Le 24/02/2025 à 11:28, André Draszik a écrit :
The Maxim MAX77759 is a companion Power Management IC for USB Type-C
applications with Battery Charger, Fuel Gauge, temperature sensors, USB
Type-C Port Controller (TCPC), NVMEM, and additional GPIO interfaces.
Fuel Gauge and TCPC have separate and
Le 20/06/2024 à 20:08, Gustavo A. R. Silva a écrit :
On 6/20/24 12:02, Gustavo A. R. Silva wrote:
My understanding is that 'match', is allocated by :
match = kzalloc(struct_size(match, channels, n_channels),
GFP_KERNEL);
So match->n_channels is *0* when iwl_mvm_query_set_freqs() is c
Le 19/06/2024 à 23:12, Kees Cook a écrit :
Both struct cfg80211_wowlan_nd_match and struct cfg80211_wowlan_nd_info
pre-allocate space for channels and matches, but then may end up using
fewer that the full allocation. Shrink the associated counter
(n_channels and n_matches) after counting the res
Le 12/06/2024 à 23:01, André Apitzsch via B4 Relay a écrit :
From: André Apitzsch
The SY7802 is a current-regulated charge pump which can regulate two
current levels for Flash and Torch modes.
It is a high-current synchronous boost converter with 2-channel high
side current sources. Each chann
Annotate the 'snaps' flexible array in "struct ceph_snap_context" with
__counted_by() so that additional checks can be made, if enabled.
Signed-off-by: Christophe JAILLET
---
Compile tested only
---
include/linux/ceph/libceph.h | 2 +-
1 file changed, 1 insertion(+), 1 delet
'num_vectors' is used to count the number of elements in the 'qv_info'
flexible array in "struct irdma_qvlist_info".
So annotate it with __counted_by() to make it explicit and enable some
additional checks.
This allocation is done in irdma_save_msix_info().
Sig
Le 06/05/2024 à 18:23, Kees Cook a écrit :
On Sun, May 05, 2024 at 07:31:24PM +0200, Erick Archer wrote:
On Sun, May 05, 2024 at 05:24:55PM +0200, Christophe JAILLET wrote:
Le 05/05/2024 à 16:15, Erick Archer a écrit :
diff --git a/kernel/events/ring_buffer.c b/kernel/events/ring_buffer.c
Le 05/05/2024 à 16:15, Erick Archer a écrit :
This is an effort to get rid of all multiplications from allocation
functions in order to prevent integer overflows [1][2].
As the "rb" variable is a pointer to "struct perf_buffer" and this
structure ends in a flexible array:
struct perf_buffer {
Le 23/04/2024 à 14:32, Amelie Delaunay a écrit :
STM32 DMA3 driver supports the 3 hardware configurations of the STM32 DMA3
controller:
- LPDMA (Low Power): 4 channels, no FIFO
- GPDMA (General Purpose): 16 channels, FIFO from 8 to 32 bytes
- HPDMA (High Performance): 16 channels, FIFO from 8 to
Le 01/04/2024 à 23:23, André Apitzsch via B4 Relay a écrit :
From: André Apitzsch
Add support for SY7802 flash LED controller. It can support up to 1.8A
flash current.
Signed-off-by: André Apitzsch
---
drivers/leds/flash/Kconfig | 11 +
drivers/leds/flash/Makefile | 1 +
dri
Le 02/05/2024 à 01:18, Justin Stitt a écrit :
On Wed, May 1, 2024 at 2:39 PM Christophe JAILLET
wrote:
Hi,
Nit: The { } around each branch can now also be removed.
There was one line before and there's one line now.
In the block after the "else", yes, but now the block af
Le 30/04/2024 à 01:06, Justin Stitt a écrit :
Cleanup some deprecated uses of strncpy() and strcpy() [1].
There doesn't seem to be any bugs with the current code but the
readability of this code could benefit from a quick makeover while
removing some deprecated stuff as a benefit.
The most inte
Le 27/04/2024 à 18:45, Erick Archer a écrit :
This is an effort to get rid of all multiplications from allocation
functions in order to prevent integer overflows [1].
Here the multiplication is obviously safe. However, using kcalloc*()
is more appropriate [2] and improves readability. This patch
Le 22/04/2024 à 23:33, Justin Stitt a écrit :
I am going to quote Lee Jones who has been doing some snprintf ->
scnprintf refactorings:
"There is a general misunderstanding amongst engineers that
{v}snprintf() returns the length of the data *actually* encoded into the
destination array. However
Le 08/04/2024 à 22:53, Justin Stitt a écrit :
I am going to quote Lee Jones who has been doing some snprintf ->
scnprintf refactorings:
"There is a general misunderstanding amongst engineers that
{v}snprintf() returns the length of the data *actually* encoded into the
destination array. However
There is no need to call memset(..., 0, ...) on memory allocated by
kcalloc(). It is already zeroed.
Remove the redundant call.
Signed-off-by: Christophe JAILLET
---
fs/pstore/zone.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/fs/pstore/zone.c b/fs/pstore/zone.c
index abca117725c8
ted_by() for additional safety
Signed-off-by: Christophe JAILLET
---
On my x86_64 system, with configured with allmodconfig, I have:
Before the change:
=
struct mpconf {
struct mddev * mddev;/* 0 8 */
struct multipath_info *
Le 30/11/2023 à 21:12, Kees Cook a écrit :
One of the last remaining users of strlcpy() in the kernel is
kernfs_path_from_node_locked(), which passes back the problematic "length
we _would_ have copied" return value to indicate truncation. Convert the
chain of all callers to use the negative ret
w possible to use __counted_by() and struct_size() for
additional safety.
The address for the 'priv' memory is computed with mux_chip_priv(). It
should work as good with a flexible array.
Signed-off-by: Christophe JAILLET
---
The struct_size() goodies only work if sizeof_priv is 0. Ad
Le 01/10/2023 à 23:22, Kees Cook a écrit :
On Sun, Oct 01, 2023 at 02:05:46PM -0700, Kees Cook wrote:
On Sun, Oct 01, 2023 at 09:14:02PM +0200, Julia Lawall wrote:
Kees,
You can try the following.
Cool! Yeah, this finds the example:
drivers/comedi/drivers/rti800.c:74: struct comedi_lrange:
array.
In order to fix it, use snprintf() instead.
Fixes: 7302b9d90117 ("ieee802154/adf7242: Driver for ADF7242 MAC IEEE802154")
Signed-off-by: Christophe JAILLET
---
drivers/net/ieee802154/adf7242.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ie
396f932 ("EDAC, thunderx: Add Cavium ThunderX EDAC driver")
Signed-off-by: Christophe JAILLET
---
This is cross-compile tested only.
Review with care.
v2: remove some other erroneous usage of strncat()
---
drivers/edac/thunderx_edac.c | 44
1 f
396f932 ("EDAC, thunderx: Add Cavium ThunderX EDAC driver")
Signed-off-by: Christophe JAILLET
---
This is cross-compile tested only.
Review with care.
---
drivers/edac/thunderx_edac.c | 24
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/drive
Le 16/10/2023 à 07:34, Kartik a écrit :
In preparation to ACPI support in Tegra fuse driver add function
tegra_acpi_init_apbmisc() to initialize tegra-apbmisc driver.
Also, document the reason of calling tegra_init_apbmisc() at early init.
Note that function tegra_acpi_init_apbmisc() is not plac
Le 15/10/2023 à 06:53, Julia Lawall a écrit :
On Sat, 14 Oct 2023, Kees Cook wrote:
On Sat, Oct 14, 2023 at 08:34:53AM +0200, Christophe JAILLET wrote:
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by
functions).
Signed-off-by: Christophe JAILLET
---
v2: Fix the subject [Ilya Maximets]
fix the field name used with __counted_by [Ilya Maximets]
v1:
https://lore.kernel.org/all/f66ddcf1ef9328f10292ea75a17b584359b6cde3.1696156198.git.christophe.jail...@wanadoo.fr/
This patch is part of a work
Le 02/10/2023 à 18:51, Ilya Maximets a écrit :
On 10/1/23 13:07, Christophe JAILLET wrote:
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via
functions).
Signed-off-by: Christophe JAILLET
---
This patch is part of a work done in parallel of what is currently worked
on by Kees Cook.
My patches are only related to corner cases that do NOT match the
semantic of his Coccinelle script[1].
In this case, something similar to struct_size() is
dma_pool_alloc() call.
Signed-off-by: Christophe JAILLET
---
This patch is part of a work done in parallel of what is currently worked
on by Kees Cook.
My patches are only related to corner cases that do NOT match the
semantic of his Coccinelle script[1].
[1]
https://github.com/kees/kernel-tools/blob
e for loop, i is -1 and the loop will not be executed.
(both i and sw_desc->nb_desc are 'int')
Fixes: a57e16cf0333 ("dmaengine: pxa: add pxa dmaengine driver")
Signed-off-by: Christophe JAILLET
---
drivers/dma/pxa_dma.c | 1 -
1 file changed, 1 deletion(-)
diff --gi
functions).
Signed-off-by: Christophe JAILLET
---
This patch is part of a work done in parallel of what is currently worked
on by Kees Cook.
My patches are only related to corner cases that do NOT match the
semantic of his Coccinelle script[1].
In this case, in tbl_mask_array_alloc(), several things
Use struct_size() instead of hand writing it.
This is less verbose and more robust.
Signed-off-by: Christophe JAILLET
---
This is IMHO more readable, even if not perfect.
However (untested):
+ new = kzalloc(size_add(struct_size(new, masks, size),
size_mul
Le 01/10/2023 à 09:25, Julia Lawall a écrit :
This is not found due to the regular expression used for the name of the
alloc function. Maybe you could drop it entirely? Maybe you could just
check for alloc somewhere in the string?
That's how I found it.
I simplified a lot Kees's script and l
CONFIG_UBSAN_BOUNDS (for array indexing) and CONFIG_FORTIFY_SOURCE (for
strcpy/memcpy-family functions).
Also remove a useless comment about the position of a flex-array in a
structure.
Signed-off-by: Christophe JAILLET
---
This patch is part of a work done in parallel of what is currently
functions).
Signed-off-by: Christophe JAILLET
---
This patch is part of a work done in parallel of what is currently worked
on by Kees Cook.
My patches are only related to corner cases that do NOT match the
semantic of his Coccinelle script[1].
In this case, it is been spotted because of
Le 29/09/2023 à 20:11, Kees Cook a écrit :
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_F
36 matches
Mail list logo
