www.infradead.org Git - users/dwmw2/linux.git/commit

author	Simon Horman <horms@kernel.org>
	Thu, 15 Aug 2024 15:27:46 +0000 (16:27 +0100)
committer	Jakub Kicinski <kuba@kernel.org>
	Sat, 17 Aug 2024 01:02:28 +0000 (18:02 -0700)
commit	a99ef548bba01435f19137cf1670861be1c1ee4b
tree	2fa28c9e7bfc3ac0dda82cfa9d93433a1bd37caf	tree
parent	f4ae8420f6ebdabf97e0c4f5f99412768687985f	commit \| diff

bnx2x: Set ivi->vlan field as an integer

In bnx2x_get_vf_config():
* The vlan field of ivi is a 32-bit integer, it is used to store a vlan ID.
* The vlan field of bulletin is a 16-bit integer, it is also used to store
  a vlan ID.

In the current code, ivi->vlan is set using memset. But in the case of
setting it to the value of bulletin->vlan, this involves reading
32 bits from a 16bit source. This is likely safe, as the following
6 bytes are padding in the same structure, but none the less, it seems
undesirable.

However, it is entirely unclear to me how this scheme works on
big-endian systems.

Resolve this by simply assigning integer values to ivi->vlan.

Flagged by W=1 builds.
f.e. gcc-14 reports:

In function 'fortify_memcpy_chk',
    inlined from 'bnx2x_get_vf_config' at .../bnx2x_sriov.c:2655:4:
.../fortify-string.h:580:25: warning: call to '__read_overflow2_field' declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning]
  580 |                         __read_overflow2_field(q_size_field, size);
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compile tested only.

Signed-off-by: Simon Horman <horms@kernel.org>
Reviewed-by: Brett Creeley <brett.creeley@amd.com>
Link: https://patch.msgid.link/20240815-bnx2x-int-vlan-v1-1-5940b76e37ad@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>