From: Thorsten Blum <thorsten.blum@linux.dev>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Nick Terrell <terrelln@fb.com>, David Sterba <dsterba@suse.com>,
Kees Cook <kees@kernel.org>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: Thorsten Blum <thorsten.blum@linux.dev>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: [PATCH] crypto: zstd - Annotate struct zstd_ctx with __counted_by
Date: Sat, 8 Nov 2025 13:07:40 +0100 [thread overview]
Message-ID: <20251108120740.149799-2-thorsten.blum@linux.dev> (raw)
Add the __counted_by() compiler attribute to the flexible array member
'wksp' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.
Use struct_size(), which provides additional compile-time checks for
structures with flexible array members (e.g., __must_be_array()), for
the allocation size for a new 'zstd_ctx' while we're at it.
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
crypto/zstd.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/crypto/zstd.c b/crypto/zstd.c
index ac318d333b68..ace7a82ea45a 100644
--- a/crypto/zstd.c
+++ b/crypto/zstd.c
@@ -10,6 +10,7 @@
#include <linux/mm.h>
#include <linux/module.h>
#include <linux/net.h>
+#include <linux/overflow.h>
#include <linux/vmalloc.h>
#include <linux/zstd.h>
#include <crypto/internal/acompress.h>
@@ -25,7 +26,7 @@ struct zstd_ctx {
zstd_dctx *dctx;
size_t wksp_size;
zstd_parameters params;
- u8 wksp[] __aligned(8);
+ u8 wksp[] __aligned(8) __counted_by(wksp_size);
};
static DEFINE_MUTEX(zstd_stream_lock);
@@ -44,7 +45,7 @@ static void *zstd_alloc_stream(void)
if (!wksp_size)
return ERR_PTR(-EINVAL);
- ctx = kvmalloc(sizeof(*ctx) + wksp_size, GFP_KERNEL);
+ ctx = kvmalloc(struct_size(ctx, wksp, wksp_size), GFP_KERNEL);
if (!ctx)
return ERR_PTR(-ENOMEM);
--
2.51.1
reply other threads:[~2025-11-08 12:08 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251108120740.149799-2-thorsten.blum@linux.dev \
--to=thorsten.blum@linux.dev \
--cc=davem@davemloft.net \
--cc=dsterba@suse.com \
--cc=gustavoars@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=kees@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=terrelln@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).