lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 5 Apr 2023 17:43:13 -0700
From:   Dan Williams <dan.j.williams@...el.com>
To:     Kees Cook <kees@...flux.net>,
        Dan Williams <dan.j.williams@...el.com>,
        "Rafael J. Wysocki" <rjw@...ysocki.net>,
        Linux ACPI <linux-acpi@...r.kernel.org>
CC:     LKML <linux-kernel@...r.kernel.org>,
        Bob Moore <robert.moore@...el.com>
Subject: RE: [PATCH 22/32] ACPICA: actbl2: Replace 1-element arrays with
 flexible arrays

Kees Cook wrote:
> 
> 
> On April 5, 2023 5:22:55 PM PDT, Dan Williams <dan.j.williams@...el.com> wrote:
> >Dan Williams wrote:
> >> Rafael J. Wysocki wrote:
> >> > From: Kees Cook <kees@...flux.net>
> >> > 
> >> > ACPICA commit 44f1af0664599e87bebc3a1260692baa27b2f264
> >> > 
> >> > Similar to "Replace one-element array with flexible-array", replace the
> >> > 1-element array with a proper flexible array member as defined by C99.
> >> > 
> >> > This allows the code to operate without tripping compile-time and run-
> >> > time bounds checkers (e.g. via __builtin_object_size(), -fsanitize=bounds,
> >> > and/or -fstrict-flex-arrays=3).
> >> > 
> >> > The sizeof() uses with struct acpi_nfit_flush_address and struct
> >> > acpi_nfit_smbios have been adjusted to drop the open-coded subtraction
> >> > of the trailing single element. The result is no binary differences in
> >> > .text nor .data sections.
> >> > 
> >> > Link: https://github.com/acpica/acpica/commit/44f1af06
> >> > Signed-off-by: Bob Moore <robert.moore@...el.com>
> >> > Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@...el.com>
> >> 
> >> Reviewed-by: Dan Williams <dan.j.williams@...el.com>
> >
> >Unit tests say NAK, though.
> >
> >This causes a regression, but I think I see where. Will send a fixed
> >patch in a bit.
> 
> Ah, which tests? I must have missed something!

You're doubly forgiven for not running them because 1/ they typically
require setting up a VM, and 2/ they've been broken since v6.3-rc1 due
to where the test modules moved.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ