lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Nov 2021 08:24:20 -0800 From: Kees Cook <keescook@...omium.org> To: Jakub Kicinski <kuba@...nel.org> Cc: "Jason A. Donenfeld" <Jason@...c4.com>, "Gustavo A . R . Silva" <gustavoars@...nel.org>, "David S. Miller" <davem@...emloft.net>, Jonathan Lemon <jonathan.lemon@...il.com>, Alexander Lobakin <alobakin@...me>, Jakub Sitnicki <jakub@...udflare.com>, Marco Elver <elver@...gle.com>, Willem de Bruijn <willemb@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Cong Wang <cong.wang@...edance.com>, Paolo Abeni <pabeni@...hat.com>, Talal Ahmad <talalahmad@...gle.com>, Kevin Hao <haokexin@...il.com>, Ilias Apalodimas <ilias.apalodimas@...aro.org>, Kumar Kartikeya Dwivedi <memxor@...il.com>, Vasily Averin <vvs@...tuozzo.com>, linux-kernel@...r.kernel.org, wireguard@...ts.zx2c4.com, netdev@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH] skbuff: Switch structure bounds to struct_group() On Thu, Nov 18, 2021 at 11:13:55PM -0800, Jakub Kicinski wrote: > On Thu, 18 Nov 2021 10:36:15 -0800 Kees Cook wrote: > > In preparation for FORTIFY_SOURCE performing compile-time and run-time > > field bounds checking for memcpy(), memmove(), and memset(), avoid > > intentionally writing across neighboring fields. > > > > Replace the existing empty member position markers "headers_start" and > > "headers_end" with a struct_group(). This will allow memcpy() and sizeof() > > to more easily reason about sizes, and improve readability. > > > > "pahole" shows no size nor member offset changes to struct sk_buff. > > "objdump -d" shows no object code changes (outside of WARNs affected by > > source line number changes). > > This adds ~27k of these warnings to W=1 gcc builds: > > include/linux/skbuff.h:851:1: warning: directive in macro's argument list Oh my, I see it[1]. I will get that fixed. This smells like a missing header or something weird. I have a dim memory of fixing this warning long ago when evolving this series. Thanks! -Kees [1] https://patchwork.kernel.org/project/netdevbpf/patch/20211118183615.1281978-1-keescook@chromium.org/ -- Kees Cook
Powered by blists - more mailing lists