From patchwork Thu Dec 22 11:31:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurent Pinchart X-Patchwork-Id: 18052 Return-Path: X-Original-To: parsemail@patchwork.libcamera.org Delivered-To: parsemail@patchwork.libcamera.org Received: from lancelot.ideasonboard.com (lancelot.ideasonboard.com [92.243.16.209]) by patchwork.libcamera.org (Postfix) with ESMTPS id 91547C3200 for ; Thu, 22 Dec 2022 11:31:31 +0000 (UTC) Received: from lancelot.ideasonboard.com (localhost [IPv6:::1]) by lancelot.ideasonboard.com (Postfix) with ESMTP id DED43633B1; Thu, 22 Dec 2022 12:31:30 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=libcamera.org; s=mail; t=1671708690; bh=uJztUaaHZGFJgF1/R9T1QQUfoox9uLB2M+DRqzt75Uc=; h=To:Date:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=fSZ9GqZ5AhxTPjrue7Fam0jlpqQLaJyRHCGj2bEgmZZAYKeoYtS92SFcsokEJ1EzV FpikT0Nt/1eyARfVMlJ+psThn+S4Ag7MGtB2PWCmevTJXKo4Te19UQmPAwwr0DCu2f vYRGpjPiPQsa0nDivmb6LYxFMna/nbZkR3X41cyyGNBp2dxIqSlzt4UAHVL4u/o/Hu Wp1XizpQaI1maB1qNUCZbqSufx70WNsi9qrD+OmVes+R6ndu4Dq9yXXJDmcVUJ9bYZ PyaC4c6a2+t+IT2piWtfG16U+yA2pXzyd47NOCyLDKbgZUVj/nZSY9mhKjlnhjAyZz gcDqCr24VkHDQ== Received: from perceval.ideasonboard.com (perceval.ideasonboard.com [213.167.242.64]) by lancelot.ideasonboard.com (Postfix) with ESMTPS id 2C2F661507 for ; Thu, 22 Dec 2022 12:31:29 +0100 (CET) Authentication-Results: lancelot.ideasonboard.com; dkim=pass (1024-bit key; unprotected) header.d=ideasonboard.com header.i=@ideasonboard.com header.b="A2Aygl3F"; dkim-atps=neutral Received: from pendragon.ideasonboard.com (213-243-189-158.bb.dnainternet.fi [213.243.189.158]) by perceval.ideasonboard.com (Postfix) with ESMTPSA id AC79F471 for ; Thu, 22 Dec 2022 12:31:27 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com; s=mail; t=1671708687; bh=uJztUaaHZGFJgF1/R9T1QQUfoox9uLB2M+DRqzt75Uc=; h=From:To:Subject:Date:From; b=A2Aygl3FHVReucfZ//LnIpkPgLsg0vuHzNrkeeuvKQIDDNIuxlPQfqCvn9zZTiwDP hlp3n/EQJfGojtljINlt3zGbPVb1mGQXV1vs0KW+VJIFPK0PhD6o8+2AvRBaXZ2jsV NTh5jHzKhwqTpeUYMab2eMsd5ve2F8T3VedorpYE= To: libcamera-devel@lists.libcamera.org Date: Thu, 22 Dec 2022 13:31:22 +0200 Message-Id: <20221222113122.28662-1-laurent.pinchart@ideasonboard.com> X-Mailer: git-send-email 2.38.2 MIME-Version: 1.0 Subject: [libcamera-devel] [RFC/PATCH] libcamera: ipa_module: Relax ipaModuleInfo symbol size check X-BeenThere: libcamera-devel@lists.libcamera.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Laurent Pinchart via libcamera-devel From: Laurent Pinchart Reply-To: Laurent Pinchart Errors-To: libcamera-devel-bounces@lists.libcamera.org Sender: "libcamera-devel" When an IPA module is loaded, the loadIPAModuleInfo() function validates the ipaModuleInfo structure. As part of that process, it checks that the ipaModuleInfo symbol size matches the expected structure size. This check breaks with clang and ASan, as the LLVM's address sanitizer implementation includes the redzone after the structure in the symbol size, currently growing it by 156 bytes (on x86-64). This causes all IPA modules to fail to load. Fix the problem by relaxing the size check to only ensure that the symbol is large enough to contain the structure. Signed-off-by: Laurent Pinchart Reviewed-by: Jacopo Mondi Reviewed-by: Kieran Bingham --- Relaxing checks increases the chance of false negatives, but I think it's totally safe in this case. If we want to validate the structure size, we should add a size field within the data. Other candidates for new fields would be a magic number. --- src/libcamera/ipa_module.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) base-commit: f66a5c447b65bce774a1bc2d01034f437bf764b5 diff --git a/src/libcamera/ipa_module.cpp b/src/libcamera/ipa_module.cpp index c9ff7de30e21..c152153c180f 100644 --- a/src/libcamera/ipa_module.cpp +++ b/src/libcamera/ipa_module.cpp @@ -288,12 +288,12 @@ int IPAModule::loadIPAModuleInfo() } Span info = elfLoadSymbol(data, "ipaModuleInfo"); - if (info.size() != sizeof(info_)) { + if (info.size() < sizeof(info_)) { LOG(IPAModule, Error) << "IPA module has no valid info"; return -EINVAL; } - memcpy(&info_, info.data(), info.size()); + memcpy(&info_, info.data(), sizeof(info_)); if (info_.moduleAPIVersion != IPA_MODULE_API_VERSION) { LOG(IPAModule, Error) << "IPA module API version mismatch";