Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp39280rwn;
        Fri, 16 Sep 2022 14:58:47 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM6QR5r6+vZvBjsYSvbC+1UjRpsxVOsivUfJb/dvwdVNxFEpu5dDTpgAQkrwG0zAUsjO0I2k
X-Received: by 2002:a05:6a00:2402:b0:52c:81cf:8df8 with SMTP id z2-20020a056a00240200b0052c81cf8df8mr6977333pfh.60.1663365526826;
        Fri, 16 Sep 2022 14:58:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1663365526; cv=none;
        d=google.com; s=arc-20160816;
        b=pn4sYHyPQfHdO386qi5OIckYnWGPej17WeTZ4RgfH8vwp9egalThEfkjpLuzIPv4d4
         4oZh/L+uVC7riCLcMcKzgYh9FNTBjHdHe1Ph5HvoE3Jj+un/qb4v7mDxozsI4Ftfkc+o
         MvhDfiQJGies6yqhy9bEJfSdVhjKPP2RQB5t1UIqMt/ExKi0XkLOYS1g+5SScFBPuohk
         fEDaXFHEYzQGWKLXx5Hv6fnawD6aTGnAt4rrwNYCgPGPVRt9DN8Qrut6/tEChj/t7OjS
         e3lp4fxrmyySuv4CTBMNIMQHF8bMYXkXXk+bOzf4cIdjTEKvNARzoJ3g97a1OPGmjDtB
         8K/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=gAOpf4VaiyzuyzEgBlSDI/rb/mxIT2fGVc3O4sRyz8Q=;
        b=fAnAe6XeF+1KjT/6im3kJxbdkjPwrHi68At2p6+RBPDxfWgDCRqWNbbNw/rjMgcYrp
         FGMzprjO8GVR5PvEsjeg4tt1jNVRAWwVB5fcw3JAKvk8sEhxFCRJkRphK4az8kkWy9Cq
         PfNtdx/xsk+YRClVXj2EE9KrAd2zlGAY/cSwJJVxLkZUwJq7aU2Ai92fTHF3cezoq7qe
         NlNwQsKVhVKgiipCaNgwLa87FOBGRSvXcKpVF60cdWyEGzEkjl9E+ezkovWAkBlVKo99
         OC8Fsc+BpaDPQnSlFImbDKYud97uGellQIAz1YHRg/CEQjD5TxM3m2P+8TERiyPC/5Dk
         IQCA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=ESaZCkLe;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id k8-20020aa788c8000000b005377d71e81esi22966320pff.379.2022.09.16.14.58.31;
        Fri, 16 Sep 2022 14:58:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=ESaZCkLe;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229458AbiIPVbc (ORCPT <rfc822;andreykovskii@gmail.com>
        + 99 others); Fri, 16 Sep 2022 17:31:32 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53242 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229450AbiIPVba (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 16 Sep 2022 17:31:30 -0400
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D1039BA157
        for <linux-kernel@vger.kernel.org>; Fri, 16 Sep 2022 14:31:25 -0700 (PDT)
Received: by mail-pf1-x42e.google.com with SMTP id e68so22442126pfe.1
        for <linux-kernel@vger.kernel.org>; Fri, 16 Sep 2022 14:31:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date;
        bh=gAOpf4VaiyzuyzEgBlSDI/rb/mxIT2fGVc3O4sRyz8Q=;
        b=ESaZCkLet+Qy6/RvuyqCTnQHokSf4VLHnPureVwo7ogYklmGP1Sztila7n66Rd4Rpx
         p8mM7GZYSPEVPVnneskMYs3iQhwxLf9yo9KPvmptyMHSHdIHgLLpttwzX2mDEzYLLpST
         vioqg93hpJQCo9Uc4aIg3ueQPLLjc07hHzXxk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date;
        bh=gAOpf4VaiyzuyzEgBlSDI/rb/mxIT2fGVc3O4sRyz8Q=;
        b=zMeXpFXv5tN8OPRt2cH0egAwegtWwBPWCriYFvF3L/yw05NByQPrzwjcQVhlm0Pbv9
         Ub6NfrsT90+crzko/SmjCrYOqDJydW8BQoKX6OCyNmf6jszRIxOlfv8+rq9yrysLd9I5
         EkW+pYeiWxXTzTzc28u8/DBmsSdhTWa4H0W98b9zq9C2xOaDqvQn5PwWuYXZLZRs/Yt3
         LtaaD2e3rqFjHy/ye6SM6l+modFntCAaoLv7g16ERQqqp5TJrCGP8wUaAfUtdpH1QHAP
         g3TakY5jCi0e2oxlZDCCdLZwRoeA3TzdxjjWVUI4CAKub3u9PvYaqASRmuzbq5JcuRE5
         xxPg==
X-Gm-Message-State: ACrzQf390LxNlVOlziD1vuW0ECdaXep970ZaKdNSuBpyIs6HRh8Jpuqa
        2LRgAgtwCik5Y92IhyX0Qfg9VA==
X-Received: by 2002:a05:6a02:309:b0:434:d151:639e with SMTP id bn9-20020a056a02030900b00434d151639emr6100944pgb.124.1663363885331;
        Fri, 16 Sep 2022 14:31:25 -0700 (PDT)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id z11-20020a170902cccb00b00173cfaed233sm15307582ple.62.2022.09.16.14.31.23
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 16 Sep 2022 14:31:23 -0700 (PDT)
Date:   Fri, 16 Sep 2022 14:31:22 -0700
From:   Kees Cook <keescook@chromium.org>
To:     Dan Carpenter <dan.carpenter@oracle.com>
Cc:     "Gustavo A. R. Silva" <gustavoars@kernel.org>,
        Peter Rosin <peda@axentia.se>, Wolfram Sang <wsa@kernel.org>,
        "Gustavo A. R. Silva" <gustavo@embeddedor.com>,
        linux-i2c@vger.kernel.org, linux-kernel@vger.kernel.org,
        kernel-janitors@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH] i2c: mux: harden i2c_mux_alloc() against integer
 overflows
Message-ID: <202209160812.2B4AB7FC@keescook>
References: <YyMM8iVSHJ4ammsg@kili>
 <YyMt2cWtHC2SeG62@work>
 <YyMyKQnWgu0SL6jj@kadam>
 <202209160101.2A240E9@keescook>
 <YyQyfaI0WCsQ8F48@kadam>
 <202209160630.CF7AE9708D@keescook>
 <YySOewo2YUY+fk1l@kadam>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YySOewo2YUY+fk1l@kadam>
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Sep 16, 2022 at 05:55:55PM +0300, Dan Carpenter wrote:
> On Fri, Sep 16, 2022 at 06:31:45AM -0700, Kees Cook wrote:
> > On Fri, Sep 16, 2022 at 11:23:25AM +0300, Dan Carpenter wrote:
> > > [...]
> > > net/ipv6/mcast.c:450 ip6_mc_source() saving 'size_add' to type 'int'
> > 
> > Interesting! Are you able to report the consumer? e.g. I think a bunch
> > of these would be fixed by:
> > 
> 
> Are you asking if I can add "passed to sock_kmalloc()" to the report?

Yeah.

> It's possible but it's kind of a headache the way this code is written.

Okay, no worries -- I was curious if it would be "easy". I can happily
just spit out the source line.

-- 
Kees Cook