[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAADnVQJWdiwoUqtF9CgKgkLD0oHeTaOkUhsfz0Y=0Ow+79KyxA@mail.gmail.com>
Date: Wed, 14 Aug 2024 08:46:38 -0700
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: Thorsten Blum <thorsten.blum@...lux.com>
Cc: Martin KaFai Lau <martin.lau@...ux.dev>, Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>, Andrii Nakryiko <andrii@...nel.org>, Eddy Z <eddyz87@...il.com>,
Song Liu <song@...nel.org>, Yonghong Song <yonghong.song@...ux.dev>,
John Fastabend <john.fastabend@...il.com>, KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
Kees Cook <kees@...nel.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, bpf <bpf@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] bpf: Annotate struct bpf_cand_cache with __counted_by()
On Tue, Aug 13, 2024 at 1:51 PM Thorsten Blum <thorsten.blum@...lux.com> wrote:
>
> On 13. Aug 2024, at 20:57, Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:
> > On Tue, Aug 13, 2024 at 10:59 AM Thorsten Blum <thorsten.blum@...lux.com> wrote:
> >> On 13. Aug 2024, at 18:28, Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:
> >>> On Tue, Aug 13, 2024 at 8:19 AM Thorsten Blum <thorsten.blum@...lux.com> wrote:
> >>>>
> >>>> Add the __counted_by compiler attribute to the flexible array member
> >>>> cands to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
> >>>> CONFIG_FORTIFY_SOURCE.
> >>>>
> >>>> Increment cnt before adding a new struct to the cands array.
> >>>
> >>> why? What happens otherwise?
> >>
> >> If you try to access cands->cands[cands->cnt] without incrementing
> >> cands->cnt first, you're essentially accessing the array out of bounds
> >> which will fail during runtime.
> >
> > What kind of error/warn do you see ?
> > Is it runtime or compile time?
>
> I get a runtime error with Clang 18 [3].
...
> [3] https://godbolt.org/z/cKee95777
This is user space.
I'm not asking about generic description of the counted_by feature.
I want to see the actual runtime report from the kernel.
Can it even compile the kernel with -fsanitize=undefined ?
pw-bot: cr
Powered by blists - more mailing lists