lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20231019003232.5uwphr7de7nybsra@moria.home.lan> Date: Wed, 18 Oct 2023 20:32:32 -0400 From: Kent Overstreet <kent.overstreet@...ux.dev> To: Kees Cook <keescook@...omium.org> Cc: Brian Foster <bfoster@...hat.com>, linux-bcachefs@...r.kernel.org, kernel test robot <lkp@...el.com>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH v3] bcachefs: Refactor memcpy into direct assignment On Wed, Oct 18, 2023 at 04:07:32PM -0700, Kees Cook wrote: > The memcpy() in bch2_bkey_append_ptr() is operating on an embedded fake > flexible array which looks to the compiler like it has 0 size. This > causes W=1 builds to emit warnings due to -Wstringop-overflow: > > In file included from include/linux/string.h:254, > from include/linux/bitmap.h:11, > from include/linux/cpumask.h:12, > from include/linux/smp.h:13, > from include/linux/lockdep.h:14, > from include/linux/radix-tree.h:14, > from include/linux/backing-dev-defs.h:6, > from fs/bcachefs/bcachefs.h:182: > fs/bcachefs/extents.c: In function 'bch2_bkey_append_ptr': > include/linux/fortify-string.h:57:33: warning: writing 8 bytes into a region of size 0 [-Wstringop-overflow=] > 57 | #define __underlying_memcpy __builtin_memcpy > | ^ > include/linux/fortify-string.h:648:9: note: in expansion of macro '__underlying_memcpy' > 648 | __underlying_##op(p, q, __fortify_size); \ > | ^~~~~~~~~~~~~ > include/linux/fortify-string.h:693:26: note: in expansion of macro '__fortify_memcpy_chk' > 693 | #define memcpy(p, q, s) __fortify_memcpy_chk(p, q, s, \ > | ^~~~~~~~~~~~~~~~~~~~ > fs/bcachefs/extents.c:235:17: note: in expansion of macro 'memcpy' > 235 | memcpy((void *) &k->v + bkey_val_bytes(&k->k), > | ^~~~~~ > fs/bcachefs/bcachefs_format.h:287:33: note: destination object 'v' of size 0 > 287 | struct bch_val v; > | ^ > > Avoid making any structure changes and just replace the u64 copy into a > direct assignment, side-stepping the entire problem. This does make me wonder about the usefulness of the fortify source stuff if it can be sidestepped this way, but hey, I'll take it :) Pulled it into the testing branch, https://evilpiepirate.org/~testdashboard/ci?branch=bcachefs-testing
Powered by blists - more mailing lists