| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202309251043.2D1F7D08@keescook> Date: Mon, 25 Sep 2023 10:50:02 -0700 From: Kees Cook <keescook@...omium.org> To: Andrzej Hajda <andrzej.hajda@...el.com> Cc: David Airlie <airlied@...il.com>, Jani Nikula <jani.nikula@...ux.intel.com>, Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>, Rodrigo Vivi <rodrigo.vivi@...el.com>, Tvrtko Ursulin <tvrtko.ursulin@...ux.intel.com>, Daniel Vetter <daniel@...ll.ch>, Chris Wilson <chris@...is-wilson.co.uk>, John Harrison <john.c.harrison@...el.com>, Andi Shyti <andi.shyti@...ux.intel.com>, Matthew Brost <matthew.brost@...el.com>, intel-gfx@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org, Emma Anholt <emma@...olt.net>, Evan Quan <evan.quan@....com>, Alex Deucher <alexander.deucher@....com>, Christian König <christian.koenig@....com>, "Pan, Xinhui" <Xinhui.Pan@....com>, Xiaojian Du <Xiaojian.Du@....com>, Huang Rui <ray.huang@....com>, Kevin Wang <kevin1.wang@....com>, Hawking Zhang <Hawking.Zhang@....com>, Rob Clark <robdclark@...il.com>, Abhinav Kumar <quic_abhinavk@...cinc.com>, Dmitry Baryshkov <dmitry.baryshkov@...aro.org>, Sean Paul <sean@...rly.run>, Marijn Suijten <marijn.suijten@...ainline.org>, Bjorn Andersson <andersson@...nel.org>, Ben Skeggs <bskeggs@...hat.com>, Karol Herbst <kherbst@...hat.com>, Lyude Paul <lyude@...hat.com>, Maxime Ripard <mripard@...nel.org>, David Airlie <airlied@...hat.com>, Gerd Hoffmann <kraxel@...hat.com>, Gurchetan Singh <gurchetansingh@...omium.org>, Chia-I Wu <olvaffe@...il.com>, Zack Rusin <zackr@...are.com>, VMware Graphics Reviewers <linux-graphics-maintainer@...are.com>, Melissa Wen <mwen@...lia.com>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Tom Rix <trix@...hat.com>, Le Ma <le.ma@....com>, Lijo Lazar <lijo.lazar@....com>, Yifan Zhang <yifan1.zhang@....com>, Prike Liang <Prike.Liang@....com>, Lang Yu <Lang.Yu@....com>, Tejas Upadhyay <tejas.upadhyay@...el.com>, Nirmoy Das <nirmoy.das@...el.com>, Neil Armstrong <neil.armstrong@...aro.org>, Kuogee Hsieh <quic_khsieh@...cinc.com>, linux-kernel@...r.kernel.org, amd-gfx@...ts.freedesktop.org, linux-arm-msm@...r.kernel.org, freedreno@...ts.freedesktop.org, nouveau@...ts.freedesktop.org, virtualization@...ts.linux-foundation.org, llvm@...ts.linux.dev, linux-hardening@...r.kernel.org Subject: Re: [PATCH 3/9] drm/i915/selftests: Annotate struct perf_series with __counted_by On Mon, Sep 25, 2023 at 12:08:36PM +0200, Andrzej Hajda wrote: > > > On 22.09.2023 19:32, Kees Cook wrote: > > Prepare for the coming implementation by GCC and Clang of the __counted_by > > attribute. Flexible array members annotated with __counted_by can have > > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > > functions). > > > > As found with Coccinelle[1], add __counted_by for struct perf_series. > > > > [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > > > Cc: Jani Nikula <jani.nikula@...ux.intel.com> > > Cc: Joonas Lahtinen <joonas.lahtinen@...ux.intel.com> > > Cc: Rodrigo Vivi <rodrigo.vivi@...el.com> > > Cc: Tvrtko Ursulin <tvrtko.ursulin@...ux.intel.com> > > Cc: David Airlie <airlied@...il.com> > > Cc: Daniel Vetter <daniel@...ll.ch> > > Cc: Chris Wilson <chris@...is-wilson.co.uk> > > Cc: John Harrison <john.c.harrison@...el.com> > > Cc: Andi Shyti <andi.shyti@...ux.intel.com> > > Cc: Matthew Brost <matthew.brost@...el.com> > > Cc: intel-gfx@...ts.freedesktop.org > > Cc: dri-devel@...ts.freedesktop.org > > Signed-off-by: Kees Cook <keescook@...omium.org> > > I am surprised this is the only finding in i915, I would expected more. I'm sure there are more, but it's likely my Coccinelle pattern didn't catch it. There are many many flexible arrays in drm. :) $ grep -nRH '\[\];$' drivers/gpu/drm include/uapi/drm | grep -v :extern | wc -l 122 If anyone has some patterns I can add to the Coccinelle script, I can take another pass at it. > Anyway: > > Reviewed-by: Andrzej Hajda <andrzej.hajda@...el.com> Thank you! -Kees -- Kees Cook
Powered by blists - more mailing lists