lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <2B4C6889-9AAC-4AF6-A2CB-9FCC0E479D2A@toblux.com>
Date: Fri, 1 Nov 2024 22:42:46 +0100
From: Thorsten Blum <thorsten.blum@...lux.com>
To: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc: kees@...nel.org,
 gustavoars@...nel.org,
 mcgrof@...nel.org,
 linux-kernel@...r.kernel.org,
 linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2] params: Annotate struct module_param_attrs with
 __counted_by()

On 1. Nov 2024, at 13:26, Andy Shevchenko wrote:
> On Fri, Aug 23, 2024 at 04:59:33PM +0200, Thorsten Blum wrote:
>> Add the __counted_by compiler attribute to the flexible array member
>> attrs to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
>> CONFIG_FORTIFY_SOURCE.
>> 
>> Increment num before adding a new param_attribute to the attrs array and
>> adjust the array index accordingly. Increment num immediately after the
>> first reallocation such that the reallocation for the NULL terminator
>> only needs to add 1 (instead of 2) to mk->mp->num.
>> 
>> Use struct_size() instead of manually calculating the size for the
>> reallocation.
>> 
>> Use krealloc_array() for the additional NULL terminator.
> 
> What is / was the resolution on this change? It seems it either fell in cracks
> or being abandoned.

There was a false-positive Clang issue with this patch [1] (and other
__counted_by() patches) that was mostly discussed here [2]. Clang has
since made some changes and there is a patch for the kernel [3].

I'll probably resend this patch once [3] has been merged.

Best,
Thorsten

[1] https://lore.kernel.org/r/20240913164630.GA4091534@thelio-3990X/
[2] https://lore.kernel.org/r/ZvV6X5FPBBW7CO1f@archlinux/
[3] https://lore.kernel.org/r/20241029140036.577804-1-kernel@jfarr.cc/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ