Received: by 2002:a05:6358:111d:b0:dc:6189:e246 with SMTP id f29csp3806042rwi; Wed, 2 Nov 2022 03:26:26 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4ooN5sYZoxsHyLl21IUNY2w/hiWJFiGkSBXGjhEoOJswR2BYktmtiIOmpvGjdjTv/OzI/g X-Received: by 2002:a17:907:6d0d:b0:7ad:b389:1151 with SMTP id sa13-20020a1709076d0d00b007adb3891151mr21251201ejc.655.1667384786711; Wed, 02 Nov 2022 03:26:26 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1667384786; cv=pass; d=google.com; s=arc-20160816; b=AA2obmJ0DvUZiIWq+3rYdw1vJpi2WI84EDrAvX9b/UuqZPcfAeA/mKMyOGKoW8d8Kw e0V3hldc5bxZS+Sz/0SRICI2IdLUWxjIucvOpWnlb8EAclTfVrOpe04jO0xd5ce9E/Dk noYKvlMSJZUsvjl0j1ADoG+TnhawbzDSvr7IqiaNIdTf1o3NncVqEDWhv/yCLhuR10GP igy7/mDo1CWgFoSRdERVT8PoBg1FJqyCO2jN0VMhQj6qnSVkHEYzOVPlGPC/3ml3KWHy ecDDuAGt7+aQzG/ZOkp8UcZ+DuWMXb7XE7/HWCmG5p0Pd07J4+q+wfRYHfR8dg80Wu9L QuoA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :in-reply-to:from:references:cc:to:content-language:subject :user-agent:date:message-id:dkim-signature; bh=8kAUC0bl2QROL8JD9dwS0CsoUN2T41FHjYnid0OGnGg=; b=YRlGZoQ7iDAPM0nVmuI7jmaQuOR8yQoMv3xOJNGiAbaMzG1KcvYwW9JBvEwphJfOsE drAb9XIu1iyPFIaxNCRQ0SOeOS91m+BpahUmI9s9wYpGxfosK12L7P9CzFfMQEUzJF1K Qe79PqQ7c7zmnumuYkqSDjNXn1x76OHLAcyvtjpagQ2xwa694+svT4DhRsOAZPI11cCk LK04KkBzHOr7kSLdumRIPUkWtLMABxoxxRzK45U3U+dC5jvK4SJYQ84F9cxzAiCSQXHm Qm6hBPqoQNwBgwpNCU8BkTU1cBHmMI1Jl6GabbOviWnkoFrdC6vtss9Ze4d1vfLyWLFw t6PQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@prevas.dk header.s=selector1 header.b=CTvRPpvh; arc=pass (i=1 spf=pass spfdomain=prevas.dk dkim=pass dkdomain=prevas.dk dmarc=pass fromdomain=prevas.dk); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=prevas.dk Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id qf32-20020a1709077f2000b00773b8e3b6a1si16373011ejc.805.2022.11.02.03.26.02; Wed, 02 Nov 2022 03:26:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@prevas.dk header.s=selector1 header.b=CTvRPpvh; arc=pass (i=1 spf=pass spfdomain=prevas.dk dkim=pass dkdomain=prevas.dk dmarc=pass fromdomain=prevas.dk); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=prevas.dk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230037AbiKBJ1s (ORCPT + 97 others); Wed, 2 Nov 2022 05:27:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35550 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229516AbiKBJ1b (ORCPT ); Wed, 2 Nov 2022 05:27:31 -0400 Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150104.outbound.protection.outlook.com [40.107.15.104]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1DBBC128; Wed, 2 Nov 2022 02:26:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XvNspOJz3i1Na89TXE1Ji9aoE8V1BCaIsGFjWTTZ7oVbkFwAOsKDAx4FLjBdTVJUNEthTw/j+LEJOAL/vOSfcD+mZmB4gSGXK5afuKEHh45V/7l/1to3YN5s0hwl+iEBq5HaGshs9M9KUqgc2cMkesTvzYMC2DLEsEQ6ZchZQXPtzfzizv4ZJQ+K/3j29o5vMAxKaz0ICkziiwq6q6BAOCzsMshlzVqxaBdC9CD2wExzuZN5tWijZWpZ/DLlnPAx/r0tnJw5soXBCUZNjZBDhuP6RzWMFnKJ8HzfFVg4zOREgFUYVB/Mk6dBCOw2EAwIaB3DY4MFwzWhaBrZUV+mLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8kAUC0bl2QROL8JD9dwS0CsoUN2T41FHjYnid0OGnGg=; b=doI+PD6y8aaUNTjR61+ssy/Br+fR15xfVMAQAkNA7n4OfFP1rOOrO0/YEwQ7iqF36JmFPuyCOgm9RGB2YZm2j7rYpWTLh4s/6Fjxc/QZPEOE1i9z0jQYlcamEF+9kAwVgb2c/XysEE8adH68inkhQTmLy44mQN66RUYjZiBPoBL2Aa23xXMUU7h+srw7oaN9muT30PJECgSAwPsv2iSHvpHNZ5DG4NdU08z00E9XWkVvE0q6qMwkuHDaH4e/GaJDRA6nMqwu282MJ4zGp58pp8yrCsZ4NHWJG4qGCYDjX7C6hymGduQ+Mx3MsepH9im37AmLzZ8V4qHeYT6zAtx7+A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=prevas.dk; dmarc=pass action=none header.from=prevas.dk; dkim=pass header.d=prevas.dk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prevas.dk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8kAUC0bl2QROL8JD9dwS0CsoUN2T41FHjYnid0OGnGg=; b=CTvRPpvhfewcbhiJFpStj8NQNWVx4ZjOFj0plUk9SYOI4MQVMwyr48625DY6RPlI/fOE3WeBkOTiTs8iRf+r9xx7KBBsw1nXtpiku7tGgMAtbjuO1aMGjrkQdq1L2GagMHLkbS7PuqAaA/w6F6i1o6AQrUPIJ4XeQ2v+PJEpDAU= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=prevas.dk; Received: from DU0PR10MB5266.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:34a::22) by DB9PR10MB5211.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:33f::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5769.19; Wed, 2 Nov 2022 09:26:43 +0000 Received: from DU0PR10MB5266.EURPRD10.PROD.OUTLOOK.COM ([fe80::732f:4316:a0be:bdbc]) by DU0PR10MB5266.EURPRD10.PROD.OUTLOOK.COM ([fe80::732f:4316:a0be:bdbc%3]) with mapi id 15.20.5769.016; Wed, 2 Nov 2022 09:26:43 +0000 Message-ID: Date: Wed, 2 Nov 2022 10:26:40 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Subject: Re: [PATCH 4/6] string: Add __realloc_size hint to kmemdup() Content-Language: en-US To: Kees Cook , Vlastimil Babka Cc: Guenter Roeck , Andy Shevchenko , Paolo Abeni , Geert Uytterhoeven , David Gow , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Nathan Chancellor , Nick Desaulniers , Tom Rix , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org, llvm@lists.linux.dev References: <20221101222520.never.109-kees@kernel.org> <20221101223321.1326815-4-keescook@chromium.org> From: Rasmus Villemoes In-Reply-To: <20221101223321.1326815-4-keescook@chromium.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-ClientProxiedBy: OL1P279CA0035.NORP279.PROD.OUTLOOK.COM (2603:10a6:e10:13::22) To DU0PR10MB5266.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:34a::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB5266:EE_|DB9PR10MB5211:EE_ X-MS-Office365-Filtering-Correlation-Id: 302d2995-5a07-4091-e6c0-08dabcb45af2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: eIY0aDzmL0PAhRo8Ms6gNG4AgemXBdDGUsa0jRWuSp/1/HRFXLDRTWD2ERzdAAAXbMxsgFhKlw5jsZAOBepYH0e2ZEyNN8uSzyyZkPvmbm8DBrOUk4w22XrZc89TXYaMwjB/y70BoTHpa5nftVtz7EzlIhFBPMng2z/QfZ5sQXDOFFW8g1/DVp5qt22cV8lQwiwgwIFo07ZNvA0zZfenYf6Brx1eLwJt+G/vQ4Ei6T0CKtdEN9TwC7fjg3BOtOZ6yGkzD9zppOe/JaqnyrNAr2c0E2/vEH6yTyqY3BuKAjF9WNPnzZCvXebgJg1jS8rOyZkC5KCtD44WGnKvxjYa3I+Q0beZH2NxLaKTxXXIB1dPtTnr2hOKwgAyMvwOll6Wt399PBd/DRV33d9r0FKJJH6GGljCZFVvvUIHIQeIlR8d8XCKt71DQcPGmFiU2TOSMcExediTU4LJZ2dAtZfKzL2s3RrIdf5p5PkRKJSnGXaXkVc4/Ks1CqQtBxJgcq18k9+c4SaTy066d0yLzGJiabqrxrLDnjViWEud7iTJZjbUCQ5yNzIChx42egxEj2hEBQwb5ufc2TLnQVRry+lGp6udAd/Bov62DXoSYI71HGSz/DKTAroCYqjbWBx8WadLrKskuix8dMY5cqHjVg1iDXTCNBDTtivw11HW17RYqU6jtMRnQi06a+8E+9QyosQ2fl5F4BOX8geSB897irneELlXoRKOFerNxQp93Y2FqnF6TSGkDhEP2YGT7LZ5T21BaqyFLl/eY6EhsW3KihIvvf+TSSCAre+k2KK501Vbxl1/hDgqa7/iLafqjDFkc/7BLbXewkgs0DS1PSLvHKsiii/ZPMS6z8kcvHw7z0nS4CQ= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB5266.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230022)(376002)(366004)(396003)(136003)(39850400004)(346002)(451199015)(86362001)(31696002)(31686004)(36756003)(38100700002)(38350700002)(4744005)(44832011)(2906002)(478600001)(52116002)(2616005)(6512007)(186003)(26005)(6506007)(66556008)(6486002)(966005)(7416002)(5660300002)(66946007)(41300700001)(316002)(8676002)(8976002)(110136005)(4326008)(66476007)(54906003)(8936002)(43740500002)(45980500001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bDNOblJwa243Qi9sZysrd0RlN1hPdk5PZVd1NDd0YjdYKzBTWEJrREw1RDNr?= =?utf-8?B?SGtzWUVCRGNFNUttQzduamZ4Z2JFaHltSnc1ZFRhWFVhUU5BRkFpczVvUldD?= =?utf-8?B?bCsrOEVmckNxdDduTjZZU3hQVVptZmY4RkU3SjUzOE1uWndSRWQwVVNsUWFQ?= =?utf-8?B?WmNFZmREZVpFcFAwZUtTcWVqOTJpTTEwMTZ4SnZGTUlOZk11aTlsdVlab21m?= =?utf-8?B?d0lsOWovb0xvcEtZdW5SMHNzVjZ4cXNUYlB1QnVQcE1QRmIrQmViQ3lJcllK?= =?utf-8?B?M3U1cXYvRi9lSUE0YnJINWRKcS9wVGk0N0JpZTNCMmtBTmVBcmNBMzZBQ3FK?= =?utf-8?B?L2w2ZDhkTExSOXNuRDk0YlQxUmhCK0RnR3pWcUJ3a2pVOWZraXc0bktLd25q?= =?utf-8?B?MTNhOTdEYUF3eTlpZk1nZHNuWlRPVFBJS2U0ZDI3WkdCOWFnWXhnUmI2T0Nh?= =?utf-8?B?NVdSMncwOWsyQ2had0c0cVEyY2pYTlVsS3k1WjRoUnkwaWkxSTk1a2crdFFP?= =?utf-8?B?MXcrWDFFaU1aZzdOa0tZTHA4WXdFNkxHWVgwQWxjaS9RcVdZNzQ4dXpqcjk1?= =?utf-8?B?REFheEsxWndLeU0zOThncWpSSU1HU00vMUdjdlIxR3ZnbFN5WlEyTkZTakwr?= =?utf-8?B?WG9lWi9xeWRJLzd2V0EvTlpmc3N1ZTJLbE5ocGFXcm82d25OTVltemJROC93?= =?utf-8?B?WitpVFpZU0pqYzFUZWNnem9wd3BURXZNSTBnUGRLUXpLQzRNZitoTDNwMVJ4?= =?utf-8?B?aTNldGtNL08vWjFTUHpNZmZSZUwwS1JacmVqcUxab3JjKzIvaWh5WlRPMHRa?= =?utf-8?B?V3NJRFZUZXFXTXE2Y0gwY0NjRk4yZnd5RG1hNDc5ZlNWeWxjNSsyQ3ZUN2w5?= =?utf-8?B?cG9iamxFWmk4OXdOUFZNeVE2aTRsMlU0TkpRUVg5NjRGVjhSQ2wwVEVuSkZz?= =?utf-8?B?anBqRkMvYnZDSW91dDVrbkZtNkp6QUNjQ0dtQzBWV2w4V0diZ1J1L2JScVla?= =?utf-8?B?R3lCTGFXREMvSzZlY3FFZCt5a1MrWEZhK2NRaXJMUDdOdFJxOWdqSCtWSXRZ?= =?utf-8?B?eE1XR1dyTzdFTklRekZxUHBRUnR2N1lnNzlRYkcxQzhTMHYwbDFoK25uYURi?= =?utf-8?B?SGRrWnQrbS9jOTlnTkwxTWJWTS9mMjlJbVE5NWpRRStlWkRUaWpEOWFTYWZV?= =?utf-8?B?d09QMHdPTlZ1T2FjeVJDRUloMHlORFgwVWNncGN3cTdTVHdrNG1YVW84ZWpa?= =?utf-8?B?UG8yYWh5U3BIZWxBellQZUxFWW5WM0ZpeGthaUVMYmxnWUUwaGIzS1lkSkJP?= =?utf-8?B?TjFvNXJjeTRCTlBzZUVlRE1ySUxiODBmK2ZQNHVoR1hUL0RpK0xpdkRacjMz?= =?utf-8?B?VmJFM3dtb1AvMklkMjN4NGltYkdKL2tIWWY0RUdxZEFWU3kvKzlNbU84cXVz?= =?utf-8?B?YkN0SXZkS2NkNExTZ1paZXE2bGovSEJZTmxXSEhHVEg2YTV0clAxeXhRQTVW?= =?utf-8?B?YUVNQnZwSm4zVFRsSHRLZ1p4ekNmSWdjaWwzaGU5N0JTUnVPcDNubUV2NDhy?= =?utf-8?B?Z1NsRUhrRjFlWWhzZGdQK0V6SjRSdEVaM1VvMmpTWk5STjhxUnN1emJMUE8z?= =?utf-8?B?RHhieFRXcmJOWkpuMDcyRkk0UU9XTFZrUUtsSU1zTis1Vzk4NWg5SUR3TERC?= =?utf-8?B?M2JmZnlqU0RBcUFGM0RyK0FFeC92SkIydGEvWDRxVG1GeUVLKzIyQmsrZHVW?= =?utf-8?B?RUlWY21udmx3azh0WUV1eWZ4QWx4cGxjV2xac29wQ3ZJNm53TU5XdFhielc4?= =?utf-8?B?bVdmRjJFUWdEYy84eVZCV0NVcXpyRlRNaWhzd05vdjlPQkZLY0ZxTHB3aG1u?= =?utf-8?B?SWd2WS84Y2NpYUVjZ0JtQXNLK3ZCNGttTXhDOHd5TlV2UUY4RlFaZGo1b3pY?= =?utf-8?B?MlhueFBmRXpBVGQ4S2ptUXA0WUpGczIxTGQ3akMrZ3ZBTnFPSmRWSEFUVHE4?= =?utf-8?B?RVFwVloxa2dEdE15MjE4MUM3MTFoeG84MWdzOENpK3EvV2dPZjVZQ1BKQmRp?= =?utf-8?B?ektZZXlWbWNLV242c1dLYjNTRGRMTVlLcHNOVG1XaHM5MEhWVTJWMGQveGpr?= =?utf-8?B?VEh0S0tMTEtZZlhRZ29CTnJHemRtYWFHQVlCRmRCaTNUZFlkMG1WR1FKV1Ft?= =?utf-8?B?MUE9PQ==?= X-OriginatorOrg: prevas.dk X-MS-Exchange-CrossTenant-Network-Message-Id: 302d2995-5a07-4091-e6c0-08dabcb45af2 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB5266.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2022 09:26:43.4849 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: d350cf71-778d-4780-88f5-071a4cb1ed61 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: X/2MbWYp5jT+cn/MVKDm77U30eBYFwUWYw+3YX0u1f98et5dUrt2R+aMQG03Gp2hEY5QFe3cTWFL7XZj3CxTkIEYPC8fzeTmksckw5uhsok= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR10MB5211 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 01/11/2022 23.33, Kees Cook wrote: > Add __realloc_size() hint to kmemdup() so the compiler can reason about > the length of the returned buffer. (These must not use __alloc_size, > since those include __malloc which says the contents aren't defined[1]). > > [1] https://lore.kernel.org/linux-hardening/d199c2af-06af-8a50-a6a1-00eefa0b67b4@prevas.dk/ > > extern char *kstrndup(const char *s, size_t len, gfp_t gfp); > -extern void *kmemdup(const void *src, size_t len, gfp_t gfp) __alloc_size(2); > +extern void *kmemdup(const void *src, size_t len, gfp_t gfp) __realloc_size(2); What tree is this based on? I see that kmemdup() has grown that bogus __alloc_size in next-20221101, but in next-20221102 this commit seems to DTRT, namely -extern void *kmemdup(const void *src, size_t len, gfp_t gfp); +extern void *kmemdup(const void *src, size_t len, gfp_t gfp) __realloc_size(2); (i.e. there should never be an intermediate commit where kmemdup has __alloc_size()). Rasmus