From patchwork Thu Oct 6 06:22:57 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jiri Slaby X-Patchwork-Id: 77293 Delivered-To: patch@linaro.org Received: by 10.140.106.72 with SMTP id d66csp3183500qgf; Wed, 5 Oct 2016 23:31:01 -0700 (PDT) X-Received: by 10.66.235.100 with SMTP id ul4mr19462831pac.50.1475735002920; Wed, 05 Oct 2016 23:23:22 -0700 (PDT) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id zx1si11214367pac.252.2016.10.05.23.23.22; Wed, 05 Oct 2016 23:23:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933606AbcJFGXV (ORCPT + 3 others); Thu, 6 Oct 2016 02:23:21 -0400 Received: from mx2.suse.de ([195.135.220.15]:49156 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932405AbcJFGXS (ORCPT ); Thu, 6 Oct 2016 02:23:18 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 2295FACF7; Thu, 6 Oct 2016 06:23:17 +0000 (UTC) From: Jiri Slaby To: stable@vger.kernel.org Cc: Khem Raj , Kees Cook , Michael Ellerman , Segher Boessenkool , Jiri Slaby Subject: [patch added to 3.12-stable] powerpc/ptrace: Fix out of bounds array access warning Date: Thu, 6 Oct 2016 08:22:57 +0200 Message-Id: <20161006062305.26935-26-jslaby@suse.cz> X-Mailer: git-send-email 2.10.1 In-Reply-To: <20161006062305.26935-1-jslaby@suse.cz> References: <20161006062305.26935-1-jslaby@suse.cz> Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Khem Raj This patch has been added to the 3.12 stable tree. If you have any objections, please let us know. -- 2.10.1 -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html =============== commit 1e407ee3b21f981140491d5b8a36422979ca246f upstream. gcc-6 correctly warns about a out of bounds access arch/powerpc/kernel/ptrace.c:407:24: warning: index 32 denotes an offset greater than size of 'u64[32][1] {aka long long unsigned int[32][1]}' [-Warray-bounds] offsetof(struct thread_fp_state, fpr[32][0])); ^ check the end of array instead of beginning of next element to fix this Signed-off-by: Khem Raj Cc: Kees Cook Cc: Michael Ellerman Cc: Segher Boessenkool Tested-by: Aaro Koskinen Acked-by: Olof Johansson Signed-off-by: Michael Ellerman Signed-off-by: Jiri Slaby --- arch/powerpc/kernel/ptrace.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c index 9a0d24c390a3..929cdc0f34f5 100644 --- a/arch/powerpc/kernel/ptrace.c +++ b/arch/powerpc/kernel/ptrace.c @@ -376,7 +376,7 @@ static int fpr_get(struct task_struct *target, const struct user_regset *regset, #else BUILD_BUG_ON(offsetof(struct thread_struct, fpscr) != - offsetof(struct thread_struct, TS_FPR(32))); + offsetof(struct thread_struct, fpr[32])); return user_regset_copyout(&pos, &count, &kbuf, &ubuf, &target->thread.fpr, 0, -1); @@ -404,7 +404,7 @@ static int fpr_set(struct task_struct *target, const struct user_regset *regset, return 0; #else BUILD_BUG_ON(offsetof(struct thread_struct, fpscr) != - offsetof(struct thread_struct, TS_FPR(32))); + offsetof(struct thread_struct, fpr[32])); return user_regset_copyin(&pos, &count, &kbuf, &ubuf, &target->thread.fpr, 0, -1);