| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 May 2020 05:35:09 +0000
From: "Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>
To: "Gustavo A. R. Silva" <gustavoars@...nel.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
"Allan, Bruce W" <bruce.w.allan@...el.com>
CC: "intel-wired-lan@...ts.osuosl.org" <intel-wired-lan@...ts.osuosl.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"Gustavo A. R. Silva" <gustavo@...eddedor.com>,
Kees Cook <keescook@...omium.org>
Subject: RE: [PATCH net-next v3] ice: Replace one-element arrays with
flexible-arrays
> -----Original Message-----
> From: Gustavo A. R. Silva <gustavoars@...nel.org>
> Sent: Wednesday, May 27, 2020 07:11
> To: Kirsher, Jeffrey T <jeffrey.t.kirsher@...el.com>; David S. Miller
> <davem@...emloft.net>; Jakub Kicinski <kuba@...nel.org>
> Cc: intel-wired-lan@...ts.osuosl.org; netdev@...r.kernel.org; linux-
> kernel@...r.kernel.org; Gustavo A. R. Silva <gustavo@...eddedor.com>;
> Kees Cook <keescook@...omium.org>
> Subject: [PATCH net-next v3] ice: Replace one-element arrays with flexible-
> arrays
>
> The current codebase makes use of one-element arrays in the following
> form:
>
> struct something {
> int length;
> u8 data[1];
> };
>
> struct something *instance;
>
> instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
> instance->length = size;
> memcpy(instance->data, source, size);
>
> but the preferred mechanism to declare variable-length types such as these
> ones is a flexible array member[1][2], introduced in C99:
>
> struct foo {
> int stuff;
> struct boo array[];
> };
>
> By making use of the mechanism above, we will get a compiler warning in case
> the flexible array does not occur last in the structure, which will help us prevent
> some kind of undefined behavior bugs from being inadvertently introduced[3]
> to the codebase from now on. So, replace the one-element array with a
> flexible-array member.
>
> Also, make use of the offsetof() helper in order to simplify some macros and
> properly calculate the size of the structures that contain flexible-array members.
>
> This issue was found with the help of Coccinelle and, audited _manually_.
>
> [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
> [2] https://github.com/KSPP/linux/issues/21
> [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
>
> Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
[Kirsher, Jeffrey T]
Thanks Gustavo, but we (or I should say Bruce Allan) already has a patch to resolve this,
and is a bit more thorough. I will make sure you get CC'd on the patch, for your review.
> ---
> Changes in v3:
> - We still can simply the code even more by using offsetof() just once. :)
>
> Changes in v2:
> - Use offsetof(struct ice_aqc_sw_rules_elem, pdata) instead of
> sizeof(struct ice_aqc_sw_rules_elem) - sizeof(((struct ice_aqc_sw_rules_elem
> *)0)->pdata)
> - Update changelog text.
>
> .../net/ethernet/intel/ice/ice_adminq_cmd.h | 6 ++---
> drivers/net/ethernet/intel/ice/ice_switch.c | 23 ++++++-------------
> 2 files changed, 10 insertions(+), 19 deletions(-)
>
Powered by blists - more mailing lists