Patch "sparc: avoid stringop-overread errors" has been added to the 5.4-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Mon, 27 Sep 2021 01:05:11 -0400

This is a note to let you know that I've just added the patch titled

    sparc: avoid stringop-overread errors

to the 5.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     sparc-avoid-stringop-overread-errors.patch
and it can be found in the queue-5.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 6ce53f7562a377e4cb151add6b6133ecdeb985c1
Author: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Date:   Mon Sep 6 16:06:04 2021 -0700

    sparc: avoid stringop-overread errors
    
    [ Upstream commit fc7c028dcdbfe981bca75d2a7b95f363eb691ef3 ]
    
    The sparc mdesc code does pointer games with 'struct mdesc_hdr', but
    didn't describe to the compiler how that header is then followed by the
    data that the header describes.
    
    As a result, gcc is now unhappy since it does stricter pointer range
    tracking, and doesn't understand about how these things work.  This
    results in various errors like:
    
        arch/sparc/kernel/mdesc.c: In function ‘mdesc_node_by_name’:
        arch/sparc/kernel/mdesc.c:647:22: error: ‘strcmp’ reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
          647 |                 if (!strcmp(names + ep[ret].name_offset, name))
              |                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
    which are easily avoided by just describing 'struct mdesc_hdr' better,
    and making the node_block() helper function look into that unsized
    data[] that follows the header.
    
    This makes the sparc64 build happy again at least for my cross-compiler
    version (gcc version 11.2.1).
    
    Link: https://lore.kernel.org/lkml/CAHk-=wi4NW3NC0xWykkw=6LnjQD6D_rtRtxY9g8gQAJXtQMi8A@xxxxxxxxxxxxxx/
    Cc: Guenter Roeck <linux@xxxxxxxxxxxx>
    Cc: David S. Miller <davem@xxxxxxxxxxxxx>
    Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/arch/sparc/kernel/mdesc.c b/arch/sparc/kernel/mdesc.c
index 8e645ddac58e..30f171b7b00c 100644
--- a/arch/sparc/kernel/mdesc.c
+++ b/arch/sparc/kernel/mdesc.c
@@ -39,6 +39,7 @@ struct mdesc_hdr {
 	u32	node_sz; /* node block size */
 	u32	name_sz; /* name block size */
 	u32	data_sz; /* data block size */
+	char	data[];
 } __attribute__((aligned(16)));
 
 struct mdesc_elem {
@@ -612,7 +613,7 @@ EXPORT_SYMBOL(mdesc_get_node_info);
 
 static struct mdesc_elem *node_block(struct mdesc_hdr *mdesc)
 {
-	return (struct mdesc_elem *) (mdesc + 1);
+	return (struct mdesc_elem *) mdesc->data;
 }
 
 static void *name_block(struct mdesc_hdr *mdesc)






