* [PATCH] enic: Avoid false positive under FORTIFY_SOURCE
@ 2024-02-16 23:30 Kees Cook
2024-02-19 11:00 ` patchwork-bot+netdevbpf
0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2024-02-16 23:30 UTC (permalink / raw)
To: Christian Benvenuti
Cc: Kees Cook, Satish Kharat, David S. Miller, Eric Dumazet,
Jakub Kicinski, Paolo Abeni, Gustavo A . R . Silva, netdev,
Gustavo A. R. Silva, linux-kernel, linux-hardening
FORTIFY_SOURCE has been ignoring 0-sized destinations while the kernel
code base has been converted to flexible arrays. In order to enforce
the 0-sized destinations (e.g. with __counted_by), the remaining 0-sized
destinations need to be handled. Unfortunately, struct vic_provinfo
resists full conversion, as it contains a flexible array of flexible
arrays, which is only possible with the 0-sized fake flexible array.
Use unsafe_memcpy() to avoid future false positives under
CONFIG_FORTIFY_SOURCE.
Signed-off-by: Kees Cook <keescook@chromium.org>
---
Cc: Christian Benvenuti <benve@cisco.com>
Cc: Satish Kharat <satishkh@cisco.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Gustavo A. R. Silva <gustavo@embeddedor.com>
Cc: netdev@vger.kernel.org
---
drivers/net/ethernet/cisco/enic/vnic_vic.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/cisco/enic/vnic_vic.c b/drivers/net/ethernet/cisco/enic/vnic_vic.c
index 20fcb20b42ed..66b577835338 100644
--- a/drivers/net/ethernet/cisco/enic/vnic_vic.c
+++ b/drivers/net/ethernet/cisco/enic/vnic_vic.c
@@ -49,7 +49,8 @@ int vic_provinfo_add_tlv(struct vic_provinfo *vp, u16 type, u16 length,
tlv->type = htons(type);
tlv->length = htons(length);
- memcpy(tlv->value, value, length);
+ unsafe_memcpy(tlv->value, value, length,
+ /* Flexible array of flexible arrays */);
vp->num_tlvs = htonl(ntohl(vp->num_tlvs) + 1);
vp->length = htonl(ntohl(vp->length) +
--
2.34.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] enic: Avoid false positive under FORTIFY_SOURCE
2024-02-16 23:30 [PATCH] enic: Avoid false positive under FORTIFY_SOURCE Kees Cook
@ 2024-02-19 11:00 ` patchwork-bot+netdevbpf
0 siblings, 0 replies; 2+ messages in thread
From: patchwork-bot+netdevbpf @ 2024-02-19 11:00 UTC (permalink / raw)
To: Kees Cook
Cc: benve, satishkh, davem, edumazet, kuba, pabeni, gustavo, netdev,
gustavoars, linux-kernel, linux-hardening
Hello:
This patch was applied to netdev/net.git (main)
by David S. Miller <davem@davemloft.net>:
On Fri, 16 Feb 2024 15:30:05 -0800 you wrote:
> FORTIFY_SOURCE has been ignoring 0-sized destinations while the kernel
> code base has been converted to flexible arrays. In order to enforce
> the 0-sized destinations (e.g. with __counted_by), the remaining 0-sized
> destinations need to be handled. Unfortunately, struct vic_provinfo
> resists full conversion, as it contains a flexible array of flexible
> arrays, which is only possible with the 0-sized fake flexible array.
>
> [...]
Here is the summary with links:
- enic: Avoid false positive under FORTIFY_SOURCE
https://git.kernel.org/netdev/net/c/40b9385dd8e6
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-02-19 11:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-02-16 23:30 [PATCH] enic: Avoid false positive under FORTIFY_SOURCE Kees Cook
2024-02-19 11:00 ` patchwork-bot+netdevbpf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.