Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp2530169rwl; Fri, 6 Jan 2023 07:39:39 -0800 (PST) X-Google-Smtp-Source: AMrXdXsyDIMuxP8RLjfFCBSP5yD+hS9QzJKUDgS3VwQUo9ItTVcfVKTDO1ysOXOtj01uJEEzhzmV X-Received: by 2002:a05:6402:2296:b0:467:9046:e2ef with SMTP id cw22-20020a056402229600b004679046e2efmr46259058edb.17.1673019579262; Fri, 06 Jan 2023 07:39:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673019579; cv=none; d=google.com; s=arc-20160816; b=S5Y8nls75Exd/DzTaFIDbU87bZb06MzBzsEmQFpo1JUc9itxQjQQ5lck2EDwYYVg78 pQlT3PGCw2wuP19LlON/63MRyShR6HCX+MJIEu2aBNpV7AGVEj9Lg/mh37NsgDVg5NA4 AiQIVG8CjxugOwQBu/8lStuMIlm1lgJ2PzJ6+dFDvP4s9vMghm9dwA+8j2cpgdX5nsqY dr4jjlhlGkz20rUKw7lUn6xdUCczPMUWO/9NEv5GUjc1CdAjIZqALmv2/H4EUwqTWh97 dvMEtQf+EVwEkGXBpmO54bhZzKmEVctIRbPKISaO6bs/eIyqmWRqAp3Npr7OFk3nAWlq L6Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=+OwdKfXK+SNVrPvVK8uWPY9jI3lOu8t40smt1t6yZrc=; b=BvUqGYbSsZ38kQIKsuDpbw3kWHD1Ey/RI0+1LAR+Ue7fuK/HLR6hs0D4ZfBaa58m7B cFrO+dB6HUIwTBQm0U0r6rYmbqEBDHmUJMBdyexVa3/KaghPfu4HPkecUNZGDB18D8L9 LU2KuITNoLvths4lis5sALWOsCENzc7YrJfNHcoGO958Jl9SWBZDvyWaB/bU5GvBgjcE POn4rtu9QbCu3K8qrE4o9iFqymK6LqHPHp9WZIo+Pa22TAtQSl73AlKgrVNod7l8HCVE EbnRPwrjyzeNJOdIHw9rIFv6RgxFh/Mdwt+WeLizKT+mc53aUIh3VyImVySK9nZtGVuP 3K8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="Z/gQJZss"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f8-20020a0564021e8800b00483dc6852f8si1965108edf.406.2023.01.06.07.39.25; Fri, 06 Jan 2023 07:39:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="Z/gQJZss"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235211AbjAFPDx (ORCPT + 54 others); Fri, 6 Jan 2023 10:03:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55040 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234964AbjAFPDu (ORCPT ); Fri, 6 Jan 2023 10:03:50 -0500 Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6225645646 for ; Fri, 6 Jan 2023 07:03:49 -0800 (PST) Received: by mail-wm1-x335.google.com with SMTP id m3so1255933wmq.0 for ; Fri, 06 Jan 2023 07:03:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+OwdKfXK+SNVrPvVK8uWPY9jI3lOu8t40smt1t6yZrc=; b=Z/gQJZss/OE/GRRyOiHB4/SFRKQvqNos1nrrpmF/NfzoZ/5zVb+pTRHQ0wnXi0IMV7 qMLVKBtUWcR4THNiaBTMjFUS1P+UGbTHYyF8d4LFly/TwSdPnotCTdDqZUEUQLPLlDqf 4jxQ4xK0Ssv28TozR02aKtZ97p1nV33r0iJzA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+OwdKfXK+SNVrPvVK8uWPY9jI3lOu8t40smt1t6yZrc=; b=lcRsB5Y4PhveoodJUnT8DoSNniZ7ismr2rs4nYQKBai5QonyUuAEXCoGqFonm3uHyR YrtRltdUENaHp0nZlB45f8bEhg2W1dihyrzmxj+nQdRWKa01JOq/PQjiXs2CwLfH9jE5 AE7NDNv797Y9tBK0T7igdfSXI3/VNM2hYC0BFAq6o6WGlfFQC1DSsvpZnHSMQZ9eFPct qpMAzZsR8B5ePp7+gYVhrPhJso+MdnIMrjv8yYi7iYTcD6oH0QJerYMWMc2j7n3K0s/c Yxz/yPicQR4j4sNzj3PcLzipV5ecRjJIJAiUHEA1rRYL709QXgXojKnIZOP1ED3D878L EqvQ== X-Gm-Message-State: AFqh2koRFnBwEdqUqyzxn3SypX+LL4QK/R7LKcmd0eSBfYA4A2ASrNGc j1Qw3OBUtB77TBGKqNovzMXD6CAPkxFCoBPhEu1D3Q== X-Received: by 2002:a05:600c:26d5:b0:3d2:1e7d:f9ea with SMTP id 21-20020a05600c26d500b003d21e7df9eamr3395201wmv.62.1673017427753; Fri, 06 Jan 2023 07:03:47 -0800 (PST) MIME-Version: 1.0 References: <20230106045327.never.413-kees@kernel.org> In-Reply-To: <20230106045327.never.413-kees@kernel.org> From: Julius Werner Date: Fri, 6 Jan 2023 16:03:35 +0100 Message-ID: Subject: Re: [PATCH] firmware: coreboot: Check size of table entry and split memcpy To: Kees Cook Cc: Jack Rosenthal , Paul Menzel , Guenter Roeck , Julius Werner , Brian Norris , Stephen Boyd , Greg Kroah-Hartman , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Have you considered adding the flexible array member directly to the union in struct coreboot_device instead? I think that would make this a bit simpler by not having to copy header and data portion separately.