lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Jan 2022 23:39:35 -0800 From: Kees Cook <keescook@...omium.org> To: Mat Martineau <mathew.j.martineau@...ux.intel.com> Cc: Kees Cook <keescook@...omium.org>, Matthieu Baerts <matthieu.baerts@...sares.net>, "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org, mptcp@...ts.linux.dev, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: [PATCH] mptcp: Use struct_group() to avoid cross-field memset() In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memcpy(), memmove(), and memset(), avoid intentionally writing across neighboring fields. Use struct_group() to capture the fields to be reset, so that memset() can be appropriately bounds-checked by the compiler. Cc: Mat Martineau <mathew.j.martineau@...ux.intel.com> Cc: Matthieu Baerts <matthieu.baerts@...sares.net> Cc: "David S. Miller" <davem@...emloft.net> Cc: Jakub Kicinski <kuba@...nel.org> Cc: netdev@...r.kernel.org Cc: mptcp@...ts.linux.dev Signed-off-by: Kees Cook <keescook@...omium.org> --- net/mptcp/protocol.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 0e6b42c76ea0..85317ce38e3f 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -408,7 +408,7 @@ DECLARE_PER_CPU(struct mptcp_delegated_action, mptcp_delegated_actions); struct mptcp_subflow_context { struct list_head node;/* conn_list of subflows */ - char reset_start[0]; + struct_group(reset, unsigned long avg_pacing_rate; /* protected by msk socket lock */ u64 local_key; @@ -458,7 +458,7 @@ struct mptcp_subflow_context { long delegated_status; - char reset_end[0]; + ); struct list_head delegated_node; /* link into delegated_action, protected by local BH */ @@ -494,7 +494,7 @@ mptcp_subflow_tcp_sock(const struct mptcp_subflow_context *subflow) static inline void mptcp_subflow_ctx_reset(struct mptcp_subflow_context *subflow) { - memset(subflow->reset_start, 0, subflow->reset_end - subflow->reset_start); + memset(&subflow->reset, 0, sizeof(subflow->reset)); subflow->request_mptcp = 1; } -- 2.30.2
Powered by blists - more mailing lists