* [PATCH] ima: Fix sizeof mismatches
@ 2020-10-07 11:02 Colin King
2020-10-07 12:38 ` Roberto Sassu
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Colin King @ 2020-10-07 11:02 UTC (permalink / raw)
To: Mimi Zohar, Dmitry Kasatkin, James Morris, Serge E . Hallyn,
Roberto Sassu, linux-integrity, linux-security-module
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
An incorrect sizeof is being used, sizeof(*fields) is not correct,
it should be sizeof(**fields). This is not causing a problem since
the size of these is the same. Fix this in the kmalloc_array and
memcpy calls.
Addresses-Coverity: ("Sizeof not portable (SIZEOF_MISMATCH)")
Fixes: 1bd7face7439 ("ima: allocate field pointers array on demand in template_desc_init_fields()")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/integrity/ima/ima_template.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 1e89e2d3851f..8884bbf03b43 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
}
if (fields && num_fields) {
- *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
+ *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
if (*fields = NULL)
return -ENOMEM;
- memcpy(*fields, found_fields, i * sizeof(*fields));
+ memcpy(*fields, found_fields, i * sizeof(**fields));
*num_fields = i;
}
--
2.27.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* RE: [PATCH] ima: Fix sizeof mismatches
2020-10-07 11:02 [PATCH] ima: Fix sizeof mismatches Colin King
@ 2020-10-07 12:38 ` Roberto Sassu
2020-10-07 16:49 ` Jarkko Sakkinen
2020-10-07 18:27 ` Joe Perches
2 siblings, 0 replies; 9+ messages in thread
From: Roberto Sassu @ 2020-10-07 12:38 UTC (permalink / raw)
To: Colin King, Mimi Zohar, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel, Silviu Vlasceanu
PiBGcm9tOiBDb2xpbiBLaW5nIFttYWlsdG86Y29saW4ua2luZ0BjYW5vbmljYWwuY29tXQ0KPiBT
ZW50OiBXZWRuZXNkYXksIE9jdG9iZXIgNywgMjAyMCAxOjAzIFBNDQo+IEZyb206IENvbGluIElh
biBLaW5nIDxjb2xpbi5raW5nQGNhbm9uaWNhbC5jb20+DQo+IA0KPiBBbiBpbmNvcnJlY3Qgc2l6
ZW9mIGlzIGJlaW5nIHVzZWQsIHNpemVvZigqZmllbGRzKSBpcyBub3QgY29ycmVjdCwNCj4gaXQg
c2hvdWxkIGJlIHNpemVvZigqKmZpZWxkcykuIFRoaXMgaXMgbm90IGNhdXNpbmcgYSBwcm9ibGVt
IHNpbmNlDQo+IHRoZSBzaXplIG9mIHRoZXNlIGlzIHRoZSBzYW1lLiBGaXggdGhpcyBpbiB0aGUg
a21hbGxvY19hcnJheSBhbmQNCj4gbWVtY3B5IGNhbGxzLg0KPiANCj4gQWRkcmVzc2VzLUNvdmVy
aXR5OiAoIlNpemVvZiBub3QgcG9ydGFibGUgKFNJWkVPRl9NSVNNQVRDSCkiKQ0KPiBGaXhlczog
MWJkN2ZhY2U3NDM5ICgiaW1hOiBhbGxvY2F0ZSBmaWVsZCBwb2ludGVycyBhcnJheSBvbiBkZW1h
bmQgaW4NCj4gdGVtcGxhdGVfZGVzY19pbml0X2ZpZWxkcygpIikNCj4gU2lnbmVkLW9mZi1ieTog
Q29saW4gSWFuIEtpbmcgPGNvbGluLmtpbmdAY2Fub25pY2FsLmNvbT4NCg0KVGhhbmtzIENvbGlu
Lg0KDQpSZXZpZXdlZC1ieTogUm9iZXJ0byBTYXNzdSA8cm9iZXJ0by5zYXNzdUBodWF3ZWkuY29t
Pg0KDQpSb2JlcnRvDQoNCkhVQVdFSSBURUNITk9MT0dJRVMgRHVlc3NlbGRvcmYgR21iSCwgSFJC
IDU2MDYzDQpNYW5hZ2luZyBEaXJlY3RvcjogTGkgUGVuZywgTGkgSmlhbiwgU2hpIFlhbmxpDQoN
Cj4gLS0tDQo+ICBzZWN1cml0eS9pbnRlZ3JpdHkvaW1hL2ltYV90ZW1wbGF0ZS5jIHwgNCArKy0t
DQo+ICAxIGZpbGUgY2hhbmdlZCwgMiBpbnNlcnRpb25zKCspLCAyIGRlbGV0aW9ucygtKQ0KPiAN
Cj4gZGlmZiAtLWdpdCBhL3NlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX3RlbXBsYXRlLmMNCj4g
Yi9zZWN1cml0eS9pbnRlZ3JpdHkvaW1hL2ltYV90ZW1wbGF0ZS5jDQo+IGluZGV4IDFlODllMmQz
ODUxZi4uODg4NGJiZjAzYjQzIDEwMDY0NA0KPiAtLS0gYS9zZWN1cml0eS9pbnRlZ3JpdHkvaW1h
L2ltYV90ZW1wbGF0ZS5jDQo+ICsrKyBiL3NlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX3RlbXBs
YXRlLmMNCj4gQEAgLTIxNiwxMSArMjE2LDExIEBAIGludCB0ZW1wbGF0ZV9kZXNjX2luaXRfZmll
bGRzKGNvbnN0IGNoYXINCj4gKnRlbXBsYXRlX2ZtdCwNCj4gIAl9DQo+IA0KPiAgCWlmIChmaWVs
ZHMgJiYgbnVtX2ZpZWxkcykgew0KPiAtCQkqZmllbGRzID0ga21hbGxvY19hcnJheShpLCBzaXpl
b2YoKmZpZWxkcyksIEdGUF9LRVJORUwpOw0KPiArCQkqZmllbGRzID0ga21hbGxvY19hcnJheShp
LCBzaXplb2YoKipmaWVsZHMpLCBHRlBfS0VSTkVMKTsNCj4gIAkJaWYgKCpmaWVsZHMgPT0gTlVM
TCkNCj4gIAkJCXJldHVybiAtRU5PTUVNOw0KPiANCj4gLQkJbWVtY3B5KCpmaWVsZHMsIGZvdW5k
X2ZpZWxkcywgaSAqIHNpemVvZigqZmllbGRzKSk7DQo+ICsJCW1lbWNweSgqZmllbGRzLCBmb3Vu
ZF9maWVsZHMsIGkgKiBzaXplb2YoKipmaWVsZHMpKTsNCj4gIAkJKm51bV9maWVsZHMgPSBpOw0K
PiAgCX0NCj4gDQo+IC0tDQo+IDIuMjcuMA0KDQo
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-07 11:02 [PATCH] ima: Fix sizeof mismatches Colin King
2020-10-07 12:38 ` Roberto Sassu
@ 2020-10-07 16:49 ` Jarkko Sakkinen
2020-10-07 18:27 ` Joe Perches
2 siblings, 0 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2020-10-07 16:49 UTC (permalink / raw)
To: Colin King
Cc: Mimi Zohar, Dmitry Kasatkin, James Morris, Serge E . Hallyn,
Roberto Sassu, linux-integrity, linux-security-module,
kernel-janitors, linux-kernel
On Wed, Oct 07, 2020 at 12:02:43PM +0100, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> An incorrect sizeof is being used, sizeof(*fields) is not correct,
> it should be sizeof(**fields). This is not causing a problem since
> the size of these is the same. Fix this in the kmalloc_array and
> memcpy calls.
>
> Addresses-Coverity: ("Sizeof not portable (SIZEOF_MISMATCH)")
> Fixes: 1bd7face7439 ("ima: allocate field pointers array on demand in template_desc_init_fields()")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-07 11:02 [PATCH] ima: Fix sizeof mismatches Colin King
2020-10-07 12:38 ` Roberto Sassu
2020-10-07 16:49 ` Jarkko Sakkinen
@ 2020-10-07 18:27 ` Joe Perches
2020-10-12 17:51 ` Mimi Zohar
2 siblings, 1 reply; 9+ messages in thread
From: Joe Perches @ 2020-10-07 18:27 UTC (permalink / raw)
To: Colin King, Mimi Zohar, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel
On Wed, 2020-10-07 at 12:02 +0100, Colin King wrote:
> An incorrect sizeof is being used, sizeof(*fields) is not correct,
> it should be sizeof(**fields). This is not causing a problem since
> the size of these is the same. Fix this in the kmalloc_array and
> memcpy calls.
[]
> diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
[]
> @@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
> }
>
> if (fields && num_fields) {
> - *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
> + *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
> if (*fields = NULL)
> return -ENOMEM;
>
> - memcpy(*fields, found_fields, i * sizeof(*fields));
> + memcpy(*fields, found_fields, i * sizeof(**fields));
Maybe use kmemdup instead.
if (fields && num_fields) {
*fields = kmemdup(found_fields, i * sizeof(**fields), GFP_KERNEL);
etc...
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-07 18:27 ` Joe Perches
@ 2020-10-12 17:51 ` Mimi Zohar
2020-10-12 18:06 ` Joe Perches
0 siblings, 1 reply; 9+ messages in thread
From: Mimi Zohar @ 2020-10-12 17:51 UTC (permalink / raw)
To: Joe Perches, Colin King, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel
On Wed, 2020-10-07 at 11:27 -0700, Joe Perches wrote:
> On Wed, 2020-10-07 at 12:02 +0100, Colin King wrote:
> > An incorrect sizeof is being used, sizeof(*fields) is not correct,
> > it should be sizeof(**fields). This is not causing a problem since
> > the size of these is the same. Fix this in the kmalloc_array and
> > memcpy calls.
> []
> > diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
> []
> > @@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
> > }
> >
> > if (fields && num_fields) {
> > - *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
> > + *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
> > if (*fields = NULL)
> > return -ENOMEM;
> >
> > - memcpy(*fields, found_fields, i * sizeof(*fields));
> > + memcpy(*fields, found_fields, i * sizeof(**fields));
>
> Maybe use kmemdup instead.
>
> if (fields && num_fields) {
> *fields = kmemdup(found_fields, i * sizeof(**fields), GFP_KERNEL);
> etc...
>
Thanks, Joe. Since this patch will be backported, perhaps it would be
better to leave this as a bug fix and upstream other changes
independently.
Mimi
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-12 17:51 ` Mimi Zohar
@ 2020-10-12 18:06 ` Joe Perches
2020-10-12 18:10 ` Colin Ian King
0 siblings, 1 reply; 9+ messages in thread
From: Joe Perches @ 2020-10-12 18:06 UTC (permalink / raw)
To: Mimi Zohar, Colin King, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel
On Mon, 2020-10-12 at 13:51 -0400, Mimi Zohar wrote:
> On Wed, 2020-10-07 at 11:27 -0700, Joe Perches wrote:
> > On Wed, 2020-10-07 at 12:02 +0100, Colin King wrote:
> > > An incorrect sizeof is being used, sizeof(*fields) is not correct,
> > > it should be sizeof(**fields). This is not causing a problem since
> > > the size of these is the same. Fix this in the kmalloc_array and
> > > memcpy calls.
> > []
> > > diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
> > []
> > > @@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
> > > }
> > >
> > > if (fields && num_fields) {
> > > - *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
> > > + *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
> > > if (*fields = NULL)
> > > return -ENOMEM;
> > >
> > > - memcpy(*fields, found_fields, i * sizeof(*fields));
> > > + memcpy(*fields, found_fields, i * sizeof(**fields));
> >
> > Maybe use kmemdup instead.
> >
> > if (fields && num_fields) {
> > *fields = kmemdup(found_fields, i * sizeof(**fields), GFP_KERNEL);
> > etc...
> >
>
> Thanks, Joe. Since this patch will be backported, perhaps it would be
> better to leave this as a bug fix and upstream other changes
> independently.
IMO:
This patch doesn't need need backporting as it doesn't
actually fix anything other than a style defect.
void * and void ** are the same size.
cheers, Joe
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-12 18:06 ` Joe Perches
@ 2020-10-12 18:10 ` Colin Ian King
2020-10-13 16:17 ` Mimi Zohar
0 siblings, 1 reply; 9+ messages in thread
From: Colin Ian King @ 2020-10-12 18:10 UTC (permalink / raw)
To: Joe Perches, Mimi Zohar, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel
On 12/10/2020 19:06, Joe Perches wrote:
> On Mon, 2020-10-12 at 13:51 -0400, Mimi Zohar wrote:
>> On Wed, 2020-10-07 at 11:27 -0700, Joe Perches wrote:
>>> On Wed, 2020-10-07 at 12:02 +0100, Colin King wrote:
>>>> An incorrect sizeof is being used, sizeof(*fields) is not correct,
>>>> it should be sizeof(**fields). This is not causing a problem since
>>>> the size of these is the same. Fix this in the kmalloc_array and
>>>> memcpy calls.
>>> []
>>>> diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
>>> []
>>>> @@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
>>>> }
>>>>
>>>> if (fields && num_fields) {
>>>> - *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
>>>> + *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
>>>> if (*fields = NULL)
>>>> return -ENOMEM;
>>>>
>>>> - memcpy(*fields, found_fields, i * sizeof(*fields));
>>>> + memcpy(*fields, found_fields, i * sizeof(**fields));
>>>
>>> Maybe use kmemdup instead.
>>>
>>> if (fields && num_fields) {
>>> *fields = kmemdup(found_fields, i * sizeof(**fields), GFP_KERNEL);
>>> etc...
>>>
>>
>> Thanks, Joe. Since this patch will be backported, perhaps it would be
>> better to leave this as a bug fix and upstream other changes
>> independently.
>
> IMO:
>
> This patch doesn't need need backporting as it doesn't
> actually fix anything other than a style defect.
>
> void * and void ** are the same size.
indeed, same size, it's a semantic difference *and* a style fix :-)
Colin
>
> cheers, Joe
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-12 18:10 ` Colin Ian King
@ 2020-10-13 16:17 ` Mimi Zohar
2020-10-13 16:23 ` Colin Ian King
0 siblings, 1 reply; 9+ messages in thread
From: Mimi Zohar @ 2020-10-13 16:17 UTC (permalink / raw)
To: Colin Ian King, Joe Perches, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel
On Mon, 2020-10-12 at 19:10 +0100, Colin Ian King wrote:
> On 12/10/2020 19:06, Joe Perches wrote:
> > On Mon, 2020-10-12 at 13:51 -0400, Mimi Zohar wrote:
> >> On Wed, 2020-10-07 at 11:27 -0700, Joe Perches wrote:
> >>> On Wed, 2020-10-07 at 12:02 +0100, Colin King wrote:
> >>>> An incorrect sizeof is being used, sizeof(*fields) is not correct,
> >>>> it should be sizeof(**fields). This is not causing a problem since
> >>>> the size of these is the same. Fix this in the kmalloc_array and
> >>>> memcpy calls.
> >>> []
> >>>> diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
> >>> []
> >>>> @@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
> >>>> }
> >>>>
> >>>> if (fields && num_fields) {
> >>>> - *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
> >>>> + *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
> >>>> if (*fields = NULL)
> >>>> return -ENOMEM;
> >>>>
> >>>> - memcpy(*fields, found_fields, i * sizeof(*fields));
> >>>> + memcpy(*fields, found_fields, i * sizeof(**fields));
> >>>
> >>> Maybe use kmemdup instead.
> >>>
> >>> if (fields && num_fields) {
> >>> *fields = kmemdup(found_fields, i * sizeof(**fields), GFP_KERNEL);
> >>> etc...
> >>>
> >>
> >> Thanks, Joe. Since this patch will be backported, perhaps it would be
> >> better to leave this as a bug fix and upstream other changes
> >> independently.
> >
> > IMO:
> >
> > This patch doesn't need need backporting as it doesn't
> > actually fix anything other than a style defect.
> >
> > void * and void ** are the same size.
>
> indeed, same size, it's a semantic difference *and* a style fix :-)
Colin, based on Joe's suggestion of using kmemdup and his opinion of
not backporting this change, can I assume you'll address his comments
and re-post v3?
thanks,
Mimi
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] ima: Fix sizeof mismatches
2020-10-13 16:17 ` Mimi Zohar
@ 2020-10-13 16:23 ` Colin Ian King
0 siblings, 0 replies; 9+ messages in thread
From: Colin Ian King @ 2020-10-13 16:23 UTC (permalink / raw)
To: Mimi Zohar, Joe Perches, Dmitry Kasatkin, James Morris,
Serge E . Hallyn, Roberto Sassu, linux-integrity,
linux-security-module
Cc: kernel-janitors, linux-kernel
On 13/10/2020 17:17, Mimi Zohar wrote:
> On Mon, 2020-10-12 at 19:10 +0100, Colin Ian King wrote:
>> On 12/10/2020 19:06, Joe Perches wrote:
>>> On Mon, 2020-10-12 at 13:51 -0400, Mimi Zohar wrote:
>>>> On Wed, 2020-10-07 at 11:27 -0700, Joe Perches wrote:
>>>>> On Wed, 2020-10-07 at 12:02 +0100, Colin King wrote:
>>>>>> An incorrect sizeof is being used, sizeof(*fields) is not correct,
>>>>>> it should be sizeof(**fields). This is not causing a problem since
>>>>>> the size of these is the same. Fix this in the kmalloc_array and
>>>>>> memcpy calls.
>>>>> []
>>>>>> diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
>>>>> []
>>>>>> @@ -216,11 +216,11 @@ int template_desc_init_fields(const char *template_fmt,
>>>>>> }
>>>>>>
>>>>>> if (fields && num_fields) {
>>>>>> - *fields = kmalloc_array(i, sizeof(*fields), GFP_KERNEL);
>>>>>> + *fields = kmalloc_array(i, sizeof(**fields), GFP_KERNEL);
>>>>>> if (*fields = NULL)
>>>>>> return -ENOMEM;
>>>>>>
>>>>>> - memcpy(*fields, found_fields, i * sizeof(*fields));
>>>>>> + memcpy(*fields, found_fields, i * sizeof(**fields));
>>>>>
>>>>> Maybe use kmemdup instead.
>>>>>
>>>>> if (fields && num_fields) {
>>>>> *fields = kmemdup(found_fields, i * sizeof(**fields), GFP_KERNEL);
>>>>> etc...
>>>>>
>>>>
>>>> Thanks, Joe. Since this patch will be backported, perhaps it would be
>>>> better to leave this as a bug fix and upstream other changes
>>>> independently.
>>>
>>> IMO:
>>>
>>> This patch doesn't need need backporting as it doesn't
>>> actually fix anything other than a style defect.
>>>
>>> void * and void ** are the same size.
>>
>> indeed, same size, it's a semantic difference *and* a style fix :-)
>
> Colin, based on Joe's suggestion of using kmemdup and his opinion of
> not backporting this change, can I assume you'll address his comments
> and re-post v3?
Oops, I missed that email. Yep, I'll address that later today
Colin
>
> thanks,
>
> Mimi
>
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-10-13 16:23 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-07 11:02 [PATCH] ima: Fix sizeof mismatches Colin King
2020-10-07 12:38 ` Roberto Sassu
2020-10-07 16:49 ` Jarkko Sakkinen
2020-10-07 18:27 ` Joe Perches
2020-10-12 17:51 ` Mimi Zohar
2020-10-12 18:06 ` Joe Perches
2020-10-12 18:10 ` Colin Ian King
2020-10-13 16:17 ` Mimi Zohar
2020-10-13 16:23 ` Colin Ian King
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).