[PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning

linux-scsi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning
@ 2016-12-26 13:23 Nicolas Iooss
  2016-12-26 13:23 ` [PATCH 2/2] scsi: qla2xxx: make msix_entries const Nicolas Iooss
                   ` (4 more replies)
  0 siblings, 5 replies; 8+ messages in thread
From: Nicolas Iooss @ 2016-12-26 13:23 UTC (permalink / raw)
  To: qla2xxx-upstream, James E.J. Bottomley, Martin K. Petersen,
	linux-scsi
  Cc: linux-kernel, Nicolas Iooss

qla24xx_enable_msix() calls scnprintf() with a non-literal format
string. This makes clang report -Wformat-security warnings when
compiling this function:

    drivers/scsi/qla2xxx/qla_isr.c:3083:7: error: format string is not a
    string literal (potentially insecure) [-Werror,-Wformat-security]
                        msix_entries[i].name);
                        ^~~~~~~~~~~~~~~~~~~~
    drivers/scsi/qla2xxx/qla_isr.c:3083:7: note: treat the string as an
    argument to avoid this
                        msix_entries[i].name);
                        ^
                        "%s",
    drivers/scsi/qla2xxx/qla_isr.c:3119:7: error: format string is not a
    string literal (potentially insecure) [-Werror,-Wformat-security]
                        msix_entries[QLA_ATIO_VECTOR].name);
                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    drivers/scsi/qla2xxx/qla_isr.c:3119:7: note: treat the string as an
    argument to avoid this
                        msix_entries[QLA_ATIO_VECTOR].name);
                        ^
                        "%s",

Even though msix_entries[...].name are initialized as literal strings
with no % character and are never modified, introduce a "%s" format
parameter in order to silent this -Wformat-security warning and make
clang able to detect at compile time real bugs related to string
formatting.

Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
---
 drivers/scsi/qla2xxx/qla_isr.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c
index 5093ca9b02ec..474b415217df 100644
--- a/drivers/scsi/qla2xxx/qla_isr.c
+++ b/drivers/scsi/qla2xxx/qla_isr.c
@@ -3080,7 +3080,7 @@ qla24xx_enable_msix(struct qla_hw_data *ha, struct rsp_que *rsp)
 		qentry->handle = rsp;
 		rsp->msix = qentry;
 		scnprintf(qentry->name, sizeof(qentry->name),
-		    msix_entries[i].name);
+		    "%s", msix_entries[i].name);
 		if (IS_P3P_TYPE(ha))
 			ret = request_irq(qentry->vector,
 				qla82xx_msix_entries[i].handler,
@@ -3116,7 +3116,7 @@ qla24xx_enable_msix(struct qla_hw_data *ha, struct rsp_que *rsp)
 		rsp->msix = qentry;
 		qentry->handle = rsp;
 		scnprintf(qentry->name, sizeof(qentry->name),
-		    msix_entries[QLA_ATIO_VECTOR].name);
+		    "%s", msix_entries[QLA_ATIO_VECTOR].name);
 		qentry->in_use = 1;
 		ret = request_irq(qentry->vector,
 			msix_entries[QLA_ATIO_VECTOR].handler,
-- 
2.11.0

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH 2/2] scsi: qla2xxx: make msix_entries const
  2016-12-26 13:23 [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Nicolas Iooss
@ 2016-12-26 13:23 ` Nicolas Iooss
  2017-01-02  8:17   ` Bart Van Assche
  2017-01-06 17:06   ` Madhani, Himanshu
  2017-01-02  8:16 ` [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Bart Van Assche
                   ` (3 subsequent siblings)
  4 siblings, 2 replies; 8+ messages in thread
From: Nicolas Iooss @ 2016-12-26 13:23 UTC (permalink / raw)
  To: qla2xxx-upstream, James E.J. Bottomley, Martin K. Petersen,
	linux-scsi
  Cc: linux-kernel, Nicolas Iooss

msix_entries and qla82xx_msix_entries arrays are never modified in
drivers/scsi/qla2xxx/qla_isr.c. Move their contents to read-only data.

Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
---
 drivers/scsi/qla2xxx/qla_isr.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c
index 474b415217df..b9c113e47346 100644
--- a/drivers/scsi/qla2xxx/qla_isr.c
+++ b/drivers/scsi/qla2xxx/qla_isr.c
@@ -3003,14 +3003,14 @@ struct qla_init_msix_entry {
 	irq_handler_t handler;
 };
 
-static struct qla_init_msix_entry msix_entries[] = {
+static const struct qla_init_msix_entry msix_entries[] = {
 	{ "qla2xxx (default)", qla24xx_msix_default },
 	{ "qla2xxx (rsp_q)", qla24xx_msix_rsp_q },
 	{ "qla2xxx (atio_q)", qla83xx_msix_atio_q },
 	{ "qla2xxx (qpair_multiq)", qla2xxx_msix_rsp_q },
 };
 
-static struct qla_init_msix_entry qla82xx_msix_entries[] = {
+static const struct qla_init_msix_entry qla82xx_msix_entries[] = {
 	{ "qla2xxx (default)", qla82xx_msix_default },
 	{ "qla2xxx (rsp_q)", qla82xx_msix_rsp_q },
 };
@@ -3284,7 +3284,7 @@ qla2x00_free_irqs(scsi_qla_host_t *vha)
 int qla25xx_request_irq(struct qla_hw_data *ha, struct qla_qpair *qpair,
 	struct qla_msix_entry *msix, int vector_type)
 {
-	struct qla_init_msix_entry *intr = &msix_entries[vector_type];
+	const struct qla_init_msix_entry *intr = &msix_entries[vector_type];
 	scsi_qla_host_t *vha = pci_get_drvdata(ha->pdev);
 	int ret;
 
-- 
2.11.0

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* Re: [PATCH 2/2] scsi: qla2xxx: make msix_entries const
  2016-12-26 13:23 ` [PATCH 2/2] scsi: qla2xxx: make msix_entries const Nicolas Iooss
@ 2017-01-02  8:17   ` Bart Van Assche
  2017-01-06 17:06   ` Madhani, Himanshu
  1 sibling, 0 replies; 8+ messages in thread
From: Bart Van Assche @ 2017-01-02  8:17 UTC (permalink / raw)
  To: jejb@linux.vnet.ibm.com, linux-scsi@vger.kernel.org,
	nicolas.iooss_linux@m4x.org, qla2xxx-upstream@qlogic.com,
	martin.petersen@oracle.com
  Cc: linux-kernel@vger.kernel.org

On Mon, 2016-12-26 at 14:23 +0100, Nicolas Iooss wrote:
> msix_entries and qla82xx_msix_entries arrays are never modified in
> drivers/scsi/qla2xxx/qla_isr.c. Move their contents to read-only data.

Reviewed-by: Bart Van Assche <bart.vanassche@sandisk.com>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 2/2] scsi: qla2xxx: make msix_entries const
  2016-12-26 13:23 ` [PATCH 2/2] scsi: qla2xxx: make msix_entries const Nicolas Iooss
  2017-01-02  8:17   ` Bart Van Assche
@ 2017-01-06 17:06   ` Madhani, Himanshu
  1 sibling, 0 replies; 8+ messages in thread
From: Madhani, Himanshu @ 2017-01-06 17:06 UTC (permalink / raw)
  To: Nicolas Iooss, qla2xxx-upstream@qlogic.com, James E.J. Bottomley,
	Martin K. Petersen, linux-scsi@vger.kernel.org
  Cc: linux-kernel@vger.kernel.org



On 12/26/16, 5:23 AM, "Nicolas Iooss" <nicolas.iooss_linux@m4x.org> wrote:

>msix_entries and qla82xx_msix_entries arrays are never modified in
>drivers/scsi/qla2xxx/qla_isr.c. Move their contents to read-only data.
>
>Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
>---
> drivers/scsi/qla2xxx/qla_isr.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
>diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c
>index 474b415217df..b9c113e47346 100644
>--- a/drivers/scsi/qla2xxx/qla_isr.c
>+++ b/drivers/scsi/qla2xxx/qla_isr.c
>@@ -3003,14 +3003,14 @@ struct qla_init_msix_entry {
> 	irq_handler_t handler;
> };
> 
>-static struct qla_init_msix_entry msix_entries[] = {
>+static const struct qla_init_msix_entry msix_entries[] = {
> 	{ "qla2xxx (default)", qla24xx_msix_default },
> 	{ "qla2xxx (rsp_q)", qla24xx_msix_rsp_q },
> 	{ "qla2xxx (atio_q)", qla83xx_msix_atio_q },
> 	{ "qla2xxx (qpair_multiq)", qla2xxx_msix_rsp_q },
> };
> 
>-static struct qla_init_msix_entry qla82xx_msix_entries[] = {
>+static const struct qla_init_msix_entry qla82xx_msix_entries[] = {
> 	{ "qla2xxx (default)", qla82xx_msix_default },
> 	{ "qla2xxx (rsp_q)", qla82xx_msix_rsp_q },
> };
>@@ -3284,7 +3284,7 @@ qla2x00_free_irqs(scsi_qla_host_t *vha)
> int qla25xx_request_irq(struct qla_hw_data *ha, struct qla_qpair *qpair,
> 	struct qla_msix_entry *msix, int vector_type)
> {
>-	struct qla_init_msix_entry *intr = &msix_entries[vector_type];
>+	const struct qla_init_msix_entry *intr = &msix_entries[vector_type];
> 	scsi_qla_host_t *vha = pci_get_drvdata(ha->pdev);
> 	int ret;
> 
>-- 
>2.11.0
>

Looks Good. 

Acked-By: Himanshu Madhani <himanshu.madhani@cavium.com>

>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning
  2016-12-26 13:23 [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Nicolas Iooss
  2016-12-26 13:23 ` [PATCH 2/2] scsi: qla2xxx: make msix_entries const Nicolas Iooss
@ 2017-01-02  8:16 ` Bart Van Assche
  2017-01-06  1:51 ` Martin K. Petersen
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 8+ messages in thread
From: Bart Van Assche @ 2017-01-02  8:16 UTC (permalink / raw)
  To: jejb@linux.vnet.ibm.com, linux-scsi@vger.kernel.org,
	nicolas.iooss_linux@m4x.org, qla2xxx-upstream@qlogic.com,
	martin.petersen@oracle.com
  Cc: linux-kernel@vger.kernel.org

On Mon, 2016-12-26 at 14:23 +0100, Nicolas Iooss wrote:
> Even though msix_entries[...].name are initialized as literal strings
> with no % character and are never modified, introduce a "%s" format
> parameter in order to silent this -Wformat-security warning and make
> clang able to detect at compile time real bugs related to string
> formatting.

Reviewed-by: Bart Van Assche <bart.vanassche@sandisk.com>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning
  2016-12-26 13:23 [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Nicolas Iooss
  2016-12-26 13:23 ` [PATCH 2/2] scsi: qla2xxx: make msix_entries const Nicolas Iooss
  2017-01-02  8:16 ` [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Bart Van Assche
@ 2017-01-06  1:51 ` Martin K. Petersen
  2017-01-06 17:02 ` Madhani, Himanshu
  2017-01-10  4:21 ` Martin K. Petersen
  4 siblings, 0 replies; 8+ messages in thread
From: Martin K. Petersen @ 2017-01-06  1:51 UTC (permalink / raw)
  To: Nicolas Iooss
  Cc: qla2xxx-upstream, James E.J. Bottomley, Martin K. Petersen,
	linux-scsi, linux-kernel, Himanshu Madhani

>>>>> "Nicolas" == Nicolas Iooss <nicolas.iooss_linux@m4x.org> writes:

Nicolas> qla24xx_enable_msix() calls scnprintf() with a non-literal
Nicolas> format string. This makes clang report -Wformat-security
Nicolas> warnings when compiling this function:

Himanshu: Please review these two patches!

-- 
Martin K. Petersen	Oracle Linux Engineering

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning
  2016-12-26 13:23 [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Nicolas Iooss
                   ` (2 preceding siblings ...)
  2017-01-06  1:51 ` Martin K. Petersen
@ 2017-01-06 17:02 ` Madhani, Himanshu
  2017-01-10  4:21 ` Martin K. Petersen
  4 siblings, 0 replies; 8+ messages in thread
From: Madhani, Himanshu @ 2017-01-06 17:02 UTC (permalink / raw)
  To: Nicolas Iooss, qla2xxx-upstream@qlogic.com, James E.J. Bottomley,
	Martin K. Petersen, linux-scsi@vger.kernel.org
  Cc: linux-kernel@vger.kernel.org



On 12/26/16, 5:23 AM, "Nicolas Iooss" <nicolas.iooss_linux@m4x.org> wrote:

>qla24xx_enable_msix() calls scnprintf() with a non-literal format
>string. This makes clang report -Wformat-security warnings when
>compiling this function:
>
>    drivers/scsi/qla2xxx/qla_isr.c:3083:7: error: format string is not a
>    string literal (potentially insecure) [-Werror,-Wformat-security]
>                        msix_entries[i].name);
>                        ^~~~~~~~~~~~~~~~~~~~
>    drivers/scsi/qla2xxx/qla_isr.c:3083:7: note: treat the string as an
>    argument to avoid this
>                        msix_entries[i].name);
>                        ^
>                        "%s",
>    drivers/scsi/qla2xxx/qla_isr.c:3119:7: error: format string is not a
>    string literal (potentially insecure) [-Werror,-Wformat-security]
>                        msix_entries[QLA_ATIO_VECTOR].name);
>                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>    drivers/scsi/qla2xxx/qla_isr.c:3119:7: note: treat the string as an
>    argument to avoid this
>                        msix_entries[QLA_ATIO_VECTOR].name);
>                        ^
>                        "%s",
>
>Even though msix_entries[...].name are initialized as literal strings
>with no % character and are never modified, introduce a "%s" format
>parameter in order to silent this -Wformat-security warning and make
>clang able to detect at compile time real bugs related to string
>formatting.
>
>Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
>---
> drivers/scsi/qla2xxx/qla_isr.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c
>index 5093ca9b02ec..474b415217df 100644
>--- a/drivers/scsi/qla2xxx/qla_isr.c
>+++ b/drivers/scsi/qla2xxx/qla_isr.c
>@@ -3080,7 +3080,7 @@ qla24xx_enable_msix(struct qla_hw_data *ha, struct rsp_que *rsp)
> 		qentry->handle = rsp;
> 		rsp->msix = qentry;
> 		scnprintf(qentry->name, sizeof(qentry->name),
>-		    msix_entries[i].name);
>+		    "%s", msix_entries[i].name);
> 		if (IS_P3P_TYPE(ha))
> 			ret = request_irq(qentry->vector,
> 				qla82xx_msix_entries[i].handler,
>@@ -3116,7 +3116,7 @@ qla24xx_enable_msix(struct qla_hw_data *ha, struct rsp_que *rsp)
> 		rsp->msix = qentry;
> 		qentry->handle = rsp;
> 		scnprintf(qentry->name, sizeof(qentry->name),
>-		    msix_entries[QLA_ATIO_VECTOR].name);
>+		    "%s", msix_entries[QLA_ATIO_VECTOR].name);
> 		qentry->in_use = 1;
> 		ret = request_irq(qentry->vector,
> 			msix_entries[QLA_ATIO_VECTOR].handler,
>-- 
>2.11.0
>
Looks Good. 

Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>

>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning
  2016-12-26 13:23 [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Nicolas Iooss
                   ` (3 preceding siblings ...)
  2017-01-06 17:02 ` Madhani, Himanshu
@ 2017-01-10  4:21 ` Martin K. Petersen
  4 siblings, 0 replies; 8+ messages in thread
From: Martin K. Petersen @ 2017-01-10  4:21 UTC (permalink / raw)
  To: Nicolas Iooss
  Cc: qla2xxx-upstream, James E.J. Bottomley, Martin K. Petersen,
	linux-scsi, linux-kernel

>>>>> "Nicolas" == Nicolas Iooss <nicolas.iooss_linux@m4x.org> writes:

Nicolas> qla24xx_enable_msix() calls scnprintf() with a non-literal
Nicolas> format string. This makes clang report -Wformat-security
Nicolas> warnings when compiling this function:

Applied 1+2 to 4.11/scsi-queue.

-- 
Martin K. Petersen	Oracle Linux Engineering

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2017-01-10  4:21 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-12-26 13:23 [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Nicolas Iooss
2016-12-26 13:23 ` [PATCH 2/2] scsi: qla2xxx: make msix_entries const Nicolas Iooss
2017-01-02  8:17   ` Bart Van Assche
2017-01-06 17:06   ` Madhani, Himanshu
2017-01-02  8:16 ` [PATCH 1/2] scsi: qla2xxx: silent -Wformat-security warning Bart Van Assche
2017-01-06  1:51 ` Martin K. Petersen
2017-01-06 17:02 ` Madhani, Himanshu
2017-01-10  4:21 ` Martin K. Petersen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).