lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sat, 27 May 2023 14:47:25 +0200
From: Christian Marangi <ansuelsmth@...il.com>
To: Simon Horman <simon.horman@...igine.com>
Cc: "Jason A. Donenfeld" <Jason@...c4.com>,
	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
	wireguard@...ts.zx2c4.com, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [net PATCH] wireguard: allowedips: fix compilation warning for
 stack limit exceeded

On Sat, May 27, 2023 at 03:07:21PM +0200, Simon Horman wrote:
> On Fri, May 26, 2023 at 10:41:34PM +0200, Christian Marangi wrote:
> > On some arch (for example IPQ8074) and other with
> > KERNEL_STACKPROTECTOR_STRONG enabled, the following compilation error is
> > triggered:
> > drivers/net/wireguard/allowedips.c: In function 'root_remove_peer_lists':
> > drivers/net/wireguard/allowedips.c:80:1: error: the frame size of 1040 bytes is larger than 1024 bytes [-Werror=frame-larger-than=]
> >    80 | }
> >       | ^
> > drivers/net/wireguard/allowedips.c: In function 'root_free_rcu':
> > drivers/net/wireguard/allowedips.c:67:1: error: the frame size of 1040 bytes is larger than 1024 bytes [-Werror=frame-larger-than=]
> >    67 | }
> >       | ^
> > cc1: all warnings being treated as errors
> > 
> > Since these are free function and returns void, using function that can
> > fail is not ideal since an error would result in data not freed.
> > Since the free are under RCU lock, we can allocate the required stack
> > array as static outside the function and memset when needed.
> > This effectively fix the stack frame warning without changing how the
> > function work.
> > 
> > Fixes: Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
> 
> nit: Not sure if this can be fixed-up manually.
>      But one instance of 'Fixes: ' is enough.
> 

An oversight by me sorry. Will send v2 with the tag fixed after 24
hours. Totally fine if the patch is OK to fix this when it's merged by
the maintainers.

-- 
	Ansuel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ