[PATCH] powerpc/signal32: Use struct_group() to zero spe regs

Michael Ellerman mpe at ellerman.id.au
Mon Nov 22 16:43:36 AEDT 2021


LEROY Christophe <christophe.leroy at csgroup.eu> writes:
> Le 18/11/2021 à 21:36, Kees Cook a écrit :
>> In preparation for FORTIFY_SOURCE performing compile-time and run-time
>> field bounds checking for memset(), avoid intentionally writing across
>> neighboring fields.
>> 
>> Add a struct_group() for the spe registers so that memset() can correctly reason
>> about the size:
>> 
>>     In function 'fortify_memset_chk',
>>         inlined from 'restore_user_regs.part.0' at arch/powerpc/kernel/signal_32.c:539:3:
>>     >> include/linux/fortify-string.h:195:4: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
>>       195 |    __write_overflow_field();
>>           |    ^~~~~~~~~~~~~~~~~~~~~~~~
>> 
>> Reported-by: kernel test robot <lkp at intel.com>
>> Signed-off-by: Kees Cook <keescook at chromium.org>
>
> Reviewed-by: Christophe Leroy <christophe.leroy at csgroup.eu>

Acked-by: Michael Ellerman <mpe at ellerman.id.au>

> However, is it really worth adding that grouping ? Wouldn't it be 
> cleaner to handle evr[] and acc separately ? Now that we are using 
> unsafe variants of get/put user performance wouldn't be impacted.

Yeah I agree we should be able to do less of these multi-field copies
now that we have unsafe get/put user.

But I think that's an issue for another patch, Kees' patch is an
improvement, even if the code could be improved further in future.

Though TBH I'm not sure what the future of SPE support is. Both GCC and
glibc have dropped support for it, more than 2 years ago, so it's not
clear to me if we should continue to support it in the kernel much
longer.

cheers


More information about the Linuxppc-dev mailing list