From: Peter Maydell <peter.maydell@linaro.org>
To: Stefan Berger <stefanb@linux.ibm.com>
Cc: qemu-devel@nongnu.org, Stefan Berger <stefanb@linux.vnet.ibm.com>
Subject: Re: [PATCH] hw/tpm/tpm_tis_common.c: Assert that locty is in range
Date: Wed, 18 May 2022 17:45:42 +0100 [thread overview]
Message-ID: <CAFEAcA8_3VC5P3dMO-i0jm4NCfkLJUBP8y1PX=XUbVGFmwsbig@mail.gmail.com> (raw)
In-Reply-To: <d12b05bd-6bbe-b5a5-1801-540e5d0d63d8@linux.ibm.com>
On Wed, 18 May 2022 at 14:46, Stefan Berger <stefanb@linux.ibm.com> wrote:
>
>
>
> On 5/13/22 12:38, Peter Maydell wrote:
> > In tpm_tis_mmio_read(), tpm_tis_mmio_write() and
> > tpm_tis_dump_state(), we calculate a locality index with
> > tpm_tis_locality_from_addr() and then use it as an index into the
> > s->loc[] array. In all these cases, the array index can't overflow
> > because the MemoryRegion is sized to be TPM_TIS_NUM_LOCALITIES <<
> > TPM_TIS_LOCALITY_SHIFT bytes. However, Coverity can't see that, and
> > it complains (CID 1487138, 1487180, 1487188, 1487198, 1487240).
>
> All 3 of your fixes below are after the 3 existing calls to
> tpm_tis_locality_from_addr(). Would Coverity be happy if we were to move
> the asserts into that one function? I am fine with this patch, though.
Yes, I think Coverity would be happy either way. There's not
a lot in it, but I picked this way round because in theory one
might want in a hypothetical future situation to have a different
kind of error checking for a callsite that did an address-to-locality
lookup: it's not inherently of itself never possible it can fail.
thanks
-- PMM
prev parent reply other threads:[~2022-05-18 16:47 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-13 16:38 [PATCH] hw/tpm/tpm_tis_common.c: Assert that locty is in range Peter Maydell
2022-05-13 16:55 ` Philippe Mathieu-Daudé via
2022-05-18 13:46 ` Stefan Berger
2022-05-18 16:45 ` Peter Maydell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA8_3VC5P3dMO-i0jm4NCfkLJUBP8y1PX=XUbVGFmwsbig@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanb@linux.ibm.com \
--cc=stefanb@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).