Received: by 10.213.65.68 with SMTP id h4csp156023imn; Thu, 15 Mar 2018 21:28:46 -0700 (PDT) X-Google-Smtp-Source: AG47ELswGkc947ewaZZtJD+wbZloCMSxD9Z2QWjXsRJMdNHVsCe23CFIaWfxqwZnTMaawpoyqQsj X-Received: by 10.101.82.203 with SMTP id z11mr329182pgp.245.1521174526771; Thu, 15 Mar 2018 21:28:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521174526; cv=none; d=google.com; s=arc-20160816; b=LF6eGvbNIA5W0GRAKmsyN0XEXT4oBIyILokdrIa143FpEcFXcpXGMHTTbP/0YVXrdh 6mVjykYGhMwzU2cz2jhmwZY+2py3qPxYUjIo9YbFA632+S2D+zLHXPOaLbqzWvnEfAOq F227FnjBwj7ogpce4a7WpgsUHc1k1/ai7o0RBSrOYz1YP9c0ALLWZeJEcSUF3/4t2pPL AfsRKd6+Y9iFtM7AsaGuav1PcgxsulJYDWQBcMSg6AzJ8ZaOLDOJNePVZLgGrqeAyy5T Bk7KgK1cLo0vgOXXM/zZ0utuZCMmwpD13Md6wc2CbzoV2o4ZtvRqzbmBE5FmUDi8oy/c kN9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=etTirND11sHpnpv8W1hcdvXfYX8gc+sNx8YcPii9hYE=; b=FIF/ykHBR5/Sydf0ueUHhdBZ9bYGnKdA7xktlNEYmQHsQtwH4j0Tp9TqPqU3vkq2Cg 9JP59cYs7qvzOMBTEGGiDbf5jPQgTORFTjtNCuFg7+z6Rc72+NvDL8Bs8ZQrMbPcEmFi P0D3EwL8zEsyOmxwoSU7nhTp16F4SKAP9gOYnuEvE+Z1yfMmilV19SdkDzVZa21TpIrz Nhjfh2/RYP28ufJ8nzwaIBBmco8OIVIHLsp0o/jnC47NSjgQPp3mcRdTbnp+vgtPngMG 9pvz3Mq8rQS4fIBsH19Cy9AoW7snpT1hk4ZPaXFbq+bgGmI+gMroJNVS/n9HfP831N8d a/Tg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=BoUiD6l6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n66si3816382pfa.17.2018.03.15.21.28.32; Thu, 15 Mar 2018 21:28:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=BoUiD6l6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752421AbeCPE0s (ORCPT + 99 others); Fri, 16 Mar 2018 00:26:48 -0400 Received: from mail-pf0-f195.google.com ([209.85.192.195]:37234 "EHLO mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751069AbeCPE0H (ORCPT ); Fri, 16 Mar 2018 00:26:07 -0400 Received: by mail-pf0-f195.google.com with SMTP id h11so3723303pfn.4 for ; Thu, 15 Mar 2018 21:26:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=etTirND11sHpnpv8W1hcdvXfYX8gc+sNx8YcPii9hYE=; b=BoUiD6l6+SzyrZ98396NwVNjtM7Qac4B6/KNPRNj/1MgiQ1Z/x99z+LySHYBFh2FWQ 6+u1dn1mXD7C0vC+XRjoVuttACuk7BDibLm5aI3ziUJS0RRYJ1vHaTT8oDGIgPcDr3S8 QY+LBs0NUdegHIJnM+Nk6RXfTYx9sTcdWIup8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=etTirND11sHpnpv8W1hcdvXfYX8gc+sNx8YcPii9hYE=; b=C5KptYog2px6ADgQHMOeIMLl+AFnsBBMZ/DeIF+Wmuj0tRtpfqYMCy0CmG/mUChBvA Rv1ve/ib8tY80ul3V8BqO/PGmDEWoMQ8kCAIMdYGuBvIJsqiiHnPt0LC15jwLg6eGBx7 CRXyaOczp3VF1hlH7SPHWK4N7n7SQ4DybRqfmufTJ/mfFoSYPr5QMLzDH80BE7b4Lc5F JC5kyWRN2WRPHSe9fsO1AiptLZvQhuivyPfOrFyU9qedRCt1sU2cdWuW6RaiSuWgTArV +67bsIlIZgTLLO/YZuJqaAKjX7a+FysLwGkvBSLrA0rcklwRbhnjAITFhVx6MjsB9RHu HrGg== X-Gm-Message-State: AElRT7Hqu1HJ8l/HaLGieI671xjaLuqmYszYC3Qo+Un6dNzExBkYGvUy HxGYX0UXsg6P/KEiyQGsAxijzg== X-Received: by 10.98.9.134 with SMTP id 6mr350123pfj.149.1521174366884; Thu, 15 Mar 2018 21:26:06 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id o10sm11502734pgf.25.2018.03.15.21.26.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Mar 2018 21:26:03 -0700 (PDT) From: Kees Cook To: Andrew Morton Cc: Kees Cook , Linus Torvalds , Josh Poimboeuf , Rasmus Villemoes , Randy Dunlap , Miguel Ojeda , Ingo Molnar , David Laight , Ian Abbott , linux-input@vger.kernel.org, linux-btrfs@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v5 2/2] Remove false-positive VLAs when using max() Date: Thu, 15 Mar 2018 21:25:59 -0700 Message-Id: <1521174359-46392-3-git-send-email-keescook@chromium.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1521174359-46392-1-git-send-email-keescook@chromium.org> References: <1521174359-46392-1-git-send-email-keescook@chromium.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org As part of removing VLAs from the kernel[1], we want to build with -Wvla, but it is overly pessimistic and only accepts constant expressions for stack array sizes, instead of also constant values. The max() macro triggers the warning, so this refactors these uses of max() to use the new const_max() instead. [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Kees Cook --- drivers/input/touchscreen/cyttsp4_core.c | 2 +- fs/btrfs/tree-checker.c | 3 ++- lib/vsprintf.c | 5 +++-- net/ipv4/proc.c | 8 ++++---- net/ipv6/proc.c | 11 +++++------ 5 files changed, 15 insertions(+), 14 deletions(-) diff --git a/drivers/input/touchscreen/cyttsp4_core.c b/drivers/input/touchscreen/cyttsp4_core.c index 727c3232517c..7fb9bd48e41c 100644 --- a/drivers/input/touchscreen/cyttsp4_core.c +++ b/drivers/input/touchscreen/cyttsp4_core.c @@ -868,7 +868,7 @@ static void cyttsp4_get_mt_touches(struct cyttsp4_mt_data *md, int num_cur_tch) struct cyttsp4_touch tch; int sig; int i, j, t = 0; - int ids[max(CY_TMA1036_MAX_TCH, CY_TMA4XX_MAX_TCH)]; + int ids[const_max_t(size_t, CY_TMA1036_MAX_TCH, CY_TMA4XX_MAX_TCH)]; memset(ids, 0, si->si_ofs.tch_abs[CY_TCH_T].max * sizeof(int)); for (i = 0; i < num_cur_tch; i++) { diff --git a/fs/btrfs/tree-checker.c b/fs/btrfs/tree-checker.c index c3c8d48f6618..d83244e3821f 100644 --- a/fs/btrfs/tree-checker.c +++ b/fs/btrfs/tree-checker.c @@ -341,7 +341,8 @@ static int check_dir_item(struct btrfs_root *root, */ if (key->type == BTRFS_DIR_ITEM_KEY || key->type == BTRFS_XATTR_ITEM_KEY) { - char namebuf[max(BTRFS_NAME_LEN, XATTR_NAME_MAX)]; + char namebuf[const_max_t(size_t, BTRFS_NAME_LEN, + XATTR_NAME_MAX)]; read_extent_buffer(leaf, namebuf, (unsigned long)(di + 1), name_len); diff --git a/lib/vsprintf.c b/lib/vsprintf.c index d7a708f82559..12ff57a36171 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -744,8 +744,9 @@ char *resource_string(char *buf, char *end, struct resource *res, #define FLAG_BUF_SIZE (2 * sizeof(res->flags)) #define DECODED_BUF_SIZE sizeof("[mem - 64bit pref window disabled]") #define RAW_BUF_SIZE sizeof("[mem - flags 0x]") - char sym[max(2*RSRC_BUF_SIZE + DECODED_BUF_SIZE, - 2*RSRC_BUF_SIZE + FLAG_BUF_SIZE + RAW_BUF_SIZE)]; + char sym[const_max_t(size_t, + 2*RSRC_BUF_SIZE + DECODED_BUF_SIZE, + 2*RSRC_BUF_SIZE + FLAG_BUF_SIZE + RAW_BUF_SIZE)]; char *p = sym, *pend = sym + sizeof(sym); int decode = (fmt[0] == 'R') ? 1 : 0; diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c index dc5edc8f7564..7f5c3b40dac9 100644 --- a/net/ipv4/proc.c +++ b/net/ipv4/proc.c @@ -46,7 +46,7 @@ #include #include -#define TCPUDP_MIB_MAX max_t(u32, UDP_MIB_MAX, TCP_MIB_MAX) +#define TCPUDP_MIB_MAX const_max_t(size_t, UDP_MIB_MAX, TCP_MIB_MAX) /* * Report socket allocation statistics [mea@utu.fi] @@ -404,7 +404,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) struct net *net = seq->private; int i; - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); seq_puts(seq, "\nTcp:"); for (i = 0; snmp4_tcp_list[i].name; i++) @@ -421,7 +421,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) seq_printf(seq, " %lu", buff[i]); } - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); snmp_get_cpu_field_batch(buff, snmp4_udp_list, net->mib.udp_statistics); @@ -432,7 +432,7 @@ static int snmp_seq_show_tcp_udp(struct seq_file *seq, void *v) for (i = 0; snmp4_udp_list[i].name; i++) seq_printf(seq, " %lu", buff[i]); - memset(buff, 0, TCPUDP_MIB_MAX * sizeof(unsigned long)); + memset(buff, 0, sizeof(buff)); /* the UDP and UDP-Lite MIBs are the same */ seq_puts(seq, "\nUdpLite:"); diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c index b67814242f78..b68c233de296 100644 --- a/net/ipv6/proc.c +++ b/net/ipv6/proc.c @@ -30,10 +30,9 @@ #include #include -#define MAX4(a, b, c, d) \ - max_t(u32, max_t(u32, a, b), max_t(u32, c, d)) -#define SNMP_MIB_MAX MAX4(UDP_MIB_MAX, TCP_MIB_MAX, \ - IPSTATS_MIB_MAX, ICMP_MIB_MAX) +#define SNMP_MIB_MAX const_max_t(u32, \ + const_max_t(u32, UDP_MIB_MAX, TCP_MIB_MAX), \ + const_max_t(u32, IPSTATS_MIB_MAX, ICMP_MIB_MAX)) static int sockstat6_seq_show(struct seq_file *seq, void *v) { @@ -199,7 +198,7 @@ static void snmp6_seq_show_item(struct seq_file *seq, void __percpu *pcpumib, int i; if (pcpumib) { - memset(buff, 0, sizeof(unsigned long) * SNMP_MIB_MAX); + memset(buff, 0, sizeof(buff)); snmp_get_cpu_field_batch(buff, itemlist, pcpumib); for (i = 0; itemlist[i].name; i++) @@ -218,7 +217,7 @@ static void snmp6_seq_show_item64(struct seq_file *seq, void __percpu *mib, u64 buff64[SNMP_MIB_MAX]; int i; - memset(buff64, 0, sizeof(u64) * SNMP_MIB_MAX); + memset(buff64, 0, sizeof(buff64)); snmp_get_cpu_field64_batch(buff64, itemlist, mib, syncpoff); for (i = 0; itemlist[i].name; i++) -- 2.7.4