From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6963BA00C2 for ; Tue, 14 Jun 2022 11:22:42 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8F1FD4067C; Tue, 14 Jun 2022 11:22:41 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 934E44067C for ; Tue, 14 Jun 2022 11:22:39 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1655198558; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=O+ozC8sTa7ZQTft5O0MYcZzWgzIL02VvGp0J3mtJ384=; b=NfgLqnjUvR4C99pjQKProUXRA1w21WnbWoxqSvXrWgcL91Fzrl9ln+8+To6WQNm7QFHmuE BpPyQVSL6sYHYMXuAwpovvgTyssxHbNOmNUsN3nmWg7XOcUZ7pjtLcv+TDs+SkoAjpJ/7z oy+8fZz/IAar+4uRu6rNCcXCqKNae6I= Received: from mail-lj1-f200.google.com (mail-lj1-f200.google.com [209.85.208.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-669-2cDKpbGlMU6rZZXrASTNSw-1; Tue, 14 Jun 2022 05:22:37 -0400 X-MC-Unique: 2cDKpbGlMU6rZZXrASTNSw-1 Received: by mail-lj1-f200.google.com with SMTP id n11-20020a2ebd0b000000b0025567eefd27so1126545ljq.22 for ; Tue, 14 Jun 2022 02:22:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=O+ozC8sTa7ZQTft5O0MYcZzWgzIL02VvGp0J3mtJ384=; b=ACOEj562o1IXIk2w1encThLzYSlo0UVVxaPBTHovtXzuWu9/MYV3zznJKH6mBaZZxp 6R7D7APsZiNU5U1YJiLMOXdtbhitVacO/fJ5rm2rjCRRuo0dGBQ0EyJjTc6puWWfLY23 LBRZakiu1eW2oTOAfLBe62f4sepQwhUyusCGCf5UCAORIwdsF51izXCxjjnoVWutq7Al ML3dx9tKdbpQt4lPGz69Tb6U4gFIu5lzh+dy7xX1n8VM4njz899M86/OyyIybOBgaWAB Pxr7kft06kjg+I2pq5WvYjFPkBk7pWnyHi+IRtkuQh8ZiDvewd34WHjLdg/CWT1TTK9k kCjg== X-Gm-Message-State: AJIora95kyknU59/QJ4opGR8G2O1UGgDNp9VyJugUsoPgSIZJa0EgBzu PQZAnRTDSpiYy6mfBV2sL3SnS6uoGu6W/mjaYlYf21cBrxX0qTc3QVJChGW9cZp40paYdzAoP8X B+MqaOlAvUK4alhqfnixCwXE= X-Received: by 2002:ac2:5201:0:b0:479:3923:9559 with SMTP id a1-20020ac25201000000b0047939239559mr2413999lfl.553.1655198556224; Tue, 14 Jun 2022 02:22:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyAvX8BnJm023g+cpau6dAZHnm7z+mRdb8r+i9dMiNtlVVMRtQ6287RdjjxyHgY6kXQTjszbbVCJK5a3feakVw= X-Received: by 2002:ac2:5201:0:b0:479:3923:9559 with SMTP id a1-20020ac25201000000b0047939239559mr2413985lfl.553.1655198555984; Tue, 14 Jun 2022 02:22:35 -0700 (PDT) MIME-Version: 1.0 References: <20220518101657.1230416-1-david.marchand@redhat.com> <20220518101657.1230416-11-david.marchand@redhat.com> In-Reply-To: From: David Marchand Date: Tue, 14 Jun 2022 11:22:24 +0200 Message-ID: Subject: Re: [PATCH 10/12] vhost/crypto: fix build with GCC 12 To: Bruce Richardson , Fan Zhang , Maxime Coquelin , Chenbo Xia Cc: dev , Thomas Monjalon , Ferruh Yigit , dpdk stable Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dmarchan@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org On Thu, Jun 2, 2022 at 12:09 PM Bruce Richardson wrote: > > On Wed, May 18, 2022 at 12:16:55PM +0200, David Marchand wrote: > > GCC 12 raises the following warning: > > > > In file included from ../lib/mempool/rte_mempool.h:46, > > from ../lib/mbuf/rte_mbuf.h:38, > > from ../lib/vhost/vhost_crypto.c:7: > > ../lib/vhost/vhost_crypto.c: In function =E2=80=98rte_vhost_crypto_fetc= h_requests=E2=80=99: > > ../lib/eal/x86/include/rte_memcpy.h:371:9: warning: array subscript 1 i= s > > outside array bounds of =E2=80=98struct virtio_crypto_op_data_req[= 1]=E2=80=99 > > [-Warray-bounds] > > 371 | rte_mov32((uint8_t *)dst + 3 * 32, (const uint8_t *)src + 3 * 3= 2); > > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~= ~~ > > ../lib/vhost/vhost_crypto.c:1178:42: note: while referencing =E2=80=98r= eq=E2=80=99 > > 1178 | struct virtio_crypto_op_data_req req; > > | ^~~ > > > > Check that copied length is within req boundaries. > > > > Fixes: 3c79609fda7c ("vhost/crypto: handle virtually non-contiguous buf= fers") > > Cc: stable@dpdk.org > > > > Signed-off-by: David Marchand > > --- > > lib/vhost/vhost_crypto.c | 8 ++++---- > > 1 file changed, 4 insertions(+), 4 deletions(-) > > > > diff --git a/lib/vhost/vhost_crypto.c b/lib/vhost/vhost_crypto.c > > index b1c0eb6a0f..83325b7042 100644 > > --- a/lib/vhost/vhost_crypto.c > > +++ b/lib/vhost/vhost_crypto.c > > @@ -576,16 +576,16 @@ copy_data(void *dst_data, struct vhost_crypto_dat= a_req *vc_req, > > uint32_t to_copy; > > uint8_t *data =3D dst_data; > > uint8_t *src; > > - int left =3D size; > > + uint32_t left =3D size; > > > > - to_copy =3D RTE_MIN(desc->len, (uint32_t)left); > > + to_copy =3D RTE_MIN(desc->len, left); > > dlen =3D to_copy; > > src =3D IOVA_TO_VVA(uint8_t *, vc_req, desc->addr, &dlen, > > VHOST_ACCESS_RO); > > Tracking the functions which end up being called by this macro, the dlen > parameter ends up being of type "uint64_t *", passing a value of int * or > uint32_t * seems wrong to me. If we are changing the type from int to > uint32_t, I think it should be promoted all the way to uint64_t. Indeed. I'll update in v2. We already had some CVE on this part of the code, a careful review is neede= d. > > > - if (unlikely(!src || !dlen)) > > + if (unlikely(!src || !dlen || dlen > left)) > > return -1; > > > > If this change is omitted, does the compiler still give warnings. Looking > through the called code, the dlen parameter can only ever be reduced, not > incremented (function rte_vhost_va_from_guest_pa() in rte_vhost.h). If I promote to_copy and left variables as uint64_t, gcc is still unhappy, for the same reason. The check on dlen > left seems necessary. > > > - rte_memcpy((uint8_t *)data, src, dlen); > > + rte_memcpy(data, src, dlen); > > data +=3D dlen; > > > > if (unlikely(dlen < to_copy)) { > > -- > > 2.36.1 > > > --=20 David Marchand