SHA256
1
0
forked from pool/qemu
qemu/intel-Avoid-spurious-compiler-warning-on.patch

90 lines
3.2 KiB
Diff
Raw Normal View History

Accepting request 822154 from home:bfrogers:branches:Virtualization - Updating to Sphinx v3.1.2 in Factory is exposing an issue in qemu doc sources. Fix it docs-fix-trace-docs-build-with-sphinx-3..patch - Fix DoS possibility in ati-vga emulation (CVE-2020-13800 bsc#1172495) ati-vga-check-mm_index-before-recursive-.patch - Fix DoS possibility in Network Block Device (nbd) support infrastructure (CVE-2020-10761 bsc#1172710) nbd-server-Avoid-long-error-message-asse.patch - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) exec-set-map-length-to-zero-when-returni.patch - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) megasas-use-unsigned-type-for-reply_queu.patch - Fix legacy IGD passthrough hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch - The latest gcc10 available in Factory has the fix for the issue this patch was created to avoid, so drop it build-Work-around-gcc10-bug-by-not-using.patch - Switch to upstream versions of some patches we carry add-enum-cast-to-avoid-gcc10-warning.patch -> golan-Add-explicit-type-casts-for-nodnic.patch Be-explicit-about-fcommon-compiler-direc.patch -> build-Be-explicit-about-fcommon-compiler.patch Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch -> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch Fix-s-directive-argument-is-null-error.patch -> build-Fix-s-directive-argument-is-null-e.patch Workaround-compilation-error-with-gcc-9..patch -> build-Workaround-compilation-error-with-.patch work-around-gcc10-problem-with-zero-leng.patch -> intel-Avoid-spurious-compiler-warning-on.patch - Fix vgabios issue for cirrus graphics emulation, which effectively downgraded it to standard VGA behavior vga-fix-cirrus-bios.patch - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) es1370-check-total-frame-count-against-c.patch OBS-URL: https://build.opensuse.org/request/show/822154 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553
2020-07-22 06:19:22 +02:00
From: Michael Brown <mcb30@ipxe.org>
Date: Sat, 27 Jun 2020 20:21:11 +0100
Subject: [intel] Avoid spurious compiler warning on GCC 10
Git-commit: 28cf9806d1632d378485005babec295da0c77fcf
References: boo#1171123
Accepting request 822154 from home:bfrogers:branches:Virtualization - Updating to Sphinx v3.1.2 in Factory is exposing an issue in qemu doc sources. Fix it docs-fix-trace-docs-build-with-sphinx-3..patch - Fix DoS possibility in ati-vga emulation (CVE-2020-13800 bsc#1172495) ati-vga-check-mm_index-before-recursive-.patch - Fix DoS possibility in Network Block Device (nbd) support infrastructure (CVE-2020-10761 bsc#1172710) nbd-server-Avoid-long-error-message-asse.patch - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) exec-set-map-length-to-zero-when-returni.patch - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) megasas-use-unsigned-type-for-reply_queu.patch - Fix legacy IGD passthrough hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch - The latest gcc10 available in Factory has the fix for the issue this patch was created to avoid, so drop it build-Work-around-gcc10-bug-by-not-using.patch - Switch to upstream versions of some patches we carry add-enum-cast-to-avoid-gcc10-warning.patch -> golan-Add-explicit-type-casts-for-nodnic.patch Be-explicit-about-fcommon-compiler-direc.patch -> build-Be-explicit-about-fcommon-compiler.patch Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch -> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch Fix-s-directive-argument-is-null-error.patch -> build-Fix-s-directive-argument-is-null-e.patch Workaround-compilation-error-with-gcc-9..patch -> build-Workaround-compilation-error-with-.patch work-around-gcc10-problem-with-zero-leng.patch -> intel-Avoid-spurious-compiler-warning-on.patch - Fix vgabios issue for cirrus graphics emulation, which effectively downgraded it to standard VGA behavior vga-fix-cirrus-bios.patch - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) es1370-check-total-frame-count-against-c.patch OBS-URL: https://build.opensuse.org/request/show/822154 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553
2020-07-22 06:19:22 +02:00
GCC 10 produces a spurious warning about an out-of-bounds array access
for the unsized raw dword array in union intelvf_msg.
Avoid the warning by embedding the zero-length array within a struct.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/drivers/net/intelvf.c | 18 ++++++++++--------
src/drivers/net/intelvf.h | 8 +++++++-
2 files changed, 17 insertions(+), 9 deletions(-)
diff --git a/roms/ipxe/src/drivers/net/intelvf.c b/roms/ipxe/src/drivers/net/intelvf.c
index ac6fea745457863544edf6658138..0d48b4178cb5aa0542ba7c507d04 100644
--- a/roms/ipxe/src/drivers/net/intelvf.c
+++ b/roms/ipxe/src/drivers/net/intelvf.c
@@ -52,14 +52,15 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
*/
static void intelvf_mbox_write ( struct intel_nic *intel,
const union intelvf_msg *msg ) {
+ const struct intelvf_msg_raw *raw = &msg->raw;
unsigned int i;
/* Write message */
DBGC2 ( intel, "INTEL %p sending message", intel );
- for ( i = 0 ; i < ( sizeof ( *msg ) / sizeof ( msg->dword[0] ) ) ; i++){
- DBGC2 ( intel, "%c%08x", ( i ? ':' : ' ' ), msg->dword[i] );
- writel ( msg->dword[i], ( intel->regs + intel->mbox.mem +
- ( i * sizeof ( msg->dword[0] ) ) ) );
+ for ( i = 0 ; i < ( sizeof ( *msg ) / sizeof ( raw->dword[0] ) ) ; i++){
+ DBGC2 ( intel, "%c%08x", ( i ? ':' : ' ' ), raw->dword[i] );
+ writel ( raw->dword[i], ( intel->regs + intel->mbox.mem +
+ ( i * sizeof ( raw->dword[0] ) ) ) );
}
DBGC2 ( intel, "\n" );
}
@@ -72,14 +73,15 @@ static void intelvf_mbox_write ( struct intel_nic *intel,
*/
static void intelvf_mbox_read ( struct intel_nic *intel,
union intelvf_msg *msg ) {
+ struct intelvf_msg_raw *raw = &msg->raw;
unsigned int i;
/* Read message */
DBGC2 ( intel, "INTEL %p received message", intel );
- for ( i = 0 ; i < ( sizeof ( *msg ) / sizeof ( msg->dword[0] ) ) ; i++){
- msg->dword[i] = readl ( intel->regs + intel->mbox.mem +
- ( i * sizeof ( msg->dword[0] ) ) );
- DBGC2 ( intel, "%c%08x", ( i ? ':' : ' ' ), msg->dword[i] );
+ for ( i = 0 ; i < ( sizeof ( *msg ) / sizeof ( raw->dword[0] ) ) ; i++){
+ raw->dword[i] = readl ( intel->regs + intel->mbox.mem +
+ ( i * sizeof ( raw->dword[0] ) ) );
+ DBGC2 ( intel, "%c%08x", ( i ? ':' : ' ' ), raw->dword[i] );
}
DBGC2 ( intel, "\n" );
}
diff --git a/roms/ipxe/src/drivers/net/intelvf.h b/roms/ipxe/src/drivers/net/intelvf.h
index ab404698fe6de9f48370931fdf56..ffb18e04052f1b4a6fe406f5062c 100644
--- a/roms/ipxe/src/drivers/net/intelvf.h
+++ b/roms/ipxe/src/drivers/net/intelvf.h
@@ -119,6 +119,12 @@ struct intelvf_msg_queues {
uint32_t dflt;
} __attribute__ (( packed ));
+/** Raw mailbox message */
+struct intelvf_msg_raw {
+ /** Raw dwords */
+ uint32_t dword[0];
+} __attribute__ (( packed ));
+
/** Mailbox message */
union intelvf_msg {
/** Message header */
@@ -132,7 +138,7 @@ union intelvf_msg {
/** Queue configuration message */
struct intelvf_msg_queues queues;
/** Raw dwords */
- uint32_t dword[0];
+ struct intelvf_msg_raw raw;
};
/** Maximum time to wait for mailbox message