* [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator @ 2026-04-06 17:58 Thorsten Blum 2026-04-06 17:58 ` [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by Thorsten Blum 2026-04-09 2:39 ` [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator Jakub Kicinski 0 siblings, 2 replies; 11+ messages in thread From: Thorsten Blum @ 2026-04-06 17:58 UTC (permalink / raw) To: David S. Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni, Simon Horman, Tim Bird, Thorsten Blum Cc: netdev, linux-kernel In dns_resolver_preparse(), do not NUL-terminate ->data and allocate one byte less. The NUL terminator is never used and only ->datalen bytes are accessed. Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> --- net/dns_resolver/dns_key.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/dns_resolver/dns_key.c b/net/dns_resolver/dns_key.c index c3c8c3240ef9..451247864a63 100644 --- a/net/dns_resolver/dns_key.c +++ b/net/dns_resolver/dns_key.c @@ -203,7 +203,7 @@ dns_resolver_preparse(struct key_preparsed_payload *prep) kdebug("store result"); prep->quotalen = result_len; - upayload = kmalloc_flex(*upayload, data, result_len + 1); + upayload = kmalloc_flex(*upayload, data, result_len); if (!upayload) { kleave(" = -ENOMEM"); return -ENOMEM; @@ -211,7 +211,6 @@ dns_resolver_preparse(struct key_preparsed_payload *prep) upayload->datalen = result_len; memcpy(upayload->data, data, result_len); - upayload->data[result_len] = '\0'; prep->payload.data[dns_key_data] = upayload; kleave(" = 0"); ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-06 17:58 [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator Thorsten Blum @ 2026-04-06 17:58 ` Thorsten Blum 2026-04-08 9:02 ` Jarkko Sakkinen 2026-04-09 2:39 ` [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator Jakub Kicinski 1 sibling, 1 reply; 11+ messages in thread From: Thorsten Blum @ 2026-04-06 17:58 UTC (permalink / raw) To: David Howells, Jarkko Sakkinen, Kees Cook, Gustavo A. R. Silva Cc: Thorsten Blum, keyrings, linux-kernel, linux-hardening Add the __counted_by() compiler attribute to the flexible array member 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> --- include/keys/user-type.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/keys/user-type.h b/include/keys/user-type.h index 386c31432789..2305991f4fcd 100644 --- a/include/keys/user-type.h +++ b/include/keys/user-type.h @@ -27,7 +27,8 @@ struct user_key_payload { struct rcu_head rcu; /* RCU destructor */ unsigned short datalen; /* length of this data */ - char data[] __aligned(__alignof__(u64)); /* actual data */ + char data[] /* actual data */ + __aligned(__alignof__(u64)) __counted_by(datalen); }; extern struct key_type key_type_user; ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-06 17:58 ` [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by Thorsten Blum @ 2026-04-08 9:02 ` Jarkko Sakkinen 2026-04-08 12:21 ` Thorsten Blum 0 siblings, 1 reply; 11+ messages in thread From: Jarkko Sakkinen @ 2026-04-08 9:02 UTC (permalink / raw) To: Thorsten Blum Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > Add the __counted_by() compiler attribute to the flexible array member > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > CONFIG_FORTIFY_SOURCE. > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > --- > include/keys/user-type.h | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > index 386c31432789..2305991f4fcd 100644 > --- a/include/keys/user-type.h > +++ b/include/keys/user-type.h > @@ -27,7 +27,8 @@ > struct user_key_payload { > struct rcu_head rcu; /* RCU destructor */ > unsigned short datalen; /* length of this data */ > - char data[] __aligned(__alignof__(u64)); /* actual data */ > + char data[] /* actual data */ > + __aligned(__alignof__(u64)) __counted_by(datalen); > }; > > extern struct key_type key_type_user; You don't provide any evidence of any improvement. BR, Jarkko ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-08 9:02 ` Jarkko Sakkinen @ 2026-04-08 12:21 ` Thorsten Blum 2026-04-14 23:58 ` Jarkko Sakkinen 0 siblings, 1 reply; 11+ messages in thread From: Thorsten Blum @ 2026-04-08 12:21 UTC (permalink / raw) To: Jarkko Sakkinen Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > Add the __counted_by() compiler attribute to the flexible array member > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > CONFIG_FORTIFY_SOURCE. > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > --- > > include/keys/user-type.h | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > index 386c31432789..2305991f4fcd 100644 > > --- a/include/keys/user-type.h > > +++ b/include/keys/user-type.h > > @@ -27,7 +27,8 @@ > > struct user_key_payload { > > struct rcu_head rcu; /* RCU destructor */ > > unsigned short datalen; /* length of this data */ > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > + char data[] /* actual data */ > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > }; > > > > extern struct key_type key_type_user; > > You don't provide any evidence of any improvement. It's a proactive hardening change to help avoid future mistakes. The __counted_by() annotation makes the bounds visible to the compiler and at runtime so that future ->data accesses can be checked against ->datalen. The current code is correct regarding ->data accesses and doesn't require any changes. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-08 12:21 ` Thorsten Blum @ 2026-04-14 23:58 ` Jarkko Sakkinen 2026-04-15 9:40 ` Thorsten Blum 0 siblings, 1 reply; 11+ messages in thread From: Jarkko Sakkinen @ 2026-04-14 23:58 UTC (permalink / raw) To: Thorsten Blum Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Wed, Apr 08, 2026 at 02:21:19PM +0200, Thorsten Blum wrote: > On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > > Add the __counted_by() compiler attribute to the flexible array member > > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > > CONFIG_FORTIFY_SOURCE. > > > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > > --- > > > include/keys/user-type.h | 3 ++- > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > > index 386c31432789..2305991f4fcd 100644 > > > --- a/include/keys/user-type.h > > > +++ b/include/keys/user-type.h > > > @@ -27,7 +27,8 @@ > > > struct user_key_payload { > > > struct rcu_head rcu; /* RCU destructor */ > > > unsigned short datalen; /* length of this data */ > > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > > + char data[] /* actual data */ > > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > > }; > > > > > > extern struct key_type key_type_user; > > > > You don't provide any evidence of any improvement. > > It's a proactive hardening change to help avoid future mistakes. > > The __counted_by() annotation makes the bounds visible to the compiler > and at runtime so that future ->data accesses can be checked against > ->datalen. > > The current code is correct regarding ->data accesses and doesn't > require any changes. OK I'll buy that but send +1 version: ~/work/kernel.org/jarkko/linux-tpmdd next ❯ git am -3 20260406_thorsten_blum_keys_dns_drop_unused_upayload_data_nul_terminator.mbx Applying: keys, dns: drop unused upayload->data NUL terminator error: sha1 information is lacking or useless (net/dns_resolver/dns_key.c). error: could not build fake ancestor Patch failed at 0001 keys, dns: drop unused upayload->data NUL terminator hint: Use 'git am --show-current-patch=diff' to see the failed patch When you have resolved this problem, run "git am --continue". If you prefer to skip this patch, run "git am --skip" instead. To restore the original branch and stop patching, run "git am --abort". BR, Jarkko ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-14 23:58 ` Jarkko Sakkinen @ 2026-04-15 9:40 ` Thorsten Blum 2026-04-15 12:08 ` Jarkko Sakkinen 0 siblings, 1 reply; 11+ messages in thread From: Thorsten Blum @ 2026-04-15 9:40 UTC (permalink / raw) To: Jarkko Sakkinen Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Wed, Apr 15, 2026 at 02:58:05AM +0300, Jarkko Sakkinen wrote: > On Wed, Apr 08, 2026 at 02:21:19PM +0200, Thorsten Blum wrote: > > On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > > > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > > > Add the __counted_by() compiler attribute to the flexible array member > > > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > > > CONFIG_FORTIFY_SOURCE. > > > > > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > > > --- > > > > include/keys/user-type.h | 3 ++- > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > > > index 386c31432789..2305991f4fcd 100644 > > > > --- a/include/keys/user-type.h > > > > +++ b/include/keys/user-type.h > > > > @@ -27,7 +27,8 @@ > > > > struct user_key_payload { > > > > struct rcu_head rcu; /* RCU destructor */ > > > > unsigned short datalen; /* length of this data */ > > > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > > > + char data[] /* actual data */ > > > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > > > }; > > > > > > > > extern struct key_type key_type_user; > > > > > > You don't provide any evidence of any improvement. > > > > It's a proactive hardening change to help avoid future mistakes. > > > > The __counted_by() annotation makes the bounds visible to the compiler > > and at runtime so that future ->data accesses can be checked against > > ->datalen. > > > > The current code is correct regarding ->data accesses and doesn't > > require any changes. > > OK I'll buy that but send +1 version: > > ~/work/kernel.org/jarkko/linux-tpmdd next > ❯ git am -3 20260406_thorsten_blum_keys_dns_drop_unused_upayload_data_nul_terminator.mbx > Applying: keys, dns: drop unused upayload->data NUL terminator > error: sha1 information is lacking or useless (net/dns_resolver/dns_key.c). > error: could not build fake ancestor > Patch failed at 0001 keys, dns: drop unused upayload->data NUL terminator > hint: Use 'git am --show-current-patch=diff' to see the failed patch > When you have resolved this problem, run "git am --continue". > If you prefer to skip this patch, run "git am --skip" instead. > To restore the original branch and stop patching, run "git am --abort". AFAICT, linux-tpmdd/next is missing this change: https://lore.kernel.org/all/20260226214930.785423-3-thorsten.blum@linux.dev/ ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-15 9:40 ` Thorsten Blum @ 2026-04-15 12:08 ` Jarkko Sakkinen 2026-04-16 10:13 ` Thorsten Blum 0 siblings, 1 reply; 11+ messages in thread From: Jarkko Sakkinen @ 2026-04-15 12:08 UTC (permalink / raw) To: Thorsten Blum Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Wed, Apr 15, 2026 at 11:40:26AM +0200, Thorsten Blum wrote: > On Wed, Apr 15, 2026 at 02:58:05AM +0300, Jarkko Sakkinen wrote: > > On Wed, Apr 08, 2026 at 02:21:19PM +0200, Thorsten Blum wrote: > > > On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > > > > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > > > > Add the __counted_by() compiler attribute to the flexible array member > > > > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > > > > CONFIG_FORTIFY_SOURCE. > > > > > > > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > > > > --- > > > > > include/keys/user-type.h | 3 ++- > > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > > > > index 386c31432789..2305991f4fcd 100644 > > > > > --- a/include/keys/user-type.h > > > > > +++ b/include/keys/user-type.h > > > > > @@ -27,7 +27,8 @@ > > > > > struct user_key_payload { > > > > > struct rcu_head rcu; /* RCU destructor */ > > > > > unsigned short datalen; /* length of this data */ > > > > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > > > > + char data[] /* actual data */ > > > > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > > > > }; > > > > > > > > > > extern struct key_type key_type_user; > > > > > > > > You don't provide any evidence of any improvement. > > > > > > It's a proactive hardening change to help avoid future mistakes. > > > > > > The __counted_by() annotation makes the bounds visible to the compiler > > > and at runtime so that future ->data accesses can be checked against > > > ->datalen. > > > > > > The current code is correct regarding ->data accesses and doesn't > > > require any changes. > > > > OK I'll buy that but send +1 version: > > > > ~/work/kernel.org/jarkko/linux-tpmdd next > > ❯ git am -3 20260406_thorsten_blum_keys_dns_drop_unused_upayload_data_nul_terminator.mbx > > Applying: keys, dns: drop unused upayload->data NUL terminator > > error: sha1 information is lacking or useless (net/dns_resolver/dns_key.c). > > error: could not build fake ancestor > > Patch failed at 0001 keys, dns: drop unused upayload->data NUL terminator > > hint: Use 'git am --show-current-patch=diff' to see the failed patch > > When you have resolved this problem, run "git am --continue". > > If you prefer to skip this patch, run "git am --skip" instead. > > To restore the original branch and stop patching, run "git am --abort". > > AFAICT, linux-tpmdd/next is missing this change: > > https://lore.kernel.org/all/20260226214930.785423-3-thorsten.blum@linux.dev/ By pratical means, that is lacking any proper commit message. BR, Jarkko ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-15 12:08 ` Jarkko Sakkinen @ 2026-04-16 10:13 ` Thorsten Blum 2026-04-19 12:06 ` Jarkko Sakkinen 0 siblings, 1 reply; 11+ messages in thread From: Thorsten Blum @ 2026-04-16 10:13 UTC (permalink / raw) To: Jarkko Sakkinen Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Wed, Apr 15, 2026 at 03:08:33PM +0300, Jarkko Sakkinen wrote: > On Wed, Apr 15, 2026 at 11:40:26AM +0200, Thorsten Blum wrote: > > On Wed, Apr 15, 2026 at 02:58:05AM +0300, Jarkko Sakkinen wrote: > > > On Wed, Apr 08, 2026 at 02:21:19PM +0200, Thorsten Blum wrote: > > > > On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > > > > > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > > > > > Add the __counted_by() compiler attribute to the flexible array member > > > > > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > > > > > CONFIG_FORTIFY_SOURCE. > > > > > > > > > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > > > > > --- > > > > > > include/keys/user-type.h | 3 ++- > > > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > > > > > index 386c31432789..2305991f4fcd 100644 > > > > > > --- a/include/keys/user-type.h > > > > > > +++ b/include/keys/user-type.h > > > > > > @@ -27,7 +27,8 @@ > > > > > > struct user_key_payload { > > > > > > struct rcu_head rcu; /* RCU destructor */ > > > > > > unsigned short datalen; /* length of this data */ > > > > > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > > > > > + char data[] /* actual data */ > > > > > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > > > > > }; > > > > > > > > > > > > extern struct key_type key_type_user; > > > > > > > > > > You don't provide any evidence of any improvement. > > > > > > > > It's a proactive hardening change to help avoid future mistakes. > > > > > > > > The __counted_by() annotation makes the bounds visible to the compiler > > > > and at runtime so that future ->data accesses can be checked against > > > > ->datalen. > > > > > > > > The current code is correct regarding ->data accesses and doesn't > > > > require any changes. > > > > > > OK I'll buy that but send +1 version: > > > > > > ~/work/kernel.org/jarkko/linux-tpmdd next > > > ❯ git am -3 20260406_thorsten_blum_keys_dns_drop_unused_upayload_data_nul_terminator.mbx > > > Applying: keys, dns: drop unused upayload->data NUL terminator > > > error: sha1 information is lacking or useless (net/dns_resolver/dns_key.c). > > > error: could not build fake ancestor > > > Patch failed at 0001 keys, dns: drop unused upayload->data NUL terminator > > > hint: Use 'git am --show-current-patch=diff' to see the failed patch > > > When you have resolved this problem, run "git am --continue". > > > If you prefer to skip this patch, run "git am --skip" instead. > > > To restore the original branch and stop patching, run "git am --abort". > > > > AFAICT, linux-tpmdd/next is missing this change: > > > > https://lore.kernel.org/all/20260226214930.785423-3-thorsten.blum@linux.dev/ > > By pratical means, that is lacking any proper commit message. My point was that it has been in linux-next since February, but it's missing in linux-tpmdd/next, which is why patch 1/2 doesn't apply. I'll send a new version with 'char data[] __aligned(8) ...' on a single line in patch 2/2 after the merge window - please let me know if there's anything else that should be changed. Thanks, Thorsten ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-16 10:13 ` Thorsten Blum @ 2026-04-19 12:06 ` Jarkko Sakkinen 2026-04-19 12:09 ` Jarkko Sakkinen 0 siblings, 1 reply; 11+ messages in thread From: Jarkko Sakkinen @ 2026-04-19 12:06 UTC (permalink / raw) To: Thorsten Blum Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Thu, Apr 16, 2026 at 12:13:28PM +0200, Thorsten Blum wrote: > On Wed, Apr 15, 2026 at 03:08:33PM +0300, Jarkko Sakkinen wrote: > > On Wed, Apr 15, 2026 at 11:40:26AM +0200, Thorsten Blum wrote: > > > On Wed, Apr 15, 2026 at 02:58:05AM +0300, Jarkko Sakkinen wrote: > > > > On Wed, Apr 08, 2026 at 02:21:19PM +0200, Thorsten Blum wrote: > > > > > On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > > > > > > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > > > > > > Add the __counted_by() compiler attribute to the flexible array member > > > > > > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > > > > > > CONFIG_FORTIFY_SOURCE. > > > > > > > > > > > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > > > > > > --- > > > > > > > include/keys/user-type.h | 3 ++- > > > > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > > > > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > > > > > > index 386c31432789..2305991f4fcd 100644 > > > > > > > --- a/include/keys/user-type.h > > > > > > > +++ b/include/keys/user-type.h > > > > > > > @@ -27,7 +27,8 @@ > > > > > > > struct user_key_payload { > > > > > > > struct rcu_head rcu; /* RCU destructor */ > > > > > > > unsigned short datalen; /* length of this data */ > > > > > > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > > > > > > + char data[] /* actual data */ > > > > > > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > > > > > > }; > > > > > > > > > > > > > > extern struct key_type key_type_user; > > > > > > > > > > > > You don't provide any evidence of any improvement. > > > > > > > > > > It's a proactive hardening change to help avoid future mistakes. > > > > > > > > > > The __counted_by() annotation makes the bounds visible to the compiler > > > > > and at runtime so that future ->data accesses can be checked against > > > > > ->datalen. > > > > > > > > > > The current code is correct regarding ->data accesses and doesn't > > > > > require any changes. > > > > > > > > OK I'll buy that but send +1 version: > > > > > > > > ~/work/kernel.org/jarkko/linux-tpmdd next > > > > ❯ git am -3 20260406_thorsten_blum_keys_dns_drop_unused_upayload_data_nul_terminator.mbx > > > > Applying: keys, dns: drop unused upayload->data NUL terminator > > > > error: sha1 information is lacking or useless (net/dns_resolver/dns_key.c). > > > > error: could not build fake ancestor > > > > Patch failed at 0001 keys, dns: drop unused upayload->data NUL terminator > > > > hint: Use 'git am --show-current-patch=diff' to see the failed patch > > > > When you have resolved this problem, run "git am --continue". > > > > If you prefer to skip this patch, run "git am --skip" instead. > > > > To restore the original branch and stop patching, run "git am --abort". > > > > > > AFAICT, linux-tpmdd/next is missing this change: > > > > > > https://lore.kernel.org/all/20260226214930.785423-3-thorsten.blum@linux.dev/ > > > > By pratical means, that is lacking any proper commit message. > > My point was that it has been in linux-next since February, but it's > missing in linux-tpmdd/next, which is why patch 1/2 doesn't apply. > > I'll send a new version with 'char data[] __aligned(8) ...' on a single > line in patch 2/2 after the merge window - please let me know if there's > anything else that should be changed. Whoever mirrors that in there has the ball on that patch. I can revisit this once it is either: 1. In the mainline 2. Dropped and resent for review. > > Thanks, > Thorsten BR, Jarkko ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by 2026-04-19 12:06 ` Jarkko Sakkinen @ 2026-04-19 12:09 ` Jarkko Sakkinen 0 siblings, 0 replies; 11+ messages in thread From: Jarkko Sakkinen @ 2026-04-19 12:09 UTC (permalink / raw) To: Thorsten Blum Cc: David Howells, Kees Cook, Gustavo A. R. Silva, keyrings, linux-kernel, linux-hardening On Sun, Apr 19, 2026 at 03:06:59PM +0300, Jarkko Sakkinen wrote: > On Thu, Apr 16, 2026 at 12:13:28PM +0200, Thorsten Blum wrote: > > On Wed, Apr 15, 2026 at 03:08:33PM +0300, Jarkko Sakkinen wrote: > > > On Wed, Apr 15, 2026 at 11:40:26AM +0200, Thorsten Blum wrote: > > > > On Wed, Apr 15, 2026 at 02:58:05AM +0300, Jarkko Sakkinen wrote: > > > > > On Wed, Apr 08, 2026 at 02:21:19PM +0200, Thorsten Blum wrote: > > > > > > On Wed, Apr 08, 2026 at 12:02:25PM +0300, Jarkko Sakkinen wrote: > > > > > > > On Mon, Apr 06, 2026 at 07:58:10PM +0200, Thorsten Blum wrote: > > > > > > > > Add the __counted_by() compiler attribute to the flexible array member > > > > > > > > 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > > > > > > > > CONFIG_FORTIFY_SOURCE. > > > > > > > > > > > > > > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > > > > > > > > --- > > > > > > > > include/keys/user-type.h | 3 ++- > > > > > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > > > > > > > > > diff --git a/include/keys/user-type.h b/include/keys/user-type.h > > > > > > > > index 386c31432789..2305991f4fcd 100644 > > > > > > > > --- a/include/keys/user-type.h > > > > > > > > +++ b/include/keys/user-type.h > > > > > > > > @@ -27,7 +27,8 @@ > > > > > > > > struct user_key_payload { > > > > > > > > struct rcu_head rcu; /* RCU destructor */ > > > > > > > > unsigned short datalen; /* length of this data */ > > > > > > > > - char data[] __aligned(__alignof__(u64)); /* actual data */ > > > > > > > > + char data[] /* actual data */ > > > > > > > > + __aligned(__alignof__(u64)) __counted_by(datalen); > > > > > > > > }; > > > > > > > > > > > > > > > > extern struct key_type key_type_user; > > > > > > > > > > > > > > You don't provide any evidence of any improvement. > > > > > > > > > > > > It's a proactive hardening change to help avoid future mistakes. > > > > > > > > > > > > The __counted_by() annotation makes the bounds visible to the compiler > > > > > > and at runtime so that future ->data accesses can be checked against > > > > > > ->datalen. > > > > > > > > > > > > The current code is correct regarding ->data accesses and doesn't > > > > > > require any changes. > > > > > > > > > > OK I'll buy that but send +1 version: > > > > > > > > > > ~/work/kernel.org/jarkko/linux-tpmdd next > > > > > ❯ git am -3 20260406_thorsten_blum_keys_dns_drop_unused_upayload_data_nul_terminator.mbx > > > > > Applying: keys, dns: drop unused upayload->data NUL terminator > > > > > error: sha1 information is lacking or useless (net/dns_resolver/dns_key.c). > > > > > error: could not build fake ancestor > > > > > Patch failed at 0001 keys, dns: drop unused upayload->data NUL terminator > > > > > hint: Use 'git am --show-current-patch=diff' to see the failed patch > > > > > When you have resolved this problem, run "git am --continue". > > > > > If you prefer to skip this patch, run "git am --skip" instead. > > > > > To restore the original branch and stop patching, run "git am --abort". > > > > > > > > AFAICT, linux-tpmdd/next is missing this change: > > > > > > > > https://lore.kernel.org/all/20260226214930.785423-3-thorsten.blum@linux.dev/ > > > > > > By pratical means, that is lacking any proper commit message. > > > > My point was that it has been in linux-next since February, but it's > > missing in linux-tpmdd/next, which is why patch 1/2 doesn't apply. > > > > I'll send a new version with 'char data[] __aligned(8) ...' on a single > > line in patch 2/2 after the merge window - please let me know if there's > > anything else that should be changed. > > Whoever mirrors that in there has the ball on that patch. I can revisit > this once it is either: > > 1. In the mainline > 2. Dropped and resent for review. Or actually it should not be applied to mainline with my ack but anyway. Sounds weird. BR, Jarkko ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator 2026-04-06 17:58 [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator Thorsten Blum 2026-04-06 17:58 ` [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by Thorsten Blum @ 2026-04-09 2:39 ` Jakub Kicinski 1 sibling, 0 replies; 11+ messages in thread From: Jakub Kicinski @ 2026-04-09 2:39 UTC (permalink / raw) To: Thorsten Blum Cc: David S. Miller, Eric Dumazet, Paolo Abeni, Simon Horman, Tim Bird, netdev, linux-kernel On Mon, 6 Apr 2026 19:58:09 +0200 Thorsten Blum wrote: > Subject: [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator This says net-next but patch 2 never reached netdev@ -- pw-bot: cr ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2026-04-19 12:09 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2026-04-06 17:58 [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator Thorsten Blum 2026-04-06 17:58 ` [PATCH net-next 2/2] KEYS: annotate struct user_key_payload with __counted_by Thorsten Blum 2026-04-08 9:02 ` Jarkko Sakkinen 2026-04-08 12:21 ` Thorsten Blum 2026-04-14 23:58 ` Jarkko Sakkinen 2026-04-15 9:40 ` Thorsten Blum 2026-04-15 12:08 ` Jarkko Sakkinen 2026-04-16 10:13 ` Thorsten Blum 2026-04-19 12:06 ` Jarkko Sakkinen 2026-04-19 12:09 ` Jarkko Sakkinen 2026-04-09 2:39 ` [PATCH net-next 1/2] keys, dns: drop unused upayload->data NUL terminator Jakub Kicinski
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.