From: Kees Cook <keescook@chromium.org> To: Andrew Morton <akpm@linux-foundation.org> Cc: Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org, corbet@lwn.net, gustavo@embeddedor.com, rostedt@goodmis.org, Chris Mason <clm@fb.com>, Josef Bacik <jbacik@fb.com>, David Sterba <dsterba@suse.com>, "David S. Miller" <davem@davemloft.net>, Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>, Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>, Ingo Molnar <mingo@kernel.org>, Peter Zijlstra <peterz@infradead.org>, Thomas Gleixner <tglx@linutronix.de>, Masahiro Yamada <yamada.masahiro@socionext.com>, Borislav Petkov <bp@suse.de>, Josh Poimboeuf <jpoimboe@redhat.com>, Randy Dunlap <rdunlap@infradead.org>, Ian Abbott <abbotti@mev.co.uk>, "Tobin C. Harding" <me@tobin.cc>, Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>, Petr Mladek <pmladek@suse.com>, Andy Shevchenko <andriy.shevchenko@linux.intel.com>, Pantelis Antoniou <pantelis.antoniou@konsulko.com>, linux-btrfs@vger.kernel.org, netdev@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH 2/3] net: Remove accidental VLAs from proc buffers Date: Wed, 7 Mar 2018 19:30:46 -0800 [thread overview] Message-ID: <1520479847-39174-3-git-send-email-keescook@chromium.org> (raw) In-Reply-To: <1520479847-39174-1-git-send-email-keescook@chromium.org> In the quest to remove all stack VLAs from the kernel[1], this refactors the stack array size calculation to avoid using max(), which makes the compiler think the size isn't fixed. [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Kees Cook <keescook@chromium.org> --- net/ipv4/proc.c | 10 ++++------ net/ipv6/proc.c | 10 ++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c index dc5edc8f7564..c23c43803435 100644 --- a/net/ipv4/proc.c +++ b/net/ipv4/proc.c @@ -46,8 +46,6 @@ #include <net/sock.h> #include <net/raw.h> -#define TCPUDP_MIB_MAX max_t(u32, UDP_MIB_MAX, TCP_MIB_MAX) - /* * Report socket allocation statistics [mea@utu.fi] */ @@ -400,11 +398,11 @@ static int snmp_seq_show_ipstats(struct seq_file *seq, void *v) static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) { - unsigned long buff[TCPUDP_MIB_MAX]; + unsigned long buff[SIMPLE_MAX(UDP_MIB_MAX, TCP_MIB_MAX)]; struct net *net = seq->private; int i; - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); seq_puts(seq, "\nTcp:"); for (i = 0; snmp4_tcp_list[i].name; i++) @@ -421,7 +419,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) seq_printf(seq, " %lu", buff[i]); } - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); snmp_get_cpu_field_batch(buff, snmp4_udp_list, net->mib.udp_statistics); @@ -432,7 +430,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) for (i = 0; snmp4_udp_list[i].name; i++) seq_printf(seq, " %lu", buff[i]); - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); /* the UDP and UDP-Lite MIBs are the same */ seq_puts(seq, "\nUdpLite:"); diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c index b67814242f78..5b0874c26802 100644 --- a/net/ipv6/proc.c +++ b/net/ipv6/proc.c @@ -30,10 +30,8 @@ #include <net/transp_v6.h> #include <net/ipv6.h> -#define MAX4(a, b, c, d) \ - max_t(u32, max_t(u32, a, b), max_t(u32, c, d)) -#define SNMP_MIB_MAX MAX4(UDP_MIB_MAX, TCP_MIB_MAX, \ - IPSTATS_MIB_MAX, ICMP_MIB_MAX) +#define SNMP_MIB_MAX SIMPLE_MAX(SIMPLE_MAX(UDP_MIB_MAX, TCP_MIB_MAX), \ + SIMPLE_MAX(IPSTATS_MIB_MAX, ICMP_MIB_MAX)) static int sockstat6_seq_show(struct seq_file *seq, void *v) { @@ -199,7 +197,7 @@ static void snmp6_seq_show_item(struct seq_file *seq, void __percpu *pcpumib, int i; if (pcpumib) { - memset(buff, 0, sizeof(unsigned long) * SNMP_MIB_MAX); + memset(buff, 0, sizeof(buff)); snmp_get_cpu_field_batch(buff, itemlist, pcpumib); for (i = 0; itemlist[i].name; i++) @@ -218,7 +216,7 @@ static void snmp6_seq_show_item64(struct seq_file *seq, void __percpu *mib, u64 buff64[SNMP_MIB_MAX]; int i; - memset(buff64, 0, sizeof(u64) * SNMP_MIB_MAX); + memset(buff64, 0, sizeof(buff64)); snmp_get_cpu_field64_batch(buff64, itemlist, mib, syncpoff); for (i = 0; itemlist[i].name; i++) -- 2.7.4
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org> To: Andrew Morton <akpm@linux-foundation.org> Cc: Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org, corbet@lwn.net, gustavo@embeddedor.com, rostedt@goodmis.org, Chris Mason <clm@fb.com>, Josef Bacik <jbacik@fb.com>, David Sterba <dsterba@suse.com>, "David S. Miller" <davem@davemloft.net>, Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>, Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>, Ingo Molnar <mingo@kernel.org>, Peter Zijlstra <peterz@infradead.org>, Thomas Gleixner <tglx@linutronix.de>, Masahiro Yamada <yamada.masahiro@socionext.com>, Borislav Petkov <bp@suse.de>, Josh Poimboeuf <jpoimboe@redhat.com>, Randy Dunlap <rdunlap@infradead.org>, Ian Abbott <abbotti@mev.co.uk>, "Tobin C. Harding" <me@tobin.cc>, Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>, Petr Mladek <pmladek@suse.com>, Subject: [PATCH 2/3] net: Remove accidental VLAs from proc buffers Date: Wed, 7 Mar 2018 19:30:46 -0800 [thread overview] Message-ID: <1520479847-39174-3-git-send-email-keescook@chromium.org> (raw) In-Reply-To: <1520479847-39174-1-git-send-email-keescook@chromium.org> In the quest to remove all stack VLAs from the kernel[1], this refactors the stack array size calculation to avoid using max(), which makes the compiler think the size isn't fixed. [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Kees Cook <keescook@chromium.org> --- net/ipv4/proc.c | 10 ++++------ net/ipv6/proc.c | 10 ++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c index dc5edc8f7564..c23c43803435 100644 --- a/net/ipv4/proc.c +++ b/net/ipv4/proc.c @@ -46,8 +46,6 @@ #include <net/sock.h> #include <net/raw.h> -#define TCPUDP_MIB_MAX max_t(u32, UDP_MIB_MAX, TCP_MIB_MAX) - /* * Report socket allocation statistics [mea@utu.fi] */ @@ -400,11 +398,11 @@ static int snmp_seq_show_ipstats(struct seq_file *seq, void *v) static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) { - unsigned long buff[TCPUDP_MIB_MAX]; + unsigned long buff[SIMPLE_MAX(UDP_MIB_MAX, TCP_MIB_MAX)]; struct net *net = seq->private; int i; - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); seq_puts(seq, "\nTcp:"); for (i = 0; snmp4_tcp_list[i].name; i++) @@ -421,7 +419,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) seq_printf(seq, " %lu", buff[i]); } - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); snmp_get_cpu_field_batch(buff, snmp4_udp_list, net->mib.udp_statistics); @@ -432,7 +430,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) for (i = 0; snmp4_udp_list[i].name; i++) seq_printf(seq, " %lu", buff[i]); - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); /* the UDP and UDP-Lite MIBs are the same */ seq_puts(seq, "\nUdpLite:"); diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c index b67814242f78..5b0874c26802 100644 --- a/net/ipv6/proc.c +++ b/net/ipv6/proc.c @@ -30,10 +30,8 @@ #include <net/transp_v6.h> #include <net/ipv6.h> -#define MAX4(a, b, c, d) \ - max_t(u32, max_t(u32, a, b), max_t(u32, c, d)) -#define SNMP_MIB_MAX MAX4(UDP_MIB_MAX, TCP_MIB_MAX, \ - IPSTATS_MIB_MAX, ICMP_MIB_MAX) +#define SNMP_MIB_MAX SIMPLE_MAX(SIMPLE_MAX(UDP_MIB_MAX, TCP_MIB_MAX), \ + SIMPLE_MAX(IPSTATS_MIB_MAX, ICMP_MIB_MAX)) static int sockstat6_seq_show(struct seq_file *seq, void *v) { @@ -199,7 +197,7 @@ static void snmp6_seq_show_item(struct seq_file *seq, void __percpu *pcpumib, int i; if (pcpumib) { - memset(buff, 0, sizeof(unsigned long) * SNMP_MIB_MAX); + memset(buff, 0, sizeof(buff)); snmp_get_cpu_field_batch(buff, itemlist, pcpumib); for (i = 0; itemlist[i].name; i++) @@ -218,7 +216,7 @@ static void snmp6_seq_show_item64(struct seq_file *seq, void __percpu *mib, u64 buff64[SNMP_MIB_MAX]; int i; - memset(buff64, 0, sizeof(u64) * SNMP_MIB_MAX); + memset(buff64, 0, sizeof(buff64)); snmp_get_cpu_field64_batch(buff64, itemlist, mib, syncpoff); for (i = 0; itemlist[i].name; i++) -- 2.7.4
next prev parent reply other threads:[~2018-03-08 3:31 UTC|newest] Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-03-08 3:30 [PATCH 0/3] Remove accidental VLA usage Kees Cook 2018-03-08 3:30 ` Kees Cook 2018-03-08 3:30 ` [PATCH v2 1/3] vsprintf: " Kees Cook 2018-03-08 3:30 ` Kees Cook 2018-03-08 8:25 ` Rasmus Villemoes 2018-03-08 8:25 ` Rasmus Villemoes 2018-03-08 11:21 ` Thomas Gleixner 2018-03-08 11:21 ` Thomas Gleixner 2018-03-08 3:30 ` Kees Cook [this message] 2018-03-08 3:30 ` [PATCH 2/3] net: Remove accidental VLAs from proc buffers Kees Cook 2018-03-08 3:30 ` [PATCH 3/3] btrfs: tree-checker: Avoid accidental stack VLA Kees Cook 2018-03-08 3:30 ` Kees Cook 2018-03-08 11:33 ` David Sterba 2018-03-08 11:33 ` David Sterba 2018-03-08 15:02 ` [PATCH 0/3] Remove accidental VLA usage Josh Poimboeuf 2018-03-08 15:02 ` Josh Poimboeuf 2018-03-08 18:02 ` Kees Cook 2018-03-08 18:02 ` Kees Cook 2018-03-08 18:11 ` Josh Poimboeuf 2018-03-08 18:11 ` Josh Poimboeuf 2018-03-08 18:06 ` Steven Rostedt 2018-03-08 18:06 ` Steven Rostedt 2018-03-08 19:57 ` Rasmus Villemoes 2018-03-08 19:57 ` Rasmus Villemoes 2018-03-08 20:39 ` Kees Cook 2018-03-08 20:39 ` Kees Cook 2018-03-08 22:12 ` Rasmus Villemoes 2018-03-08 22:12 ` Rasmus Villemoes 2018-03-08 23:33 ` Kees Cook 2018-03-08 23:33 ` Kees Cook 2018-03-08 20:49 ` Andrew Morton 2018-03-08 20:49 ` Andrew Morton
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1520479847-39174-3-git-send-email-keescook@chromium.org \ --to=keescook@chromium.org \ --cc=abbotti@mev.co.uk \ --cc=akpm@linux-foundation.org \ --cc=andriy.shevchenko@linux.intel.com \ --cc=bp@suse.de \ --cc=clm@fb.com \ --cc=corbet@lwn.net \ --cc=davem@davemloft.net \ --cc=dsterba@suse.com \ --cc=gustavo@embeddedor.com \ --cc=jbacik@fb.com \ --cc=jpoimboe@redhat.com \ --cc=kernel-hardening@lists.openwall.com \ --cc=kuznet@ms2.inr.ac.ru \ --cc=linux-btrfs@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=me@tobin.cc \ --cc=mingo@kernel.org \ --cc=netdev@vger.kernel.org \ --cc=pantelis.antoniou@konsulko.com \ --cc=peterz@infradead.org \ --cc=pmladek@suse.com \ --cc=rdunlap@infradead.org \ --cc=rostedt@goodmis.org \ --cc=sergey.senozhatsky.work@gmail.com \ --cc=tglx@linutronix.de \ --cc=yamada.masahiro@socionext.com \ --cc=yoshfuji@linux-ipv6.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.