lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <202309231859.D8467DB23@keescook> Date: Sat, 23 Sep 2023 19:03:26 -0700 From: Kees Cook <keescook@...omium.org> To: Alex Elder <elder@...e.org> Cc: Jakub Kicinski <kuba@...nel.org>, Alex Elder <elder@...nel.org>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org, Jamal Hadi Salim <jhs@...atatu.com>, David Ahern <dsahern@...nel.org>, Martin KaFai Lau <martin.lau@...nel.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, Alexei Starovoitov <ast@...nel.org>, Yisen Zhuang <yisen.zhuang@...wei.com>, Salil Mehta <salil.mehta@...wei.com>, Claudiu Manoil <claudiu.manoil@....com>, Vladimir Oltean <vladimir.oltean@....com>, "K. Y. Srinivasan" <kys@...rosoft.com>, Haiyang Zhang <haiyangz@...rosoft.com>, Wei Liu <wei.liu@...nel.org>, Dexuan Cui <decui@...rosoft.com>, Long Li <longli@...rosoft.com>, Ajay Sharma <sharmaajay@...rosoft.com>, Pravin B Shelar <pshelar@....org>, Shaokun Zhang <zhangshaokun@...ilicon.com>, Cong Wang <xiyou.wangcong@...il.com>, Jiri Pirko <jiri@...nulli.us>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Tom Rix <trix@...hat.com>, Simon Horman <horms@...nel.org>, linux-kernel@...r.kernel.org, linux-hyperv@...r.kernel.org, linux-rdma@...r.kernel.org, dev@...nvswitch.org, linux-parisc@...r.kernel.org, llvm@...ts.linux.dev, linux-hardening@...r.kernel.org Subject: Re: [PATCH 08/14] net: ipa: Annotate struct ipa_power with __counted_by On Sat, Sep 23, 2023 at 07:09:19AM -0500, Alex Elder wrote: > On 9/22/23 12:28 PM, Kees Cook wrote: > > Prepare for the coming implementation by GCC and Clang of the __counted_by > > attribute. Flexible array members annotated with __counted_by can have > > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > > functions). > > > > As found with Coccinelle[1], add __counted_by for struct ipa_power. > > Looks good, thanks. > > Reviewed-by: Alex Elder <elder@...aro.org> > > Note that there is some interaction between struct ipa_power_data > and struct ipa_power (the former is used to initialize the latter). > Both of these contain flexible arrays counted by another field in > the structure. It seems possible that the way these are initialized > might need slight modification to allow the compiler to do its > enforcement; if that's the case, please reach out to me. I think it's all okay: struct ipa_power_data { u32 core_clock_rate; u32 interconnect_count; /* # entries in interconnect_data[] */ const struct ipa_interconnect_data *interconnect_data; }; "interconnect_data" here is a pointer, not a flexible array. (Yes, __counted_by is expected to be expanded in the future for pointers, but not yet.) Looking at initializers, I didn't see any problems with how struct ipa_power is allocated. Thanks for the heads-up; I'm sure I'll look at this again when we can further expand __counted_by to pointers. :) -Kees -- Kees Cook
Powered by blists - more mailing lists