commit c0e824661f443b8cab3897006c1bbc69fd0e7bc4 ] memset() description in ISO/IEC 9899:1999 (and elsewhere) says: The memset function copies the value of c (converted to an unsigned char) into each of the first n characters of the object pointed to by s. The kernel's arm32 memset does not cast c to unsigned char. This results in the following code to produce erroneous output: char a[128]; memset(a, -128, sizeof(a)); This is because gcc will generally emit the following code before it calls memset() : mov r0, r7 mvn r1, #127 ; 0x7f bl 00000000 r1 ends up with 0xffffff80 before being used by memset() and the 'a' array will have -128 once in every four bytes while the other bytes will be set incorrectly to -1 like this (printing the first 8 bytes) : test_module: -128 -1 -1 -1 test_module: -1 -1 -1 -128 The change here is to 'and' r1 with 255 before it is used. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reviewed-by: Ard Biesheuvel Reviewed-by: Linus Walleij Signed-off-by: Kursad Oney Signed-off-by: Russell King (Oracle) Signed-off-by: Sasha Levin --- arch/arm/lib/memset.S | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/lib/memset.S b/arch/arm/lib/memset.S index ed6d35d9cdb5a..a68688f3f3b3d 100644 --- a/arch/arm/lib/memset.S +++ b/arch/arm/lib/memset.S @@ -19,6 +19,7 @@ ENTRY(mmioset) ENTRY(memset) UNWIND( .fnstart ) + and r1, r1, #255 @ cast to unsigned char ands r3, r0, #3 @ 1 unaligned? mov ip, r0 @ preserve r0 as return value bne 6f @ 1 -- 2.42.0