| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAPcyv4gNvnMEL3kOjTYJjYG=7-N=jUUg-5+EqVszEHgSvF+XOw@mail.gmail.com>
Date: Wed, 24 Mar 2021 12:08:20 -0700
From: Dan Williams <dan.j.williams@...el.com>
To: Ira Weiny <ira.weiny@...el.com>
Cc: Robert Richter <rrichter@....com>,
Alison Schofield <alison.schofield@...el.com>,
Vishal Verma <vishal.l.verma@...el.com>,
Ben Widawsky <ben.widawsky@...el.com>,
linux-cxl@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] cxl/mem: Force array size of mem_commands[] to CXL_MEM_COMMAND_ID_MAX
On Wed, Mar 24, 2021 at 11:43 AM Ira Weiny <ira.weiny@...el.com> wrote:
>
> On Wed, Mar 24, 2021 at 03:16:35PM +0100, Robert Richter wrote:
> > Typically the mem_commands[] array is in sync with 'enum { CXL_CMDS }'.
> > Current code works well.
> >
> > However, the array size of mem_commands[] may not strictly be the same
> > as CXL_MEM_COMMAND_ID_MAX. E.g. if a new CXL_CMD() is added that is
> > guarded by #ifdefs, the array could be shorter. This could lead then
> > further to an out-of-bounds array access in cxl_validate_cmd_from_user().
> >
> > Fix this by forcing the array size to CXL_MEM_COMMAND_ID_MAX. This
> > also adds range checks for array items in mem_commands[] at compile
> > time.
>
> Can't we use ARRAY_SIZE?
An ARRAY_SIZE() check in cxl_validate_cmd_from_user() would work too,
but it wouldn't give the compiler protection that Robert mentions for
going the other way where mem_commands tries to add an entry that is
out of bounds relative to CXL_CMDS.
Powered by blists - more mailing lists