lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c815078e-67f9-4235-b66c-29f8bdd1a9e0@embeddedor.com>
Date: Tue, 30 Jul 2024 12:41:56 -0600
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Dmitry Antipov <dmantipov@...dex.ru>, Paolo Abeni <pabeni@...hat.com>
Cc: Kees Cook <kees@...nel.org>, netdev@...r.kernel.org,
 linux-hardening@...r.kernel.org
Subject: Re: [PATCH] net: core: use __counted_by for trailing VLA of struct
 sock_reuseport



On 30/07/24 10:04, Dmitry Antipov wrote:
> According to '__reuseport_alloc()', annotate trailing VLA 'sock' of

`socks` is a flexible-array member[1], not a VLA[2].

> 'struct sock_reuseport' with '__counted_by()' and use convenient
> 'struct_size()' to simplify the math used in 'kzalloc()'. >
> Signed-off-by: Dmitry Antipov <dmantipov@...dex.ru>

Looks correct.

Reviewed-by: Gustavo A. R. Silva <gustavoars@...nel.org>

> ---
>   include/net/sock_reuseport.h | 2 +-
>   net/core/sock_reuseport.c    | 7 +++----
>   2 files changed, 4 insertions(+), 5 deletions(-)
> 
> diff --git a/include/net/sock_reuseport.h b/include/net/sock_reuseport.h
> index 6ec140b0a61b..6e4faf3ee76f 100644
> --- a/include/net/sock_reuseport.h
> +++ b/include/net/sock_reuseport.h
> @@ -26,7 +26,7 @@ struct sock_reuseport {
>   	unsigned int		bind_inany:1;
>   	unsigned int		has_conns:1;
>   	struct bpf_prog __rcu	*prog;		/* optional BPF sock selector */
> -	struct sock		*socks[];	/* array of sock pointers */
> +	struct sock		*socks[] __counted_by(max_socks);
>   };
>   
>   extern int reuseport_alloc(struct sock *sk, bool bind_inany);
> diff --git a/net/core/sock_reuseport.c b/net/core/sock_reuseport.c
> index 5a165286e4d8..5eea73aaeb0f 100644
> --- a/net/core/sock_reuseport.c
> +++ b/net/core/sock_reuseport.c
> @@ -173,11 +173,10 @@ static bool __reuseport_detach_closed_sock(struct sock *sk,
>   
>   static struct sock_reuseport *__reuseport_alloc(unsigned int max_socks)
>   {
> -	unsigned int size = sizeof(struct sock_reuseport) +
> -		      sizeof(struct sock *) * max_socks;
> -	struct sock_reuseport *reuse = kzalloc(size, GFP_ATOMIC);
> +	struct sock_reuseport *reuse =
> +		kzalloc(struct_size(reuse, socks, max_socks), GFP_ATOMIC);
>   
> -	if (!reuse)
> +	if (unlikely(!reuse))
>   		return NULL;
>   
>   	reuse->max_socks = max_socks;
Thanks
--
Gustavo

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ