Received: by 10.213.65.68 with SMTP id h4csp4261041imn;
        Tue, 10 Apr 2018 11:53:01 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+irn3kjAeXbwpaexXXBAGQ5ZT7i4cZB/COsm77jwV/2fbk+WJyaFqEu/8MJxE5+KeBI1hI
X-Received: by 2002:a17:902:6a81:: with SMTP id n1-v6mr1608459plk.342.1523386381441;
        Tue, 10 Apr 2018 11:53:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523386381; cv=none;
        d=google.com; s=arc-20160816;
        b=CsBnvegRY1mjX22T/CI3z7j9pVkGE8jmbarOdaF1TUooxJ/dA1xi3cUKPKCJGQqIYk
         9E5rxH9LpagWGHqHF+lfUDLuue3Yw+2+nHWTXbI/Bk4JjlLndw/vMQ+TKoToavUaVoby
         q/D5Rfel/0TPMP73ieCesoQVwsHVs/5ktctsrr0XbYPL9Uz1m4nFQHqkNYc7+fj4RzJv
         DhDf6byO+VSozTW9DQCS9KcfGDpZBN6+0egkS26ZljRYtA1myhwLq47joSKLXnSk0eTm
         EhmBfWJ1i/D1D+1nTnBOZP9yox1zvmqhwxAV+ukjb7thj8IGqQ5SsDX6z5Cs8NhsFckc
         648g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=3e7WjB7R03D7D8WOBg9xEyvx4TXO3Wd88HH4z9b/XxM=;
        b=I2C/XOobom3vC2SuMwG1qJaLhFNXHKkP+DUgm6IMzn4VTtdg7Jc+n+R65BUwNuZ7f+
         p4DGPoBhOMU9zO6DJ9YjF9E45IGudU3jEmIjaaMapPBTMMSfx3Ob1poylxpvpT8pYMz6
         R4EtpObHrsvdxZ+RV71rslBsSFMDaDxH2cBDcRuhxth2HTXJ6yJFmUTt9RFXE88D0kMG
         E8lxRKM1dXI4I5b9KCMUgd4Rv/+cuOAql13BnBwkRB6W04Bga0k4pVQsy1aAZsVHEf7a
         FbPCaAZmCBrq1v5wptZDXDsV9TSGzeokKgprEq6SYclIm7Rn1AK49D1oX4MytAv5TMhy
         Jrrw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id x10-v6si3121526plv.563.2018.04.10.11.52.23;
        Tue, 10 Apr 2018 11:53:01 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751961AbeDJStK (ORCPT <rfc822;deadfox.tw@gmail.com>
        + 99 others); Tue, 10 Apr 2018 14:49:10 -0400
Received: from mail-pf0-f195.google.com ([209.85.192.195]:46573 "EHLO
        mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751770AbeDJStI (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 10 Apr 2018 14:49:08 -0400
Received: by mail-pf0-f195.google.com with SMTP id h69so9018073pfe.13
        for <linux-kernel@vger.kernel.org>; Tue, 10 Apr 2018 11:49:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=3e7WjB7R03D7D8WOBg9xEyvx4TXO3Wd88HH4z9b/XxM=;
        b=VzQrBwyzgOAUQNsB7yaSBAYitVy9gqOOC0aOPFCC71a1z+laPPZd20NfPmEsx4P1Mx
         aajRo7DBUtDXxzlDZXWtZKKVtUZIqoBk4juZjoc9eripYI72nt8t8pPmAaE+9VRo9DdU
         eMoF98S3eTLzjWIQBsu5xiH6rWILAA41iQ7a2Xit8HOu4pxx5+uvlt5YoDIEIdyWTLWm
         U4dAMTYO2QO7icd6AYFyencdbT9IdCGPklJI3m7InpLKhRtyxkb/hAg5V8vZkCqJkHDY
         TtPlpwTFVJGwM89JYFdvJ9DLLp4whJyvrD3QMIXi/DsRWmQHL3EjGOyNXk7nBkQNYnjG
         82AQ==
X-Gm-Message-State: ALQs6tBUBYEX3DdfWiqFWXkXs0X0rLNMQMVpf8e0MfvfrICipeLN/i2o
        Fd/EdY39HILcDPGF/++UD0xo4g==
X-Received: by 10.98.137.15 with SMTP id v15mr1283049pfd.95.1523386147579;
        Tue, 10 Apr 2018 11:49:07 -0700 (PDT)
Received: from ?IPv6:2601:602:9802:a8dc:4eb2:6dae:ab32:e5b0? ([2601:602:9802:a8dc:4eb2:6dae:ab32:e5b0])
        by smtp.gmail.com with ESMTPSA id w17sm7719124pfa.141.2018.04.10.11.49.04
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 10 Apr 2018 11:49:06 -0700 (PDT)
Subject: Re: [PATCH] misc: tifm: Remove VLA
To:     Arnd Bergmann <arnd@arndb.de>
Cc:     Alex Dubov <oakad@yahoo.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>
References: <20180409210732.3919-1-labbott@redhat.com>
 <CAK8P3a3Yo0riMroM3x4EVz8FkMakdPkkJ-mCTYW0qOji+MCCiQ@mail.gmail.com>
From:   Laura Abbott <labbott@redhat.com>
Message-ID: <799e8f9a-0aa1-6f5d-8421-7c768d70f562@redhat.com>
Date:   Tue, 10 Apr 2018 11:49:02 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <CAK8P3a3Yo0riMroM3x4EVz8FkMakdPkkJ-mCTYW0qOji+MCCiQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 04/10/2018 12:57 AM, Arnd Bergmann wrote:
> On Mon, Apr 9, 2018 at 11:07 PM, Laura Abbott <labbott@redhat.com> wrote:
>> There's an ongoing effort to remove VLAs[1] from the kernel to eventually
>> turn on -Wvla. The single VLA can either take a value of 2 or 4 so switch
>> to the upper bound.
>>
>> [1] https://lkml.org/lkml/2018/3/7/621
>>
>> Signed-off-by: Laura Abbott <labbott@redhat.com>
>> ---
>>   drivers/misc/tifm_7xx1.c | 3 ++-
>>   1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/misc/tifm_7xx1.c b/drivers/misc/tifm_7xx1.c
>> index e5f108713dd8..690eaaea5ce4 100644
>> --- a/drivers/misc/tifm_7xx1.c
>> +++ b/drivers/misc/tifm_7xx1.c
>> @@ -239,7 +239,8 @@ static int tifm_7xx1_resume(struct pci_dev *dev)
>>          unsigned long timeout;
>>          unsigned int good_sockets = 0, bad_sockets = 0;
>>          unsigned long flags;
>> -       unsigned char new_ids[fm->num_sockets];
>> +       /* Maximum number of entries is 4 */
>> +       unsigned char new_ids[4];
>>          DECLARE_COMPLETION_ONSTACK(finish_resume);
>>
> 
> I like the idea of removing all the VLAs, but this one appears to make
> the code less robust rather than more: In case of an unexpected
> fm->num_sockets value, we now not only overflow the kernel stack
> area but also the local variable into the neighboring stack slots.
> 
> Maybe add an extra overflow check?
> 

Sure.

>         Arnd
> 
> diff --git a/drivers/misc/tifm_7xx1.c b/drivers/misc/tifm_7xx1.c
> index e5f108713dd8..c702cd92d396 100644
> --- a/drivers/misc/tifm_7xx1.c
> +++ b/drivers/misc/tifm_7xx1.c
> @@ -239,9 +239,12 @@ static int tifm_7xx1_resume(struct pci_dev *dev)
>          unsigned long timeout;
>          unsigned int good_sockets = 0, bad_sockets = 0;
>          unsigned long flags;
> -       unsigned char new_ids[fm->num_sockets];
> +      /* Maximum number of entries is 4 */
> +       unsigned char new_ids[4];
>          DECLARE_COMPLETION_ONSTACK(finish_resume);
> 
> +       if (WARN_ON(fm->num_sockets > ARRAY_SIZE(new_ids)))
> +               return -ENXIO;
> +
>          pci_set_power_state(dev, PCI_D0);
>          pci_restore_state(dev);
>          rc = pci_enable_device(dev);
>