lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Nov 2021 14:19:25 +0100 From: "Rafael J. Wysocki" <rafael@...nel.org> To: Kees Cook <keescook@...omium.org>, Zhang Rui <rui.zhang@...el.com>, Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com> Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Daniel Lezcano <daniel.lezcano@...aro.org>, Amit Kucheria <amitk@...nel.org>, Linux PM <linux-pm@...r.kernel.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Andrew Morton <akpm@...ux-foundation.org>, "open list:NETWORKING DRIVERS (WIRELESS)" <linux-wireless@...r.kernel.org>, netdev <netdev@...r.kernel.org>, dri-devel <dri-devel@...ts.freedesktop.org>, linux-staging@...ts.linux.dev, linux-block@...r.kernel.org, linux-kbuild@...r.kernel.org, clang-built-linux@...glegroups.com, Rasmus Villemoes <linux@...musvillemoes.dk>, linux-hardening@...r.kernel.org Subject: Re: [PATCH v2 12/63] thermal: intel: int340x_thermal: Use struct_group() for memcpy() region On Wed, Aug 18, 2021 at 8:08 AM Kees Cook <keescook@...omium.org> wrote: > > In preparation for FORTIFY_SOURCE performing compile-time and run-time > field bounds checking for memcpy(), avoid intentionally writing across > neighboring fields. > > Use struct_group() in struct art around members weight, and ac[0-9]_max, > so they can be referenced together. This will allow memcpy() and sizeof() > to more easily reason about sizes, improve readability, and avoid future > warnings about writing beyond the end of weight. > > "pahole" shows no size nor member offset changes to struct art. > "objdump -d" shows no meaningful object code changes (i.e. only source > line number induced differences). > > Cc: Zhang Rui <rui.zhang@...el.com> > Cc: Daniel Lezcano <daniel.lezcano@...aro.org> > Cc: Amit Kucheria <amitk@...nel.org> > Cc: linux-pm@...r.kernel.org > Signed-off-by: Kees Cook <keescook@...omium.org> Rui, Srinivas, any comments here? > --- > .../intel/int340x_thermal/acpi_thermal_rel.c | 5 +- > .../intel/int340x_thermal/acpi_thermal_rel.h | 48 ++++++++++--------- > 2 files changed, 29 insertions(+), 24 deletions(-) > > diff --git a/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.c b/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.c > index a478cff8162a..e90690a234c4 100644 > --- a/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.c > +++ b/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.c > @@ -250,8 +250,9 @@ static int fill_art(char __user *ubuf) > get_single_name(arts[i].source, art_user[i].source_device); > get_single_name(arts[i].target, art_user[i].target_device); > /* copy the rest int data in addition to source and target */ > - memcpy(&art_user[i].weight, &arts[i].weight, > - sizeof(u64) * (ACPI_NR_ART_ELEMENTS - 2)); > + BUILD_BUG_ON(sizeof(art_user[i].data) != > + sizeof(u64) * (ACPI_NR_ART_ELEMENTS - 2)); > + memcpy(&art_user[i].data, &arts[i].data, sizeof(art_user[i].data)); > } > > if (copy_to_user(ubuf, art_user, art_len)) > diff --git a/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.h b/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.h > index 58822575fd54..78d942477035 100644 > --- a/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.h > +++ b/drivers/thermal/intel/int340x_thermal/acpi_thermal_rel.h > @@ -17,17 +17,19 @@ > struct art { > acpi_handle source; > acpi_handle target; > - u64 weight; > - u64 ac0_max; > - u64 ac1_max; > - u64 ac2_max; > - u64 ac3_max; > - u64 ac4_max; > - u64 ac5_max; > - u64 ac6_max; > - u64 ac7_max; > - u64 ac8_max; > - u64 ac9_max; > + struct_group(data, > + u64 weight; > + u64 ac0_max; > + u64 ac1_max; > + u64 ac2_max; > + u64 ac3_max; > + u64 ac4_max; > + u64 ac5_max; > + u64 ac6_max; > + u64 ac7_max; > + u64 ac8_max; > + u64 ac9_max; > + ); > } __packed; > > struct trt { > @@ -47,17 +49,19 @@ union art_object { > struct { > char source_device[8]; /* ACPI single name */ > char target_device[8]; /* ACPI single name */ > - u64 weight; > - u64 ac0_max_level; > - u64 ac1_max_level; > - u64 ac2_max_level; > - u64 ac3_max_level; > - u64 ac4_max_level; > - u64 ac5_max_level; > - u64 ac6_max_level; > - u64 ac7_max_level; > - u64 ac8_max_level; > - u64 ac9_max_level; > + struct_group(data, > + u64 weight; > + u64 ac0_max_level; > + u64 ac1_max_level; > + u64 ac2_max_level; > + u64 ac3_max_level; > + u64 ac4_max_level; > + u64 ac5_max_level; > + u64 ac6_max_level; > + u64 ac7_max_level; > + u64 ac8_max_level; > + u64 ac9_max_level; > + ); > }; > u64 __data[ACPI_NR_ART_ELEMENTS]; > }; > -- > 2.30.2 >
Powered by blists - more mailing lists