| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202309231859.D8467DB23@keescook>
Date: Sat, 23 Sep 2023 19:03:26 -0700
From: Kees Cook <keescook@...omium.org>
To: Alex Elder <elder@...e.org>
Cc: Jakub Kicinski <kuba@...nel.org>, Alex Elder <elder@...nel.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
netdev@...r.kernel.org, Jamal Hadi Salim <jhs@...atatu.com>,
David Ahern <dsahern@...nel.org>,
Martin KaFai Lau <martin.lau@...nel.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Yisen Zhuang <yisen.zhuang@...wei.com>,
Salil Mehta <salil.mehta@...wei.com>,
Claudiu Manoil <claudiu.manoil@....com>,
Vladimir Oltean <vladimir.oltean@....com>,
"K. Y. Srinivasan" <kys@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
Wei Liu <wei.liu@...nel.org>, Dexuan Cui <decui@...rosoft.com>,
Long Li <longli@...rosoft.com>,
Ajay Sharma <sharmaajay@...rosoft.com>,
Pravin B Shelar <pshelar@....org>,
Shaokun Zhang <zhangshaokun@...ilicon.com>,
Cong Wang <xiyou.wangcong@...il.com>, Jiri Pirko <jiri@...nulli.us>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Tom Rix <trix@...hat.com>, Simon Horman <horms@...nel.org>,
linux-kernel@...r.kernel.org, linux-hyperv@...r.kernel.org,
linux-rdma@...r.kernel.org, dev@...nvswitch.org,
linux-parisc@...r.kernel.org, llvm@...ts.linux.dev,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH 08/14] net: ipa: Annotate struct ipa_power with
__counted_by
On Sat, Sep 23, 2023 at 07:09:19AM -0500, Alex Elder wrote:
> On 9/22/23 12:28 PM, Kees Cook wrote:
> > Prepare for the coming implementation by GCC and Clang of the __counted_by
> > attribute. Flexible array members annotated with __counted_by can have
> > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
> > functions).
> >
> > As found with Coccinelle[1], add __counted_by for struct ipa_power.
>
> Looks good, thanks.
>
> Reviewed-by: Alex Elder <elder@...aro.org>
>
> Note that there is some interaction between struct ipa_power_data
> and struct ipa_power (the former is used to initialize the latter).
> Both of these contain flexible arrays counted by another field in
> the structure. It seems possible that the way these are initialized
> might need slight modification to allow the compiler to do its
> enforcement; if that's the case, please reach out to me.
I think it's all okay:
struct ipa_power_data {
u32 core_clock_rate;
u32 interconnect_count; /* # entries in interconnect_data[] */
const struct ipa_interconnect_data *interconnect_data;
};
"interconnect_data" here is a pointer, not a flexible array. (Yes,
__counted_by is expected to be expanded in the future for pointers,
but not yet.) Looking at initializers, I didn't see any problems with
how struct ipa_power is allocated.
Thanks for the heads-up; I'm sure I'll look at this again when we can
further expand __counted_by to pointers. :)
-Kees
--
Kees Cook
Powered by blists - more mailing lists