On Wed, 15 Oct 2025 at 15:23, Florian Schmaus <[email protected]> wrote: > > The previous implementation incorrectly assumed the original type of > 'priv' was void**, leading to an unnecessary and misleading > cast. Correct the cast of the 'priv' pointer in test_dev_action() to > its actual type, long*, removing an unnecessary cast. > > As an additional benefit, this fixes an out-of-bounds CHERI fault on > hardware with architectural capabilities. The original implementation > tried to store a capability-sized pointer using the 'priv' > pointer. However, the 'priv' pointer's capability only granted access > to the memory region of its original long type, leading to a bounds > violation since the size of a long is smaller than the size of a > capability. This change ensures that the pointer usage respects the > capabilities' bounds. > > Signed-off-by: Florian Schmaus <[email protected]> > ---
Thanks for this.
One simple formatting issue below, otherwise this is fine.
Also, it'd be good to add a 'Fixes' tag:
Fixes: d03c720e03bd ("kunit: Add APIs for managing devices")
Reviewed-by: David Gow <[email protected]>
Cheers,
-- David
> lib/kunit/kunit-test.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/kunit/kunit-test.c b/lib/kunit/kunit-test.c
> index 8c01eabd4eaf..957b67818489 100644
> --- a/lib/kunit/kunit-test.c
> +++ b/lib/kunit/kunit-test.c
> @@ -739,7 +739,7 @@ static struct kunit_case kunit_current_test_cases[] = {
>
> static void test_dev_action(void *priv)
> {
> - *(void **)priv = (void *)1;
> + *(long*)priv = 1;
checkpatch whinges here:
ERROR: "(foo*)" should be "(foo *)"
#39: FILE: lib/kunit/kunit-test.c:742:
+ *(long*)priv = 1;
> }
>
> static void kunit_device_test(struct kunit *test)
> --
> 2.51.0
>
smime.p7s
Description: S/MIME Cryptographic Signature
