From: Kees Cook <keescook@chromium.org>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Vinod Koul <vkoul@kernel.org>,
Linus Walleij <linus.walleij@linaro.org>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Mark Brown <broonie@kernel.org>,
linux-arm-kernel@lists.infradead.org, dmaengine@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-iio@vger.kernel.org,
linux-spi@vger.kernel.org, netdev@vger.kernel.org,
linux-hardening@vger.kernel.org,
Jonathan Cameron <jic23@kernel.org>,
Lars-Peter Clausen <lars@metafoo.de>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>
Subject: Re: [PATCH v4 7/8] net-device: Use new helpers from overflow.h in netdevice APIs
Date: Wed, 28 Feb 2024 16:01:49 -0800 [thread overview]
Message-ID: <202402281554.C1CEEF744@keescook> (raw)
In-Reply-To: <20240228144148.5c227487@kernel.org>
On Wed, Feb 28, 2024 at 02:41:48PM -0800, Jakub Kicinski wrote:
> On Wed, 28 Feb 2024 13:46:10 -0800 Kees Cook wrote:
> > I really don't like hiding these trailing allocations from the compiler.
> > Why can't something like this be done (totally untested):
> >
> >
> > diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> > index 118c40258d07..dae6df4fb177 100644
> > --- a/include/linux/netdevice.h
> > +++ b/include/linux/netdevice.h
> > @@ -2475,6 +2475,8 @@ struct net_device {
> > /** @page_pools: page pools created for this netdevice */
> > struct hlist_head page_pools;
> > #endif
> > + u32 priv_size;
> > + u8 priv_data[] __counted_by(priv_size) __aligned(NETDEV_ALIGN);
>
> I like, FWIW, please submit! :)
So, I found several cases where struct net_device is included in the
middle of another structure, which makes my proposal more awkward. But I
also don't understand why it's in the _middle_. Shouldn't it always be
at the beginning (with priv stuff following it?)
Quick search and examined manually: git grep 'struct net_device [a-z0-9_]*;'
struct rtw89_dev
struct ath10k
etc.
Some even have two included (?)
But I still like the idea -- Gustavo has been solving these cases with
having two structs, e.g.:
struct net_device {
...unchanged...
};
struct net_device_alloc {
struct net_device dev;
u32 priv_size;
u8 priv_data[] __counted_by(priv_size) __aligned(NETDEV_ALIGN);
};
And internals can use struct net_device_alloc...
-Kees
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Vinod Koul <vkoul@kernel.org>,
Linus Walleij <linus.walleij@linaro.org>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Mark Brown <broonie@kernel.org>,
linux-arm-kernel@lists.infradead.org, dmaengine@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-iio@vger.kernel.org,
linux-spi@vger.kernel.org, netdev@vger.kernel.org,
linux-hardening@vger.kernel.org,
Jonathan Cameron <jic23@kernel.org>,
Lars-Peter Clausen <lars@metafoo.de>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>
Subject: Re: [PATCH v4 7/8] net-device: Use new helpers from overflow.h in netdevice APIs
Date: Wed, 28 Feb 2024 16:01:49 -0800 [thread overview]
Message-ID: <202402281554.C1CEEF744@keescook> (raw)
In-Reply-To: <20240228144148.5c227487@kernel.org>
On Wed, Feb 28, 2024 at 02:41:48PM -0800, Jakub Kicinski wrote:
> On Wed, 28 Feb 2024 13:46:10 -0800 Kees Cook wrote:
> > I really don't like hiding these trailing allocations from the compiler.
> > Why can't something like this be done (totally untested):
> >
> >
> > diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> > index 118c40258d07..dae6df4fb177 100644
> > --- a/include/linux/netdevice.h
> > +++ b/include/linux/netdevice.h
> > @@ -2475,6 +2475,8 @@ struct net_device {
> > /** @page_pools: page pools created for this netdevice */
> > struct hlist_head page_pools;
> > #endif
> > + u32 priv_size;
> > + u8 priv_data[] __counted_by(priv_size) __aligned(NETDEV_ALIGN);
>
> I like, FWIW, please submit! :)
So, I found several cases where struct net_device is included in the
middle of another structure, which makes my proposal more awkward. But I
also don't understand why it's in the _middle_. Shouldn't it always be
at the beginning (with priv stuff following it?)
Quick search and examined manually: git grep 'struct net_device [a-z0-9_]*;'
struct rtw89_dev
struct ath10k
etc.
Some even have two included (?)
But I still like the idea -- Gustavo has been solving these cases with
having two structs, e.g.:
struct net_device {
...unchanged...
};
struct net_device_alloc {
struct net_device dev;
u32 priv_size;
u8 priv_data[] __counted_by(priv_size) __aligned(NETDEV_ALIGN);
};
And internals can use struct net_device_alloc...
-Kees
--
Kees Cook
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-02-29 0:01 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-28 20:41 [PATCH v4 0/8] iio: core: New macros and making use of them Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 20:41 ` [PATCH v4 1/8] overflow: Use POD in check_shl_overflow() Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 21:33 ` Kees Cook
2024-02-28 21:33 ` Kees Cook
2024-02-29 10:59 ` Andy Shevchenko
2024-02-29 10:59 ` Andy Shevchenko
2024-02-29 18:30 ` (subset) " Kees Cook
2024-02-29 18:30 ` Kees Cook
2024-02-28 20:41 ` [PATCH v4 2/8] overflow: Add struct_size_with_data() and struct_data_pointer() helpers Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 21:37 ` Kees Cook
2024-02-28 21:37 ` Kees Cook
2024-02-28 21:51 ` Andy Shevchenko
2024-02-28 21:51 ` Andy Shevchenko
2024-02-28 20:41 ` [PATCH v4 3/8] iio: core: NULLify private pointer when there is no private data Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 21:06 ` David Lechner
2024-02-28 21:06 ` David Lechner
2024-02-28 21:36 ` Andy Shevchenko
2024-02-28 21:36 ` Andy Shevchenko
2024-03-03 12:46 ` Jonathan Cameron
2024-03-03 12:46 ` Jonathan Cameron
2024-02-28 20:41 ` [PATCH v4 4/8] iio: core: Calculate alloc_size only once in iio_device_alloc() Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 20:57 ` David Lechner
2024-02-28 20:57 ` David Lechner
2024-02-28 21:09 ` Andy Shevchenko
2024-02-28 21:09 ` Andy Shevchenko
2024-02-28 20:41 ` [PATCH v4 5/8] iio: core: Use new helpers from overflow.h " Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-29 15:29 ` Nuno Sá
2024-02-29 15:29 ` Nuno Sá
2024-03-03 13:09 ` Jonathan Cameron
2024-03-03 13:09 ` Jonathan Cameron
2024-02-28 20:41 ` [PATCH v4 6/8] spi: Use new helpers from overflow.h in __spi_alloc_controller() Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 21:00 ` Mark Brown
2024-02-28 21:00 ` Mark Brown
2024-02-28 20:41 ` [PATCH v4 7/8] net-device: Use new helpers from overflow.h in netdevice APIs Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-28 21:46 ` Kees Cook
2024-02-28 21:46 ` Kees Cook
2024-02-28 21:53 ` Andy Shevchenko
2024-02-28 21:53 ` Andy Shevchenko
2024-02-28 22:41 ` Jakub Kicinski
2024-02-28 22:41 ` Jakub Kicinski
2024-02-29 0:01 ` Kees Cook [this message]
2024-02-29 0:01 ` Kees Cook
2024-02-29 0:49 ` Gustavo A. R. Silva
2024-02-29 0:49 ` Gustavo A. R. Silva
2024-02-29 0:57 ` Jakub Kicinski
2024-02-29 0:57 ` Jakub Kicinski
2024-02-29 1:03 ` Gustavo A. R. Silva
2024-02-29 1:03 ` Gustavo A. R. Silva
2024-02-29 1:15 ` Jakub Kicinski
2024-02-29 1:15 ` Jakub Kicinski
2024-02-29 1:36 ` Gustavo A. R. Silva
2024-02-29 1:36 ` Gustavo A. R. Silva
2024-02-29 0:56 ` Jakub Kicinski
2024-02-29 0:56 ` Jakub Kicinski
2024-02-29 19:08 ` Kees Cook
2024-02-29 19:08 ` Kees Cook
2024-02-29 19:37 ` Jakub Kicinski
2024-02-29 19:37 ` Jakub Kicinski
2024-02-29 21:31 ` Kees Cook
2024-02-29 21:31 ` Kees Cook
2024-02-29 10:54 ` Andy Shevchenko
2024-02-29 10:54 ` Andy Shevchenko
2024-02-28 20:41 ` [PATCH v4 8/8] dmaengine: ste_dma40: Use new helpers from overflow.h Andy Shevchenko
2024-02-28 20:41 ` Andy Shevchenko
2024-02-29 14:14 ` Linus Walleij
2024-02-29 14:14 ` Linus Walleij
2024-02-29 14:53 ` Andy Shevchenko
2024-02-29 14:53 ` Andy Shevchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202402281554.C1CEEF744@keescook \
--to=keescook@chromium.org \
--cc=Jonathan.Cameron@huawei.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=broonie@kernel.org \
--cc=davem@davemloft.net \
--cc=dmaengine@vger.kernel.org \
--cc=edumazet@google.com \
--cc=gustavoars@kernel.org \
--cc=jic23@kernel.org \
--cc=kuba@kernel.org \
--cc=lars@metafoo.de \
--cc=linus.walleij@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-iio@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-spi@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=vkoul@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.