The following issues were found
tools/testing/selftests/powerpc/ptrace/child.h
2 issues
Line: 32
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define CHILD_FAIL_IF(x, sync) \
do { \
if (x) { \
fprintf(stderr, \
"[FAIL] Test FAILED on line %d\n", __LINE__); \
(sync)->child_gave_up = true; \
prod_parent(sync); \
return 1; \
} \
Reported by FlawFinder.
Line: 43
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define PARENT_FAIL_IF(x, sync) \
do { \
if (x) { \
fprintf(stderr, \
"[FAIL] Test FAILED on line %d\n", __LINE__); \
(sync)->parent_gave_up = true; \
prod_child(sync); \
return 1; \
} \
Reported by FlawFinder.
tools/testing/selftests/nsfs/pidns.c
2 issues
Line: 29
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define __stack_aligned__ __attribute__((aligned(16)))
struct cr_clone_arg {
char stack[128] __stack_aligned__;
char stack_ptr[];
};
static int child(void *args)
{
Reported by FlawFinder.
Line: 56
Column: 8
CWE codes:
362
for (i = 0; i < 2; i++) {
snprintf(path, sizeof(path), "/proc/%d/ns/%s", pid, ns_strs[i]);
ns = open(path, O_RDONLY);
if (ns < 0)
return pr_err("Unable to open %s", path);
pns = ioctl(ns, NS_GET_PARENT);
if (pns < 0)
Reported by FlawFinder.
tools/testing/kunit/qemu_configs/arm.py
2 issues
Line: 1
Column: 1
from ..qemu_config import QemuArchParams
QEMU_ARCH = QemuArchParams(linux_arch='arm',
kconfig='''
CONFIG_ARCH_VIRT=y
CONFIG_SERIAL_AMBA_PL010=y
CONFIG_SERIAL_AMBA_PL010_CONSOLE=y
CONFIG_SERIAL_AMBA_PL011=y
CONFIG_SERIAL_AMBA_PL011_CONSOLE=y''',
Reported by Pylint.
Line: 1
Column: 1
from ..qemu_config import QemuArchParams
QEMU_ARCH = QemuArchParams(linux_arch='arm',
kconfig='''
CONFIG_ARCH_VIRT=y
CONFIG_SERIAL_AMBA_PL010=y
CONFIG_SERIAL_AMBA_PL010_CONSOLE=y
CONFIG_SERIAL_AMBA_PL011=y
CONFIG_SERIAL_AMBA_PL011_CONSOLE=y''',
Reported by Pylint.
tools/testing/kunit/qemu_configs/arm64.py
2 issues
Line: 1
Column: 1
from ..qemu_config import QemuArchParams
QEMU_ARCH = QemuArchParams(linux_arch='arm64',
kconfig='''
CONFIG_SERIAL_AMBA_PL010=y
CONFIG_SERIAL_AMBA_PL010_CONSOLE=y
CONFIG_SERIAL_AMBA_PL011=y
CONFIG_SERIAL_AMBA_PL011_CONSOLE=y''',
qemu_arch='aarch64',
Reported by Pylint.
Line: 1
Column: 1
from ..qemu_config import QemuArchParams
QEMU_ARCH = QemuArchParams(linux_arch='arm64',
kconfig='''
CONFIG_SERIAL_AMBA_PL010=y
CONFIG_SERIAL_AMBA_PL010_CONSOLE=y
CONFIG_SERIAL_AMBA_PL011=y
CONFIG_SERIAL_AMBA_PL011_CONSOLE=y''',
qemu_arch='aarch64',
Reported by Pylint.
tools/testing/selftests/powerpc/security/entry_flush.c
2 issues
Line: 59
Column: 14
CWE codes:
676
Suggestion:
Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient
fd = perf_event_open_counter(PERF_TYPE_HW_CACHE, PERF_L1D_READ_MISS_CONFIG, -1);
FAIL_IF(fd < 0);
p = (char *)memalign(zero_size, CACHELINE_SIZE);
FAIL_IF(perf_event_enable(fd));
// disable L1 prefetching
set_dscr(1);
Reported by FlawFinder.
Line: 79
Column: 10
CWE codes:
120
20
syscall_loop(p, iterations, zero_size);
FAIL_IF(read(fd, &v, sizeof(v)) != sizeof(v));
if (entry_flush && v.l1d_misses >= l1d_misses_expected)
passes++;
else if (!entry_flush && v.l1d_misses < (l1d_misses_expected / 2))
passes++;
Reported by FlawFinder.
tools/testing/selftests/powerpc/security/rfi_flush.c
2 issues
Line: 60
Column: 14
CWE codes:
676
Suggestion:
Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient
fd = perf_event_open_counter(PERF_TYPE_HW_CACHE, PERF_L1D_READ_MISS_CONFIG, -1);
FAIL_IF(fd < 0);
p = (char *)memalign(zero_size, CACHELINE_SIZE);
FAIL_IF(perf_event_enable(fd));
// disable L1 prefetching
set_dscr(1);
Reported by FlawFinder.
Line: 80
Column: 10
CWE codes:
120
20
syscall_loop(p, iterations, zero_size);
FAIL_IF(read(fd, &v, sizeof(v)) != sizeof(v));
if (rfi_flush && v.l1d_misses >= l1d_misses_expected)
passes++;
else if (!rfi_flush && v.l1d_misses < (l1d_misses_expected / 2))
passes++;
Reported by FlawFinder.
tools/testing/selftests/powerpc/security/spectre_v2.c
2 issues
Line: 88
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static enum spectre_v2_state get_sysfs_state(void)
{
enum spectre_v2_state state = UNKNOWN;
char buf[256];
int len;
memset(buf, 0, sizeof(buf));
FAIL_IF(read_sysfs_file("devices/system/cpu/vulnerabilities/spectre_v2", buf, sizeof(buf)));
Reported by FlawFinder.
Line: 98
Column: 8
CWE codes:
126
buf[sizeof(buf) - 1] = '\0';
// Trim the trailing newline
len = strlen(buf);
FAIL_IF(len < 1);
buf[len - 1] = '\0';
printf("sysfs reports: '%s'\n", buf);
Reported by FlawFinder.
tools/testing/selftests/powerpc/security/uaccess_flush.c
2 issues
Line: 73
Column: 14
CWE codes:
676
Suggestion:
Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient
fd = perf_event_open_counter(PERF_TYPE_HW_CACHE, PERF_L1D_READ_MISS_CONFIG, -1);
FAIL_IF(fd < 0);
p = (char *)memalign(zero_size, CACHELINE_SIZE);
FAIL_IF(perf_event_enable(fd));
// disable L1 prefetching
set_dscr(1);
Reported by FlawFinder.
Line: 93
Column: 10
CWE codes:
120
20
syscall_loop_uaccess(p, iterations, zero_size);
FAIL_IF(read(fd, &v, sizeof(v)) != sizeof(v));
if (uaccess_flush && v.l1d_misses >= l1d_misses_expected)
passes++;
else if (!uaccess_flush && v.l1d_misses < (l1d_misses_expected / 2))
passes++;
Reported by FlawFinder.
tools/perf/bench/sched-pipe.c
2 issues
Line: 62
Column: 10
CWE codes:
120
20
for (i = 0; i < loops; i++) {
if (!td->nr) {
ret = read(td->pipe_read, &m, sizeof(int));
BUG_ON(ret != sizeof(int));
ret = write(td->pipe_write, &m, sizeof(int));
BUG_ON(ret != sizeof(int));
} else {
ret = write(td->pipe_write, &m, sizeof(int));
Reported by FlawFinder.
Line: 69
Column: 10
CWE codes:
120
20
} else {
ret = write(td->pipe_write, &m, sizeof(int));
BUG_ON(ret != sizeof(int));
ret = read(td->pipe_read, &m, sizeof(int));
BUG_ON(ret != sizeof(int));
}
}
return NULL;
Reported by FlawFinder.
tools/perf/arch/arm64/tests/dwarf-unwind.c
2 issues
Line: 42
CWE codes:
401
memcpy(buf, (void *) sp, stack_size);
stack->data = (char *) buf;
stack->size = stack_size;
return 0;
}
int test__arch_unwind_sample(struct perf_sample *sample,
struct thread *thread)
{
Reported by Cppcheck.
Line: 39
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
stack_size = map->end - sp;
stack_size = stack_size > STACK_SIZE ? STACK_SIZE : stack_size;
memcpy(buf, (void *) sp, stack_size);
stack->data = (char *) buf;
stack->size = stack_size;
return 0;
}
Reported by FlawFinder.