From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7BAEEC43219 for ; Tue, 18 Oct 2022 08:22:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230470AbiJRIWt (ORCPT ); Tue, 18 Oct 2022 04:22:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41576 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230458AbiJRIWp (ORCPT ); Tue, 18 Oct 2022 04:22:45 -0400 Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3415997D6A for ; Tue, 18 Oct 2022 01:22:45 -0700 (PDT) Received: by mail-pg1-x52d.google.com with SMTP id 78so12669830pgb.13 for ; Tue, 18 Oct 2022 01:22:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=GnqNHNhYyLH9Wo68LD4x3bwQRhcMnm8gL4scZhF5muk=; b=g+M0tP4FeC0OrEgQxOE3oJjv9pUB6oD9RgZ+XBPsA0B85VsOEiUZa6cSIgQOnwn/bl PMcN3F6LLRPoLDCxP3nuCJikCNGhdt00VAuMFuO3rxW1gs8KlSrBeB+vNyMB4cCCH/Gc kvdVgkwL8LfHNJuSEL7+LJTehFvWBdJr0abNA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=GnqNHNhYyLH9Wo68LD4x3bwQRhcMnm8gL4scZhF5muk=; b=cbBxM/04QDi1/UCh4MAJ/ol3TNhsomYiw6yFGaP5+HKHo2cE3/rExOjyRvMdXuWIdg G7F2WAKzIYAxy3LzWCiBcr8Zm5WxG8UmEVQ39zGtyNQ2yavlxEY563nzTOii2N134bYF lWFK5YEwyedpiiWY3lIybEhp+FiH1TWthpaG3MdjAMM2zkRbfDLKifxLDxW98Rv/h6YA jj4U/7nGTgC6BtySUyM8MmdbKj7eLRUfwtCw1lqKl60Fb9UkBI8fc79a38AQ70FhVMds GXUVSI71d4XESUTWY8J+LEbtheajEPowj+5CC/u9Tg7DiueE1GmysN2qo9QPgZbQTzFv PXYw== X-Gm-Message-State: ACrzQf1C6B8FLNLVv6daw5V4dqIeG/lHtRZ5NsJaY3YHHenfuDbzKbgd 4oCS8H22rncCom0B7GbyZGgSsg== X-Google-Smtp-Source: AMsMyM72YdgZRaJDiZ9MU6bvh+RA5iQHpj06/whPZsYV2r2RwYl4tM6cKQGl0WtEaQrAYe7tdQtb5Q== X-Received: by 2002:a63:4283:0:b0:457:dced:8ba3 with SMTP id p125-20020a634283000000b00457dced8ba3mr1711359pga.220.1666081364707; Tue, 18 Oct 2022 01:22:44 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id m2-20020a170902db0200b0017d97d13b18sm8026045plx.65.2022.10.18.01.22.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Oct 2022 01:22:44 -0700 (PDT) From: Kees Cook To: linux-hardening@vger.kernel.org Cc: Kees Cook , Guenter Roeck , Andy Shevchenko , Paolo Abeni , Geert Uytterhoeven , linux-kernel@vger.kernel.org Subject: [PATCH] string: Add __alloc_size hint to kmemdup() Date: Tue, 18 Oct 2022 01:22:41 -0700 Message-Id: <20221018082232.never.213-kees@kernel.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1853; h=from:subject:message-id; bh=SgzbSvS/b5ZrTbA0wJ9E9tBFT9DRkYwk8ZJEQZFVEak=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTmJRV6GiRT0HuXsWsQSPL85x/s8fMsdifykSjHzh OlUuKfmJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY05iUQAKCRCJcvTf3G3AJj8rD/ 9KYnzy5bqIwa32boPh44jUw+r1zKss52V+nzSaViIRwLNMVToZqpHJ2eZ7cIQKOwfMoHYAPiOhhFCE yUV8wPUrPSzXQSc6Y/4etatCvIVMl6/LpGjfjELhI5SOKGmfpMTI77z45BTRoZJFabztTn3aSt18hX AF6wjRN8M/oLYCX8lws5Jm1x/CwOnb8Y9yLaLaVRFpaloXmTNijmKNDioJ3qCyX9D/zvSQZ2o7TAi7 0jA+eem6Aq8EIFBeRb9axI7myTreYHszRjIFO+Z10WSLfh9MpvZ78HuK2WDTjbFr1iX/pPqGl+7Zc6 qCa+lJfFF7IjkI3mG7SYwUyVktGy5BqO61c/T2TS+V9XKORhBy4rmyA50/RMt1DfMW6ETiWuCMGp2u VdRwBsZ8qNwaq3nx/51bwQXEFc1U056LcUYBH25qctK872Y7LQVFzJ/WA4HmZmj1hlT8cqb57AVP/3 dIAQI5YZz6PKJpg97tjLaO5ccXGqXrNbSVck7v+h49vz+UUTQdtYUtCOUQ+Bze4KRdjJWqhpZI3r5N dLB9ifjVvhwjnAjuPJIWE6eKu1uC/lqjhZBxmCByUWw64JZGQKjx6LDf3HN+ZD7R//tYqoPM6Vnk9u FddwMhg6qb1FNSRb+45QtPu0FB+r4Fe7JhjpR+EPEYO1XheosCSb3ouIA/+w== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Add __alloc_size() hint to kmemdup() so the compiler can reason about the length of the returned buffer. Cc: Guenter Roeck Cc: Andy Shevchenko Cc: Paolo Abeni Cc: Geert Uytterhoeven Signed-off-by: Kees Cook --- include/linux/fortify-string.h | 3 ++- include/linux/string.h | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h index b166364ce3e0..aa1a50009632 100644 --- a/include/linux/fortify-string.h +++ b/include/linux/fortify-string.h @@ -661,7 +661,8 @@ __FORTIFY_INLINE void *memchr_inv(const void * const POS0 p, int c, size_t size) return __real_memchr_inv(p, c, size); } -extern void *__real_kmemdup(const void *src, size_t len, gfp_t gfp) __RENAME(kmemdup); +extern void *__real_kmemdup(const void *src, size_t len, gfp_t gfp) __RENAME(kmemdup) + __alloc_size(2); __FORTIFY_INLINE void *kmemdup(const void * const POS0 p, size_t size, gfp_t gfp) { size_t p_size = __struct_size(p); diff --git a/include/linux/string.h b/include/linux/string.h index cf7607b32102..af1d69e5610e 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -176,7 +176,7 @@ extern void kfree_const(const void *x); extern char *kstrdup(const char *s, gfp_t gfp) __malloc; extern const char *kstrdup_const(const char *s, gfp_t gfp); extern char *kstrndup(const char *s, size_t len, gfp_t gfp); -extern void *kmemdup(const void *src, size_t len, gfp_t gfp); +extern void *kmemdup(const void *src, size_t len, gfp_t gfp) __alloc_size(2); extern char *kmemdup_nul(const char *s, size_t len, gfp_t gfp); extern char **argv_split(gfp_t gfp, const char *str, int *argcp); -- 2.34.1