| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Feb 2022 16:43:26 -0800
From: Kees Cook <keescook@...omium.org>
To: "Gustavo A . R . Silva" <gustavoars@...nel.org>
Cc: Kees Cook <keescook@...omium.org>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Keith Busch <kbusch@...nel.org>, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: [PATCH] overflow: Provide constant expression struct_size
There have been cases where struct_size() (or flex_array_size()) needs
to be calculated for an initializer, which requires it be a constant
expression. This is possible when the "count" argument is a constant
expression, so provide this ability for the helpers.
Signed-off-by: Kees Cook <keescook@...omium.org>
---
include/linux/overflow.h | 10 +++++++---
lib/test_overflow.c | 7 +++++++
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/include/linux/overflow.h b/include/linux/overflow.h
index 59d7228104d0..f1221d11f8e5 100644
--- a/include/linux/overflow.h
+++ b/include/linux/overflow.h
@@ -4,6 +4,7 @@
#include <linux/compiler.h>
#include <linux/limits.h>
+#include <linux/const.h>
/*
* We need to compute the minimum and maximum values representable in a given
@@ -221,8 +222,9 @@ static inline size_t __must_check size_sub(size_t minuend, size_t subtrahend)
* Return: number of bytes needed or SIZE_MAX on overflow.
*/
#define flex_array_size(p, member, count) \
- size_mul(count, \
- sizeof(*(p)->member) + __must_be_array((p)->member))
+ __builtin_choose_expr(__is_constexpr(count), \
+ (count) * sizeof(*(p)->member) + __must_be_array((p)->member), \
+ size_mul(count, sizeof(*(p)->member) + __must_be_array((p)->member)))
/**
* struct_size() - Calculate size of structure with trailing flexible array.
@@ -237,6 +239,8 @@ static inline size_t __must_check size_sub(size_t minuend, size_t subtrahend)
* Return: number of bytes needed or SIZE_MAX on overflow.
*/
#define struct_size(p, member, count) \
- size_add(sizeof(*(p)), flex_array_size(p, member, count))
+ __builtin_choose_expr(__is_constexpr(count), \
+ sizeof(*(p)) + flex_array_size(p, member, count), \
+ size_add(sizeof(*(p)), flex_array_size(p, member, count)))
#endif /* __LINUX_OVERFLOW_H */
diff --git a/lib/test_overflow.c b/lib/test_overflow.c
index 712fb2351c27..d488ffaf56be 100644
--- a/lib/test_overflow.c
+++ b/lib/test_overflow.c
@@ -602,11 +602,18 @@ struct __test_flex_array {
static int __init test_overflow_size_helpers(void)
{
+ /* Make sure struct_size() can be used in a constant expression. */
+ u8 ce_array[struct_size((struct __test_flex_array *)0, data, 55)];
struct __test_flex_array *obj;
int count = 0;
int err = 0;
int var;
+ /* Verify constant expression against runtime version. */
+ var = 55;
+ OPTIMIZER_HIDE_VAR(var);
+ err |= sizeof(ce_array) != struct_size(obj, data, var);
+
#define check_one_size_helper(expected, func, args...) ({ \
bool __failure = false; \
size_t _r; \
--
2.30.2
Powered by blists - more mailing lists