Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp6371240rwl; Mon, 9 Jan 2023 07:34:26 -0800 (PST) X-Google-Smtp-Source: AMrXdXtfyjwOlBITDEDurGuoKLwnTLVcXD0DjVZ6XNpGZJy8Spwi1KIk2cwFT/r+am3lI8UFB7q9 X-Received: by 2002:a05:6a20:4424:b0:9d:efc0:92 with SMTP id ce36-20020a056a20442400b0009defc00092mr103415349pzb.58.1673278466019; Mon, 09 Jan 2023 07:34:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673278466; cv=none; d=google.com; s=arc-20160816; b=u+ClVQu53/r3XmUwAU3nHGp9D4VfvNK2Q5Uc6swajj8UPnemJ9JVMTPKZRIOskaLLi na4RiL8zUI5fSGkKX0EmqXuuKH58NJevJ6JNqQ0QFwXuWGl73BTYFcwARXXdSvA5ZXCn 4FQvWv3nZ03roPYzOyHZ6pzHG22KKReOdNFCCQRAU2U9IJ1DeCxb8lM/RTOtuTIBQ51c Qc0lUY9FsiMc4r0t6aocMnK6QpQ4ZiMQse+dgjhDIC1AzZSfM60IVW8oliT445oR7Wqc v+4cD1iyo6IDAEPhGC/Z1xNFXmSv8keaifV3WYn5IhIsTz71KWsm5GIIfaDItaHG5Cp8 iE9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=scl7HLexrpFzAYNM3X4Ky/syw+DSRPKvSDyrAeIj/Xg=; b=cRAaJou3fBXD2OOqkw1vRNfUxSXog6klt1OgW0mbMtrvrJHOtRoyWfrhRBVeNzMRDP pbniyVchU0jyHU9JeyI7rKup0o7+3kvPGxR0UqgUs4t3HN1SSr6vZFY7qQ8Q3n2vMhP1 MWUJnhSm/lu4RqNu8fl+bPOZ0nijgx/ZbV6cbObMva3bxx4P496945GR01tS+QBPICYO Y23HM+U7wlojWw8pO/DzBmgBOUw1vLUeshG4HIB2jA/9+sy4GLT396GEnFuLwokALA1E 6l+uO38rI26Hkls/Y+d8nYNBlJ0SKtsXJvpHv/FCxla2yP34NFbCOd19uK6SN89aUr34 361Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=CHAw0gyV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 145-20020a630097000000b004a441bd4195si9874593pga.865.2023.01.09.07.34.19; Mon, 09 Jan 2023 07:34:25 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=CHAw0gyV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234471AbjAIPC7 (ORCPT + 53 others); Mon, 9 Jan 2023 10:02:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48736 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234186AbjAIPCk (ORCPT ); Mon, 9 Jan 2023 10:02:40 -0500 Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 995451E3C2 for ; Mon, 9 Jan 2023 07:02:39 -0800 (PST) Received: by mail-wr1-x42f.google.com with SMTP id co23so8463789wrb.4 for ; Mon, 09 Jan 2023 07:02:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=scl7HLexrpFzAYNM3X4Ky/syw+DSRPKvSDyrAeIj/Xg=; b=CHAw0gyVrDNWcveZsiRpEav4fi5ABoJLK1XGYiKBa66qrmavgFuFlULji9Ksy5Rhes 7u8MbCeerP408xQzp74L4b+SCx0M7vz3LW3KHOX+3/J6lxiF+hVo74e/V8EnBYUaLYBE 6OJmIx0bOpVa6/cUALHUWhx2XJuqIXHZIUDvs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=scl7HLexrpFzAYNM3X4Ky/syw+DSRPKvSDyrAeIj/Xg=; b=DsCgon5KG5REWviOpTrRX7oYupbRRiahq3NUVYi1eyOubgDPeAKxbRvbUt07aVX5Wu 5JDcuEidGPT8hXNjeUzlmdHyq+wuRTMA5Cm9vqguBFk3G6Jf3YvYICajfQBfFDwA47k8 Vley66tvptMDICfsCWf4sbTtwOSUj6yHV9Qo0SF3UdpKIkckM1pP3gJcIOdNB9TlBOOr 8Md0+FMgoNTCOOuRjz1lddt4JR2JtFmbvVgNZLGDeg1VQnP+unNsOKPERm/bpByRKPc7 YqnwLPlW9lxqX1eAO26c2rReaiFkqfn23h3A2fUkk4/k7octXNs/YaT6ZjT4csqjRtgt urOg== X-Gm-Message-State: AFqh2krzqxiBeTtmdXQcpVokcGFpUktLbdn9yXqZL9OMy06oGTtnwXBX P5wnaosb8pGGOSsjz2g92FewgEKzLg/5Xmdq4o8B4A== X-Received: by 2002:a05:6000:1001:b0:2bb:3290:2540 with SMTP id a1-20020a056000100100b002bb32902540mr467948wrx.18.1673276558005; Mon, 09 Jan 2023 07:02:38 -0800 (PST) MIME-Version: 1.0 References: <20230107031406.gonna.761-kees@kernel.org> In-Reply-To: <20230107031406.gonna.761-kees@kernel.org> From: Julius Werner Date: Mon, 9 Jan 2023 16:02:26 +0100 Message-ID: Subject: Re: [PATCH v2] firmware: coreboot: Check size of table entry and split memcpy To: Kees Cook Cc: Jack Rosenthal , Paul Menzel , Guenter Roeck , Julius Werner , Brian Norris , Stephen Boyd , Greg Kroah-Hartman , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Reviewed-by: Julius Werner > - memcpy(&device->entry, ptr_entry, entry->size); > + memcpy(device->raw, entry, entry->size); nit: It's a bit odd to change the source pointer from ptr_entry to entry here. Technically the static analyzer would be within its rights to give you a warning for that as well, because you're now "overrunning" the source struct instead of the destination one.