Hi Andrej,
On Wed, Oct 02, 2024 at 04:12:17PM +0200, Andrej Shadura wrote:
Change the type of len to size_t in both rfcomm_sock_bind and rfcomm_sock_getsockopt_old and replace min_t() with min().
rfcomm_sock_bind doesn't use copy_to_user, are you sure it has the same issue?
@@ -328,14 +328,15 @@ static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr { struct sockaddr_rc sa; struct sock *sk = sock->sk;
- int len, err = 0;
- int err = 0;
- size_t len;
if (!addr || addr_len < offsetofend(struct sockaddr, sa_family) || addr->sa_family != AF_BLUETOOTH) return -EINVAL; memset(&sa, 0, sizeof(sa));
- len = min_t(unsigned int, sizeof(sa), addr_len);
- len = min(sizeof(sa), addr_len); memcpy(&sa, addr, len);
BT_DBG("sk %p %pMR", sk, &sa.rc_bdaddr);
This change produces a compilation error around min expression, as "kernel test robot" notices below. And I think rfcomm_sock_bind shouldn't be touched at all, it doesn't use copy_to_user and doesn't produce compile errors with latest Clang.
@@ -729,7 +730,8 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u struct sock *l2cap_sk; struct l2cap_conn *conn; struct rfcomm_conninfo cinfo;
- int len, err = 0;
- int err = 0;
- size_t len; u32 opt;
BT_DBG("sk %p", sk); @@ -783,7 +785,7 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u cinfo.hci_handle = conn->hcon->handle; memcpy(cinfo.dev_class, conn->hcon->dev_class, 3);
len = min_t(unsigned int, len, sizeof(cinfo));
len = min(len, sizeof(cinfo));
This looks ok. But there is the same pattern in rfcomm_sock_getsockopt (without old prefix) and it also uses copy_to_user and produces compile error with latest Clang.
Could you remove rfcomm_sock_bind patch and apply it to rfcomm_sock_getsockopt instead? Or I can send my version of the patch: we've encountered the same compile errors in rfcomm_sock_getsockopt and rfcomm_sock_getsockopt_old after updating Clang and would like to get it fixed.