Received: by 10.192.165.148 with SMTP id m20csp81396imm; Thu, 26 Apr 2018 16:27:37 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpNVkR/mDXJ3bsmcf1JJnGoNh0oal6EfvNJNc1RA5OX6n1gK5IN7Pxu+eVh8w4HOMf5XpAe X-Received: by 10.98.106.10 with SMTP id f10mr26129pfc.99.1524785257861; Thu, 26 Apr 2018 16:27:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524785257; cv=none; d=google.com; s=arc-20160816; b=AbrWWSE9G+HtVu2Hv2dMHwbR+Hsx5SDey6lKG9IHMsPcJZ9iUsXMLqZLXmnz3zNZEN ZcH7MKxnliuJkU8DBnD85u1Z/GRnCcgOktZpoabSBRWtDeUMLkdKWyukp/rBfiynY2bo pjiaM04Cpc7eDPznaqef8Mjcom09tE2Bi6h0GrDuod1befwFfM5OycBnslhGx19rY9Qt Si1yj2nu1C1iTcX4V97/nnaFvJt/VssQRt/ajTIVswwQxSnEZz9ba1/OYo6+69h/YeLl brtoxRhCsO6RNzU31okom5656fYA0f8G6Lk1GsYgf9tjwreIbyBW69++Bq0lo0WWsQI9 a0yA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=39uGsZVQYJuKx8HEUVMWz791A1+yqonFI/Fo+V73xjE=; b=bQcx2j2IKaLJ0F05X8JhAdPcb7l1/M1q5QQP1UYwhdgVWHswN5oEMFV0yTdi0LQkVq 8rYOFBFsRZ8riu5Tp6imbyum1comDyrr0HaycdW2QgJxEFlnQNSaYSJU3E3EFIIN8wdv /yWnBcLwUMB/VniNgTX0IM2Iboz4KUAYQy6FjD+ydoXtLvPctv0MuxPcxd8Gl8ahAL9u U4fyMTpRULGf8CWX/1irBAWqs6jDXOQxUtnboH7VQd0Gg9lIOurSv1GYk3M2z2kq6qI2 sHmrzhqG8XAeBm+SKfYrlzu7GBkqfTE9C0FQ2bKY4zmI6ARQLkrosvQCKtKDRRKAi/wW Q0Xg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=aAIQyQq/; dkim=fail header.i=@chromium.org header.s=google header.b=dX6viKkX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h188-v6si7098pgc.53.2018.04.26.16.27.24; Thu, 26 Apr 2018 16:27:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=aAIQyQq/; dkim=fail header.i=@chromium.org header.s=google header.b=dX6viKkX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932278AbeDZXZ7 (ORCPT + 99 others); Thu, 26 Apr 2018 19:25:59 -0400 Received: from mail-vk0-f67.google.com ([209.85.213.67]:36463 "EHLO mail-vk0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752991AbeDZXZ6 (ORCPT ); Thu, 26 Apr 2018 19:25:58 -0400 Received: by mail-vk0-f67.google.com with SMTP id k67-v6so35687vkd.3 for ; Thu, 26 Apr 2018 16:25:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=39uGsZVQYJuKx8HEUVMWz791A1+yqonFI/Fo+V73xjE=; b=aAIQyQq/fiAi6lmHMwYsR8XM9ktE/3Yit8Nx0VcOvAB1NWvZZy6f0kNoXxZhwi5BC7 HnEzxh8YFFZR7lXuJPGrhnbEASy2/Dgoxq6dv0dsVjbtuhJJE3CkFeoOTbOeOeKwtCRE Rt/+e1/BFaTmQ3qznSOmNyNkSh87Zgl4s+sbRUghzy419im5xaBiVvGgpbE8ywmWKyGS LDzI7b2yu3e3OVtP8FS7LWYuaJMAEa2tJXjW+vqfsnQMRXhhpqfBSXp+5gxYFzu09AT6 N2TcZHIno3kpWKCLaXmQ0C4PwYpj5K7G1ck3lcsxBUkUkwc3xSroDDbkclmvTGSIctxr wTRw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=39uGsZVQYJuKx8HEUVMWz791A1+yqonFI/Fo+V73xjE=; b=dX6viKkX+LG1rfinofmpi4yracXtaCnpicDa7Huz9ERi52XCNeKJ3mA+5sQqUuUYQQ 3BiqBZqF/R/X8zhdXvhKygzzolf9OXkRSCHYJuszCm2ZgBCDGHbWgzwTrf+WfuZRVwSL lmblnc6zZX98pLAgJDFtcnEG73H/uRxnsSi0A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=39uGsZVQYJuKx8HEUVMWz791A1+yqonFI/Fo+V73xjE=; b=qql8LZYbFNecHfajkTWETWYNOsPYW0tK+peqbdhPHyzzYG42Z7VBbhWMT5/tgGHd1t OXty17nEGMKg+P/jhkaDIgg4G0Pfif4Xbx1QZ3q+b5SJ8YF1WX7zEDQvyV1ai/k7cwdg TsNEomJfzZ8fPKZsNqkIMO1k9lIkemoV1Sb96L5rT+aVLLBAb0bDOWHGGJ9xs/pOx1UU S72g4TYFUe5UQb/bEpZTENsQe2gtXj5wosNvozTSiNQ5Ic5RCI0Xb41BonjDjqyeKw8U dYbA1jqgBnRS/x2C2YwWGH+RRyqaoKI+53aC8ZfsOEE2plEA8g7Jv7/oZKh3F6pXthgj Bmxg== X-Gm-Message-State: ALQs6tCxNpRWoj0LPJKiPKofMmleitz2Fxy0Ape0n3CYyAytlOle7wAE EAVcJs+BMxQsMabuaK/MO0+7AyweCYE5PSH0CmU71A== X-Received: by 2002:a1f:a8d5:: with SMTP id r204-v6mr34345vke.84.1524785157147; Thu, 26 Apr 2018 16:25:57 -0700 (PDT) MIME-Version: 1.0 Received: by 10.31.164.81 with HTTP; Thu, 26 Apr 2018 16:25:56 -0700 (PDT) In-Reply-To: References: <20180313162411.GA1983@embeddedgus> <20180314110834.GB8564@ulmo> From: Kees Cook Date: Thu, 26 Apr 2018 16:25:56 -0700 X-Google-Sender-Auth: d6NzKf1mhVKOjminwT49qkGfH4E Message-ID: Subject: Re: [PATCH v2] drm/nouveau/secboot: remove VLA usage To: Ben Skeggs Cc: Thierry Reding , "Gustavo A. R. Silva" , David Airlie , nouveau@lists.freedesktop.org, LKML , Maling list - DRI developers , David Laight , Ben Skeggs Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 15, 2018 at 7:05 PM, Ben Skeggs wrote: > On 14 March 2018 at 21:08, Thierry Reding wrote: >> On Tue, Mar 13, 2018 at 11:24:11AM -0500, Gustavo A. R. Silva wrote: >>> In preparation to enabling -Wvla, remove VLA. In this particular >>> case directly use macro NVKM_MSGQUEUE_CMDLINE_SIZE instead of local >>> variable cmdline_size. Also, remove cmdline_size as it is not >>> actually useful anymore. >>> >>> The use of stack Variable Length Arrays needs to be avoided, as they >>> can be a vector for stack exhaustion, which can be both a runtime bug >>> or a security flaw. Also, in general, as code evolves it is easy to >>> lose track of how big a VLA can get. Thus, we can end up having runtime >>> failures that are hard to debug. >>> >>> Also, fixed as part of the directive to remove all VLAs from >>> the kernel: https://lkml.org/lkml/2018/3/7/621 >>> >>> Signed-off-by: Gustavo A. R. Silva >>> --- >>> Changes in v2: >>> - Use sizeof(buf) instead of NVKM_MSGQUEUE_CMDLINE_SIZE. This change >>> is based on the feedback provided by David Laight. Thanks David. >>> >>> drivers/gpu/drm/nouveau/nvkm/subdev/secboot/ls_ucode_msgqueue.c | 7 +++---- >>> 1 file changed, 3 insertions(+), 4 deletions(-) >> >> Reviewed-by: Thierry Reding > Thanks everyone. I've taken the patch in my tree. Hi! Just checking in on this -- I don't see this patch in linux-next. Is this queued somewhere else? Thanks! -Kees -- Kees Cook Pixel Security