• Kees Cook's avatar
    drm/amd/pm: And destination bounds checking to struct copy · 4a9bd6db
    Kees Cook authored
    In preparation for FORTIFY_SOURCE performing compile-time and run-time
    field bounds checking for memcpy(), memmove(), and memset(), avoid
    intentionally writing across neighboring fields.
    
    The "Board Parameters" members of the structs:
    	struct atom_smc_dpm_info_v4_5
    	struct atom_smc_dpm_info_v4_6
    	struct atom_smc_dpm_info_v4_7
    	struct atom_smc_dpm_info_v4_10
    are written to the corresponding members of the corresponding PPTable_t
    variables, but they lack destination size bounds checking, which means
    the compiler cannot verify at compile time that this is an intended and
    safe memcpy().
    
    Since the header files are effectively immutable[1] and a struct_group()
    cannot be used, nor a common struct referenced by both sides of the
    memcpy() arguments, add a new helper, amdgpu_memcpy_trailing(), to
    perform the bounds checking at compile time. Replace the open-coded
    memcpy()s with amdgpu_memcpy_trailing() which includes enough context
    for the bounds checking.
    
    "objdump -d" shows no object code changes.
    
    [1] https://lore.kernel.org/lkml/e56aad3c-a06f-da07-f491-a894a570d78f@amd.com
    
    Cc: "Christian König" <christian.koenig@amd.com>
    Cc: "Pan, Xinhui" <Xinhui.Pan@amd.com>
    Cc: David Airlie <airlied@linux.ie>
    Cc: Daniel Vetter <daniel@ffwll.ch>
    Cc: Hawking Zhang <Hawking.Zhang@amd.com>
    Cc: Feifei Xu <Feifei.Xu@amd.com>
    Cc: Likun Gao <Likun.Gao@amd.com>
    Cc: Jiawei Gu <Jiawei.Gu@amd.com>
    Cc: Evan Quan <evan.quan@amd.com>
    Cc: amd-gfx@lists.freedesktop.org
    Cc: dri-devel@lists.freedesktop.org
    Reviewed-by: default avatarLijo Lazar <lijo.lazar@amd.com>
    Acked-by: default avatarAlex Deucher <alexander.deucher@amd.com>
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    Signed-off-by: default avatarAlex Deucher <alexander.deucher@amd.com>
    4a9bd6db
amdgpu_smu.h 38.8 KB