From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7CFF7CE7A89 for ; Sat, 23 Sep 2023 08:58:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230523AbjIWI6v (ORCPT ); Sat, 23 Sep 2023 04:58:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37550 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230450AbjIWI6t (ORCPT ); Sat, 23 Sep 2023 04:58:49 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EA9E194; Sat, 23 Sep 2023 01:58:43 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E22F9C433C8; Sat, 23 Sep 2023 08:58:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1695459522; bh=O8EiSLhEdCxqqFSOJYtTaig/d7zFufVU+L6LPLjr9m8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=aqEcSHEZ+l6vTmxiwq8AHSQFIC2Sh/9sXbMCfWkWLaXXX57fk5NVdF18/clTMpwoT J0r6lxieBB7Ke4qKFEcFWk9Z8GIB+6zt3hoVnCLZLZTjKasDeTlbmrpJzz6NpFJ5J2 r8RvD3Bqb+qEtjyqqSUXapGVesxUOwuHIg0ToI3oKwFDOak7mmxgU1bFJ41sbygkYb bf0JVA+7IqsUwG9w6Ow/ZyNPEpdnfAZX7ngTmL+u3HMimCfMm5VxkhO6h9rw3s5j5T QCXXdan51VuR3mKi0BP+OAKkP0I1eLcJ2yVWcg1csw6JASbE/hGbgBEXotA87XRhnq I1VlPogaVVBgQ== Date: Sat, 23 Sep 2023 10:59:43 -0600 From: "Gustavo A. R. Silva" To: Kees Cook Cc: Davidlohr Bueso , Jonathan Cameron , Dave Jiang , Alison Schofield , Vishal Verma , Ira Weiny , Dan Williams , linux-cxl@vger.kernel.org, Nathan Chancellor , Nick Desaulniers , Tom Rix , linux-kernel@vger.kernel.org, llvm@lists.linux.dev, linux-hardening@vger.kernel.org Subject: Re: [PATCH] cxl/acpi: Annotate struct cxl_cxims_data with __counted_by Message-ID: References: <20230922175319.work.096-kees@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230922175319.work.096-kees@kernel.org> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 22, 2023 at 10:53:19AM -0700, Kees Cook wrote: > Prepare for the coming implementation by GCC and Clang of the __counted_by > attribute. Flexible array members annotated with __counted_by can have > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > functions). > > As found with Coccinelle[1], add __counted_by for struct cxl_cxims_data. > Additionally, since the element count member must be set before accessing > the annotated flexible array member, move its initialization earlier. > > [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > Cc: Davidlohr Bueso > Cc: Jonathan Cameron > Cc: Dave Jiang > Cc: Alison Schofield > Cc: Vishal Verma > Cc: Ira Weiny > Cc: Dan Williams > Cc: linux-cxl@vger.kernel.org > Signed-off-by: Kees Cook Reviewed-by: Gustavo A. R. Silva Thanks -- Gustavo > --- > drivers/cxl/acpi.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/cxl/acpi.c b/drivers/cxl/acpi.c > index d1c559879dcc..40d055560e52 100644 > --- a/drivers/cxl/acpi.c > +++ b/drivers/cxl/acpi.c > @@ -14,7 +14,7 @@ > > struct cxl_cxims_data { > int nr_maps; > - u64 xormaps[]; > + u64 xormaps[] __counted_by(nr_maps); > }; > > /* > @@ -112,9 +112,9 @@ static int cxl_parse_cxims(union acpi_subtable_headers *header, void *arg, > GFP_KERNEL); > if (!cximsd) > return -ENOMEM; > + cximsd->nr_maps = nr_maps; > memcpy(cximsd->xormaps, cxims->xormap_list, > nr_maps * sizeof(*cximsd->xormaps)); > - cximsd->nr_maps = nr_maps; > cxlrd->platform_data = cximsd; > > return 0; > -- > 2.34.1 > >