Received: by 10.192.165.156 with SMTP id m28csp5232imm; Tue, 10 Apr 2018 15:11:43 -0700 (PDT) X-Google-Smtp-Source: AIpwx49WLYb5Sl/kmTQzCa7PJ1znx0+dmK35n6R2vYEn2yI6zwg+sWUAI1S2v05RF7gaQJ0oEH+P X-Received: by 2002:a17:902:70c6:: with SMTP id l6-v6mr2226545plt.201.1523398303759; Tue, 10 Apr 2018 15:11:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523398303; cv=none; d=google.com; s=arc-20160816; b=alokcYK7RhCm4eCNhjRIj0lLRG3cD4EosGWLV+AACNb9RhSO50aQv2R7SnDRsdufYp hz6HI2QB10kHQUESkm3joKmFEUWaUwrrSTv8FSQxufCH7hQGEiMVdrj4VL9RGKRQY1Ut UqVOiH5bzijPSYv/IfQluZ0exsPfRznyzAQf2U3WmyC47CNFUMflAjDQ6FzGXCMX7TlQ 68wdmblzh2h21KBiY1TW180NgzFJDHPnVrtf+s2Ee+N15l5ohDlG5omM4j2IW4m0VlbL UJJxmLu5k7vP7VNPH6R2E1RoAg6IXnHz3pq5BhKBD8c44MaHqblFhPsr9ILQpiQ5SauG n90w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=OQ1WbnH7Hih4Y3SOYYP8syz0ADBgTn+UXQogxTGd2Cg=; b=CwduiFvkERF4MxuKsVvT3YuBjx8rFLxOeHGWkBN7d6dCWKk/D2cV38RHsSIDn8fHet 0COVgtT0b+VCJd8OLSdskZAGnFOT9HCnuW7IWrN3cAPPdZjuoav2L02K1fr3d2zh0uZp 5exE4ocjlpC54v5oEvMdA/vqB7Dx9d3xV/eIgQYo8Y2RC8VZMQ6FeORfj1lYFyTxsPPF uZbORxXCUTpfm0r2pZgeJHoLTWCw30H0K8BVHwgSp1018G6zNF4Uy8o1mCzzpKPJ4+Wr 26T4h9owBmTTpQ1ZEoZ7YHzap1agHZikjA30bFSCqvS5dbmT5alWDzj2fxyQkPqBjSeF gy5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@armlinux.org.uk header.s=pandora-2014 header.b=WReCMQT7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=armlinux.org.uk Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 91-v6si3452426ply.33.2018.04.10.15.11.06; Tue, 10 Apr 2018 15:11:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@armlinux.org.uk header.s=pandora-2014 header.b=WReCMQT7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=armlinux.org.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752181AbeDJWGz (ORCPT + 99 others); Tue, 10 Apr 2018 18:06:55 -0400 Received: from pandora.armlinux.org.uk ([78.32.30.218]:34150 "EHLO pandora.armlinux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751624AbeDJWGy (ORCPT ); Tue, 10 Apr 2018 18:06:54 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2014; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=OQ1WbnH7Hih4Y3SOYYP8syz0ADBgTn+UXQogxTGd2Cg=; b=WReCMQT7Xk4jTYqRp1zRLi8OF DWmLGVBik+yjRtd1QRpf4AOrd/O+Jq1RAnX9Oom7Q083PU08ttyCbTRq4j4hMyBVN900BtARu1qTT 2hpZI86rvH7Wzs+NxVlr2LPZlfksBdMuexAoC1prggXoGFTsZwJhydttKWwx+UlqVI4aA=; Received: from n2100.armlinux.org.uk ([2002:4e20:1eda:1:214:fdff:fe10:4f86]:41683) by pandora.armlinux.org.uk with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.90_1) (envelope-from ) id 1f61PU-0001C0-6D; Tue, 10 Apr 2018 23:06:44 +0100 Received: from linux by n2100.armlinux.org.uk with local (Exim 4.90_1) (envelope-from ) id 1f61PQ-0002QF-QK; Tue, 10 Apr 2018 23:06:36 +0100 Date: Tue, 10 Apr 2018 23:06:34 +0100 From: Russell King - ARM Linux To: Laura Abbott Cc: David Airlie , dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Kees Cook Subject: Re: [PATCH] drm/i2c: tda998x: Remove VLA usage Message-ID: <20180410220634.GZ16141@n2100.armlinux.org.uk> References: <20180409210703.3787-1-labbott@redhat.com> <20180409222141.GR16141@n2100.armlinux.org.uk> <855433a0-72f5-df29-3a17-5c2016e988e1@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <855433a0-72f5-df29-3a17-5c2016e988e1@redhat.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 10, 2018 at 02:52:35PM -0700, Laura Abbott wrote: > On 04/09/2018 03:21 PM, Russell King - ARM Linux wrote: > >On Mon, Apr 09, 2018 at 02:07:03PM -0700, Laura Abbott wrote: > >>There's an ongoing effort to remove VLAs[1] from the kernel to eventually > >>turn on -Wvla. The vla in reg_write_range is based on the length of data > >>passed. The one use of a non-constant size for this range is bounded by > >>the size buffer passed to hdmi_infoframe_pack which is a fixed size. > >>Switch to this upper bound. > > > >Does this _really_ make it safer? What if the code is modified to write > >more than 32 bytes in the future? > > > >Sorry, I don't think this is safer at all. > > > > Yeah I wasn't 100% sure about this one. Elsewhere, we've added bounds > checks against the new static size buffer so we could do that here > to ensure we don't overrun the stack if we do need to write more > than 32 bytes in the future. Another option is to switch to > a kmalloc buffer. Are either of those options acceptable to you or > do you have a better idea of how to get rid of the VLA? Limiting the size would be better (with an error message/WARN_ON) - at least that results in a diagnostic message to alert the developer rather than silently stomping over the stack. -- RMK's Patch system: http://www.armlinux.org.uk/developer/patches/ FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps up According to speedtest.net: 8.21Mbps down 510kbps up