Received: by 10.223.185.111 with SMTP id b44csp1063189wrg; Fri, 9 Mar 2018 20:37:00 -0800 (PST) X-Google-Smtp-Source: AG47ELthw3/n32n1RDfkSP3TpMOU3Jrko2iRmgP3lvXT5MP4YlrWSBmKcWqVdZts+FWbMB3E8p7m X-Received: by 10.98.62.14 with SMTP id l14mr883330pfa.206.1520656620326; Fri, 09 Mar 2018 20:37:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520656620; cv=none; d=google.com; s=arc-20160816; b=fMTCgZb4JXMr2WbZnrlfdHbpXomykv2+zZyrpsiCCTBBeQf2F7jiem5ncrz2nnrF+l HrendpI5Ur57lM8R8Z/oc+9dm1rjPd/iIugVbO57CHXyOwDUFwZhQFM2hAurWQ3NxKmh Rn47crHQrLPqw+UYMupV36T3PdzgEtWjnIxkwB7kP8mqb4MfvdpIu7a4VwyFrNKfcqVa LnaRCtAiGkOTitzdZCkOL2N2tGrxBlUSZBzcHqjo7hQfB60tqO4fqLrbZBh/qXhdSW9P okCjQUeBAK+Ge91GET7MDX0noQThXRuWOf8riq/3yBqgoyNMpV0Vo50eg4rytvrD4OUS U/DA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=UdNzmENpHvT1r2mQTN6zK+yc//7GsIZFDARKlPydqmY=; b=uGm6UW0/4+XaJSAH1IGt69jdn6wK508zeWiCrB6BJBxChUlkljGUr2b9nFm8igV2rB R6pwS2CzeI1EgHx6eJLa6qLJ/biq8SE0OxCWJR2qNeMek0ZgHnrPitMsCqlYtLBHjwCr yQ91LfmZH7u61QsWJ2etXIb7vhwk94NNj4tkEwWq4l0o1dSByuhKmK+psRtjGFAYKl3O QePR0hN3GWk4lD0w3LePvoF+X6btw4uYovX8uiW38Ero1Fa+qIWJYFTGi3SIwtzAbgKb OoSQvsgwLOMZVKYNX5TAl9XRY90K3IzDsHTjdrMsou43pvcmpdBxok8GIOVei3v+lySv 5i2A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n1si2038915pff.256.2018.03.09.20.36.34; Fri, 09 Mar 2018 20:37:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932844AbeCJEfB (ORCPT + 99 others); Fri, 9 Mar 2018 23:35:01 -0500 Received: from gateway31.websitewelcome.com ([192.185.144.28]:18057 "EHLO gateway31.websitewelcome.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932343AbeCJEe7 (ORCPT ); Fri, 9 Mar 2018 23:34:59 -0500 Received: from cm15.websitewelcome.com (cm15.websitewelcome.com [100.42.49.9]) by gateway31.websitewelcome.com (Postfix) with ESMTP id A039F19945 for ; Fri, 9 Mar 2018 22:34:58 -0600 (CST) Received: from gator4166.hostgator.com ([108.167.133.22]) by cmsmtp with SMTP id uWDienT44ntAouWDieU0Fn; Fri, 09 Mar 2018 22:34:58 -0600 Received: from [189.175.117.58] (port=35318 helo=[192.168.1.66]) by gator4166.hostgator.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89_1) (envelope-from ) id 1euWDi-0047V5-1a; Fri, 09 Mar 2018 22:34:58 -0600 Subject: Re: [PATCH] rtc: s5m: Remove VLA usage To: Krzysztof Kozlowski Cc: Kees Cook , "Gustavo A. R. Silva" , Sangbeom Kim , Bartlomiej Zolnierkiewicz , Alessandro Zummo , Alexandre Belloni , LKML , linux-samsung-soc@vger.kernel.org, linux-rtc@vger.kernel.org, Kernel Hardening References: <20180308172031.GA14541@embeddedgus> <23757731-bfa5-cb4c-ddc0-04103f9a72e0@embeddedor.com> From: "Gustavo A. R. Silva" Message-ID: <4f25592d-e805-b81e-b518-4b60867ef32a@embeddedor.com> Date: Fri, 9 Mar 2018 22:34:55 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator4166.hostgator.com X-AntiAbuse: Original Domain - vger.kernel.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - embeddedor.com X-BWhitelist: no X-Source-IP: 189.175.117.58 X-Source-L: No X-Exim-ID: 1euWDi-0047V5-1a X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: ([192.168.1.66]) [189.175.117.58]:35318 X-Source-Auth: garsilva@embeddedor.com X-Email-Count: 7 X-Source-Cap: Z3V6aWRpbmU7Z3V6aWRpbmU7Z2F0b3I0MTY2Lmhvc3RnYXRvci5jb20= X-Local-Domain: yes Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Krzysztof, On 03/09/2018 07:04 AM, Krzysztof Kozlowski wrote: > On Thu, Mar 8, 2018 at 7:03 PM, Gustavo A. R. Silva > wrote: >> >> >> On 03/08/2018 11:58 AM, Kees Cook wrote: >>> >>> On Thu, Mar 8, 2018 at 9:20 AM, Gustavo A. R. Silva >>> wrote: >>>> >>>> In preparation to enabling -Wvla, remove VLAs and replace them >>>> with fixed-length arrays instead. >>>> >>>> From a security viewpoint, the use of Variable Length Arrays can be >>>> a vector for stack overflow attacks. Also, in general, as the code >>>> evolves it is easy to lose track of how big a VLA can get. Thus, we >>>> can end up having segfaults that are hard to debug. >>>> >>>> Also, fixed as part of the directive to remove all VLAs from >>>> the kernel: https://lkml.org/lkml/2018/3/7/621 >>>> >>>> Signed-off-by: Gustavo A. R. Silva >>>> --- >>>> drivers/rtc/rtc-s5m.c | 15 +++++++++------ >>>> 1 file changed, 9 insertions(+), 6 deletions(-) >>>> >>>> diff --git a/drivers/rtc/rtc-s5m.c b/drivers/rtc/rtc-s5m.c >>>> index 6deae10..2b5f4f7 100644 >>>> --- a/drivers/rtc/rtc-s5m.c >>>> +++ b/drivers/rtc/rtc-s5m.c >>>> @@ -38,6 +38,9 @@ >>>> */ >>>> #define UDR_READ_RETRY_CNT 5 >>>> >>>> +/* Maximum number of registers for setting time/alarm0/alarm1 */ >>>> +#define MAX_NUM_TIME_REGS 8 >>> >>> >>> I would adjust the various const struct s5m_rtc_reg_config's >>> .regs_count to be represented by this new define, so the stack and the >>> structures stay in sync. Something like: >>> >>> static const struct s5m_rtc_reg_config s2mps13_rtc_regs = { >>> .regs_count = MAX_NUM_TIME_REGS - 1, >>> >>> ? >>> >> >> Yep. I thought about that and decided to wait for some feedback first. But >> yeah, I think is that'd be a good change. > > Define and these assignments should be somehow connected with enum > defining the offsets for data[] (from > include/linux/mfd/samsung/rtc.h). Otherwise we define the same in two > places. The enum could be itself (in separate patch) moved to the > driver because it is meaningless for others. > I got it. I'll move the enum to rtc-s5m.c and add RTC_MAX_NUM_TIME_REGS at the end of it. I'll send a patch series for this. Thanks for the feedback. -- Gustavo > Best regards, > Krzysztof >