lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <cc4831d4-e0c7-418f-9fd3-b6c215d2633e@embeddedor.com> Date: Mon, 16 Oct 2023 16:13:17 -0600 From: "Gustavo A. R. Silva" <gustavo@...eddedor.com> To: Kees Cook <keescook@...omium.org>, Kent Overstreet <kent.overstreet@...ux.dev> Cc: Brian Foster <bfoster@...hat.com>, linux-bcachefs@...r.kernel.org, kernel test robot <lkp@...el.com>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH v2] bcachefs: Refactor bkey_i to use a flexible array On 10/16/23 15:27, Kees Cook wrote: > The memcpy() in bch2_bkey_append_ptr() is operating on an embedded > fake flexible array. Instead, make it explicit, and convert the memcpy > to target the flexible array instead. Fixes the W=1 warning seen for > -Wstringop-overflow: > > In file included from include/linux/string.h:254, > from include/linux/bitmap.h:11, > from include/linux/cpumask.h:12, > from include/linux/smp.h:13, > from include/linux/lockdep.h:14, > from include/linux/radix-tree.h:14, > from include/linux/backing-dev-defs.h:6, > from fs/bcachefs/bcachefs.h:182: > fs/bcachefs/extents.c: In function 'bch2_bkey_append_ptr': > include/linux/fortify-string.h:57:33: warning: writing 8 bytes into a region of size 0 [-Wstringop-overflow=] > 57 | #define __underlying_memcpy __builtin_memcpy > | ^ > include/linux/fortify-string.h:648:9: note: in expansion of macro '__underlying_memcpy' > 648 | __underlying_##op(p, q, __fortify_size); \ > | ^~~~~~~~~~~~~ > include/linux/fortify-string.h:693:26: note: in expansion of macro '__fortify_memcpy_chk' > 693 | #define memcpy(p, q, s) __fortify_memcpy_chk(p, q, s, \ > | ^~~~~~~~~~~~~~~~~~~~ > fs/bcachefs/extents.c:235:17: note: in expansion of macro 'memcpy' > 235 | memcpy((void *) &k->v + bkey_val_bytes(&k->k), > | ^~~~~~ > fs/bcachefs/bcachefs_format.h:287:33: note: destination object 'v' of size 0 > 287 | struct bch_val v; > | ^ > > Cc: Kent Overstreet <kent.overstreet@...ux.dev> > Cc: Brian Foster <bfoster@...hat.com> > Cc: linux-bcachefs@...r.kernel.org > Reported-by: kernel test robot <lkp@...el.com> > Closes: https://lore.kernel.org/oe-kbuild-all/202309192314.VBsjiIm5-lkp@intel.com/ > Signed-off-by: Kees Cook <keescook@...omium.org>' Yes. This looks good. Reviewed-by: Gustavo A. R. Silva <gustavoars@...nel.org> Thanks! -- Gustavo > --- > v2 - Change flex array name to "v_bytes" (bfoster) > v1 - https://lore.kernel.org/r/20231010235609.work.594-kees@kernel.org > --- > fs/bcachefs/bcachefs_format.h | 5 ++++- > fs/bcachefs/extents.h | 2 +- > 2 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/fs/bcachefs/bcachefs_format.h b/fs/bcachefs/bcachefs_format.h > index f0d130440baa..cb1af3799b59 100644 > --- a/fs/bcachefs/bcachefs_format.h > +++ b/fs/bcachefs/bcachefs_format.h > @@ -300,7 +300,10 @@ struct bkey_i { > __u64 _data[0]; > > struct bkey k; > - struct bch_val v; > + union { > + struct bch_val v; > + DECLARE_FLEX_ARRAY(__u8, v_bytes); > + }; > }; > > #define KEY(_inode, _offset, _size) \ > diff --git a/fs/bcachefs/extents.h b/fs/bcachefs/extents.h > index 7ee8d031bb6c..896fcfca4f21 100644 > --- a/fs/bcachefs/extents.h > +++ b/fs/bcachefs/extents.h > @@ -642,7 +642,7 @@ static inline void bch2_bkey_append_ptr(struct bkey_i *k, struct bch_extent_ptr > > ptr.type = 1 << BCH_EXTENT_ENTRY_ptr; > > - memcpy((void *) &k->v + bkey_val_bytes(&k->k), > + memcpy(&k->v_bytes[bkey_val_bytes(&k->k)], > &ptr, > sizeof(ptr)); > k->k.u64s++;
Powered by blists - more mailing lists