| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Apr 2018 16:31:50 -0700
From: Kees Cook <keescook@...omium.org>
To: Alasdair Kergon <agk@...hat.com>
Cc: Mike Snitzer <snitzer@...hat.com>,
LKML <linux-kernel@...r.kernel.org>, dm-devel@...hat.com,
Tycho Andersen <tycho@...ho.ws>
Subject: Re: [PATCH] dm/raid1: Remove VLA usage
On Tue, Apr 10, 2018 at 9:43 PM, Kees Cook <keescook@...omium.org> wrote:
> On the quest to remove all VLAs from the kernel[1], this avoids VLAs
> in dm-raid1.c by just using the maximum size for the stack arrays.
> The nr_mirrors value was already capped at 9, so this makes it a trivial
> adjustment to the array sizes.
>
> [1] https://lkml.org/lkml/2018/3/7/621
>
> Signed-off-by: Kees Cook <keescook@...omium.org>
Friendly ping... can someone take this, or should this go via another tree?
Thanks!
-Kees
> ---
> drivers/md/dm-raid1.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/md/dm-raid1.c b/drivers/md/dm-raid1.c
> index 580c49cc8079..5903e492bb34 100644
> --- a/drivers/md/dm-raid1.c
> +++ b/drivers/md/dm-raid1.c
> @@ -23,6 +23,8 @@
>
> #define MAX_RECOVERY 1 /* Maximum number of regions recovered in parallel. */
>
> +#define MAX_NR_MIRRORS (DM_KCOPYD_MAX_REGIONS + 1)
> +
> #define DM_RAID1_HANDLE_ERRORS 0x01
> #define DM_RAID1_KEEP_LOG 0x02
> #define errors_handled(p) ((p)->features & DM_RAID1_HANDLE_ERRORS)
> @@ -255,7 +257,7 @@ static int mirror_flush(struct dm_target *ti)
> unsigned long error_bits;
>
> unsigned int i;
> - struct dm_io_region io[ms->nr_mirrors];
> + struct dm_io_region io[MAX_NR_MIRRORS];
> struct mirror *m;
> struct dm_io_request io_req = {
> .bi_op = REQ_OP_WRITE,
> @@ -651,7 +653,7 @@ static void write_callback(unsigned long error, void *context)
> static void do_write(struct mirror_set *ms, struct bio *bio)
> {
> unsigned int i;
> - struct dm_io_region io[ms->nr_mirrors], *dest = io;
> + struct dm_io_region io[MAX_NR_MIRRORS], *dest = io;
> struct mirror *m;
> struct dm_io_request io_req = {
> .bi_op = REQ_OP_WRITE,
> @@ -1083,7 +1085,7 @@ static int mirror_ctr(struct dm_target *ti, unsigned int argc, char **argv)
> argc -= args_used;
>
> if (!argc || sscanf(argv[0], "%u%c", &nr_mirrors, &dummy) != 1 ||
> - nr_mirrors < 2 || nr_mirrors > DM_KCOPYD_MAX_REGIONS + 1) {
> + nr_mirrors < 2 || nr_mirrors > MAX_NR_MIRRORS) {
> ti->error = "Invalid number of mirrors";
> dm_dirty_log_destroy(dl);
> return -EINVAL;
> @@ -1404,7 +1406,7 @@ static void mirror_status(struct dm_target *ti, status_type_t type,
> int num_feature_args = 0;
> struct mirror_set *ms = (struct mirror_set *) ti->private;
> struct dm_dirty_log *log = dm_rh_dirty_log(ms->rh);
> - char buffer[ms->nr_mirrors + 1];
> + char buffer[MAX_NR_MIRRORS + 1];
>
> switch (type) {
> case STATUSTYPE_INFO:
> --
> 2.7.4
>
>
> --
> Kees Cook
> Pixel Security
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists