Received: by 10.223.185.111 with SMTP id b44csp1596435wrg;
        Sat, 10 Mar 2018 09:20:14 -0800 (PST)
X-Google-Smtp-Source: AG47ELuH99Ct9u9MQKcjUNhPKXFodCpFF+OEkh8h9NX8GK6FCeHvPSImrdqP2kAYqOUZcYMvMjhr
X-Received: by 10.98.102.155 with SMTP id s27mr2578302pfj.198.1520702414428;
        Sat, 10 Mar 2018 09:20:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1520702414; cv=none;
        d=google.com; s=arc-20160816;
        b=BD1dhVPeiSf8RGqVGHyE1j63Szy2X8UuQeL3DjAYTzQErBQBaj+zZKd4bNcWg1wAD4
         teFyg/fQUkyFw9HFyVvpGJ2qOiCpBucHWI9S6l5O+D7vxQ+6jfX+2ALunu2MeP3ihG1i
         QgzY8qUUUr85IJDkpgrMqzYdK7QbcQC2HMxjWy1x15US1CjfR+JjXFunBxzMBwTv/Btx
         xRNGlXAPkwVjeBnuMK2c+Fc/LKGS1pppWzdsKjmXhBeczHFik3poNwpvNrgFkRwU1b+r
         0FTWjut4IOIFlWlZwy0Zx8cqlixD/bsOFvOS/cGE18JNt/Oh/mju3orDrr8//ycWLeBN
         4kwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature:dkim-signature
         :arc-authentication-results;
        bh=4cD7a8GCFy3B9FQkjRZ7AJxdhdvGTFjnuinOGu7I/rg=;
        b=znkB4T2Ua3knNPLjU4D+mKoQF4kd3XnSKj66u0NfiKuO7+dASwBkZiX3RSrnXBhql/
         ojRHnbIKfayYaNkkBctcXi06xWar4mNIdezmkSc40aV4efR2gJJ7ibCMsBoC2RhJYgQy
         JFGYIAHouXE54coxAHXBBYmgonEJIts8jHQq5wWQQ6rADLUseOi02bBByoa6nVzLDqPZ
         osOhMEcg+L6KKINGz2px83sVUI01P7Fk3JMxCAQwfKx+ApIjKtf7rZGvRmKknHjt6zKv
         AxYjOnSvWhsqMOjWuFQSWb9/9xNn5Ify5Gj+cXRSV5A0/U14IViD6qgcbMaCSpRv/Gb9
         0DfA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=The6MBoV;
       dkim=fail header.i=@chromium.org header.s=google header.b=DL2LBrtT;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 91-v6si3021915ply.430.2018.03.10.09.19.59;
        Sat, 10 Mar 2018 09:20:14 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=The6MBoV;
       dkim=fail header.i=@chromium.org header.s=google header.b=DL2LBrtT;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751278AbeCJRSv (ORCPT <rfc822;yxhlfx@gmail.com> + 99 others);
        Sat, 10 Mar 2018 12:18:51 -0500
Received: from mail-ua0-f193.google.com ([209.85.217.193]:33600 "EHLO
        mail-ua0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751191AbeCJRSt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 10 Mar 2018 12:18:49 -0500
Received: by mail-ua0-f193.google.com with SMTP id f6so4291977ual.0
        for <linux-kernel@vger.kernel.org>; Sat, 10 Mar 2018 09:18:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=4cD7a8GCFy3B9FQkjRZ7AJxdhdvGTFjnuinOGu7I/rg=;
        b=The6MBoVeTVTizk4+J8v+AzwMybnqVRXVHG/hKvGnzKRyzLhRUH5hF5EEzX7BO7xB9
         ZZMpASrX0CIg+w1R5pNi8/d1ssnCS+i+idHGiFFFIrgsWcevqeij1Q8Fo7Lq7evLcsgS
         XeviIfIh/SX0Iy1zcLu8NVuEB0uCOBv9I6U6kT7biKfEj0+9Ue80RGzJNqbX7UMmOWhC
         Zi1RxGGX3/aaFV//A0Z/Fa9pr4ui33vqctSxYSwFDCjvDqoYnJx6/1N5Ze7WdSHp78Dl
         GDIKD6krDAegcwGMWEi7Wx5L+I4bYKJVQC66fSIJrljKSk3yMxI/n7svYww7lI81NyCA
         x6Dw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=4cD7a8GCFy3B9FQkjRZ7AJxdhdvGTFjnuinOGu7I/rg=;
        b=DL2LBrtTo8MVZ/200zg8gO/vTNDpQDXmZ3XcSJQ0x+d7Y0sg5iHofv1sXuRA9F5e2Y
         2qTpYLhyPeea9+HsXk/xfNQWohzNjLNqGsZ79NSyAKphxIKzH2A9ehV/bYaN5XySI1AK
         DH9xCTFAFGLZISV8yQYRZWXm+i1Uqg9a6nw8U=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=4cD7a8GCFy3B9FQkjRZ7AJxdhdvGTFjnuinOGu7I/rg=;
        b=Ty/INDQB2kpbZ9f6brYSOUt32d8he1DgylV/gg0FwPJLmHMyu5IPn6/4ohlTR+FYCT
         Tt9vrIynqeRYWq+obeH1ZMrCbYuqa3FvbNJj4ob4Vb28eAUM5V5ioZC3oO4HSlQdH1Vt
         U3ZnLRAc4////HkdEyW44IlQO6yUNqMU76iWFFcZX1Fy+DPjviigpjZyM9lXqATpP0bU
         4m9LfqIf6GIHjx6XeMPCvas2bMMh88Sg0cT9jgjN+T406NKhQtnfKA/NBTq0Wxa8vk89
         N1OPv+0aXTGI/GeLUC2ZLSWYmxCifoRdq0K1mbrORARCQEpDlGqjkJoq+G7EITQ43snZ
         IRkA==
X-Gm-Message-State: AElRT7HSZxkcAPRbfY1yos4yv/JnNFBVAbS14oh8ALMQVPEydj7XbDl3
        HLBC8i/BrnaL1tRyxbx1c4KdRUqTUz0flrOuCcz5Aw==
X-Received: by 10.159.54.227 with SMTP id p90mr1712986uap.74.1520702326945;
 Sat, 10 Mar 2018 09:18:46 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.242.140 with HTTP; Sat, 10 Mar 2018 09:18:46 -0800 (PST)
In-Reply-To: <20180310094327.685d181d@epycfail>
References: <1520667645-21975-1-git-send-email-andreaschristofo@gmail.com> <20180310094327.685d181d@epycfail>
From:   Kees Cook <keescook@chromium.org>
Date:   Sat, 10 Mar 2018 09:18:46 -0800
X-Google-Sender-Auth: 3hQkUisQaAIU7UXL91yizFGtEzE
Message-ID: <CAGXu5jKwWRzK8EJOo2zraxi9ghQ7an5d4yr8ktGa+ijWX_aJZA@mail.gmail.com>
Subject: Re: [PATCH v2] net: ipv6: xfrm6_state: remove VLA usage
To:     Stefano Brivio <sbrivio@redhat.com>
Cc:     Andreas Christoforou <andreaschristofo@gmail.com>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Steffen Klassert <steffen.klassert@secunet.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
        Network Development <netdev@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Mar 10, 2018 at 12:43 AM, Stefano Brivio <sbrivio@redhat.com> wrote:
> On Sat, 10 Mar 2018 09:40:44 +0200
> Andreas Christoforou <andreaschristofo@gmail.com> wrote:
>
>> diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
>> index b15075a..270a53a 100644
>> --- a/net/ipv6/xfrm6_state.c
>> +++ b/net/ipv6/xfrm6_state.c
>> @@ -62,7 +62,7 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
>>  {
>>       int i;
>>       int class[XFRM_MAX_DEPTH];
>> -     int count[maxclass];
>> +     int count[XFRM_MAX_DEPTH];
>>
>>       memset(count, 0, sizeof(count));
>
> Can you perhaps initialize 'count' instead of calling memset(), now?

Do you mean:

int count[XFRM_MAX_DEPTH] = { };

instead of the memset()?

I thought the compiler would resolve these both to the same thing? The
former looks better though! :)

-Kees

-- 
Kees Cook
Pixel Security