Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp59753rwb; Thu, 12 Jan 2023 15:59:08 -0800 (PST) X-Google-Smtp-Source: AMrXdXsdrgnBbLVLrk2lSSL1/pE0SxDJEJlJBEGsmyss5/bFR1a2SnMgHxVn+bPtx5MpaTejGmSN X-Received: by 2002:a17:90b:8d7:b0:229:22c9:7418 with SMTP id ds23-20020a17090b08d700b0022922c97418mr752459pjb.14.1673567948576; Thu, 12 Jan 2023 15:59:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673567948; cv=none; d=google.com; s=arc-20160816; b=O2iTvx4R6nwgnnx883iYaDbNO9SeEvvv3TYC6XmU6o4NnYQvYEIJCyz+KVw/cP+wmK GQtV0XUVmNas1M47BFw52DI5AE/Loqil7ZwnQ2VB8Vvw6cPI7iXsIAEjUAGO3k5EqnMX oiePwOF7Ue9HMOoLQ0QcGKTSd5cc6ks+JPLomzN018vxLTmKlabdsrMhhjefgM01cdUx F7fo+G6Nf6qT8xjWyLM2aZvKbEh8KIZyFiHX6YAHJDqfvSYLak6aQUMpgNP89aJpFM2v vA4yUwvYenB05Sdac3bJRiItItAfbVVKUzuN4JimDHNpRp/6bJN/JcgaBM6qQYQxWkGL G57w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=t81IaJAeVAS+TxjZCUSPdXxwgmlKOytFkJBR8yD/ovY=; b=lKISiojGbAKrBGOAMiB0FelWRLyRiX4jy8Dv7ltyoMJoU8rHX9ldKyNYhxZeF3dr+G QuBKsUtV1RqJILLKL4qBiwRXVdWEyo7HI4WuS+5TGlu6BdphwmAg7USiPXJeuRu/j89l G5at+Vuvl3jB+aYcgQT68IzJlUjaN8kxKN1du46wsGzQJTHVMIoqbwMis9yXMSTp+24F 9TgSMAiOndgXJO3aDoK1wfPA/ZtYdzpVuGQNlp8OGwq52aHGPxqrfsLQFoqXk6f+ZdVq GE8Eg8MNZ0KFGWtPQuROAiMm7nS/tDrMZUxoYMD/EdgbB+bYDeDwOuNsH4fMkzWkS8eF LnWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=bjOBCWWV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id np7-20020a17090b4c4700b00226a71afb9dsi24976070pjb.107.2023.01.12.15.59.02; Thu, 12 Jan 2023 15:59:08 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=bjOBCWWV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240594AbjALXAr (ORCPT + 50 others); Thu, 12 Jan 2023 18:00:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33986 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240584AbjALXAn (ORCPT ); Thu, 12 Jan 2023 18:00:43 -0500 Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 259355E65F for ; Thu, 12 Jan 2023 15:00:42 -0800 (PST) Received: by mail-pl1-x62e.google.com with SMTP id jn22so21664435plb.13 for ; Thu, 12 Jan 2023 15:00:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=t81IaJAeVAS+TxjZCUSPdXxwgmlKOytFkJBR8yD/ovY=; b=bjOBCWWVWv7gYLHe2gpKpRRM70XQEz6CjFHyDUrnqFAFgxL3uvE4YjVesiTqwbb6Bq yo6FbDpGqvcTs4zNj9r29IQTUHI8pC1JPCd5nYT8oqvaHvlWXt9go3dWSQppzDsYtwPL awgQTlz7jXUwxPZLjyd4bsV7gBW8xFAjHB5ys= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=t81IaJAeVAS+TxjZCUSPdXxwgmlKOytFkJBR8yD/ovY=; b=YD67zH8UGQpoFFy7ihCrxRaXrMVde7Y7HFFN4GZ6Ob/IZxq9YdqrY9olTePU15vlSD mWBK8DpmiWBQAXnRZ8pUHCnFga+GsV9sS8FCEiNUyU/JtxOtM68nECwWbs7VGac6rgls d33t+mNaVMq69Gig1woxy515qEw9bolZaFGlpG4Xgs7xh/OV/5jvjZFGia4MPv99TZ31 V/Q9JZl/kSwoxpMDdY9H0PNROFGXitn+UNSjAuUbzrDO5Hgw9+peKLJzdPp7qLZLxQ3R TYeUZMZEVlyImsIhCLb27Z50XuPZ0wJr+drQilGnpTBtbv5ZR9J2AZlEjlcyX7mZlYCZ rAeQ== X-Gm-Message-State: AFqh2kqF1dUODLc6tgibMa1ZQuO+wIinVxkW7k+FYaEw2eTGzCR3IF53 FKPJVd1ggilzT/TKndtzbrv/jA== X-Received: by 2002:a17:902:b10e:b0:194:6265:ba5f with SMTP id q14-20020a170902b10e00b001946265ba5fmr2869914plr.8.1673564440235; Thu, 12 Jan 2023 15:00:40 -0800 (PST) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id u15-20020a1709026e0f00b00186c3af9644sm11878082plk.273.2023.01.12.15.00.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Jan 2023 15:00:39 -0800 (PST) Date: Thu, 12 Jan 2023 15:00:38 -0800 From: Kees Cook To: Julius Werner Cc: Jack Rosenthal , Paul Menzel , Guenter Roeck , Brian Norris , Stephen Boyd , Greg Kroah-Hartman , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v2] firmware: coreboot: Check size of table entry and split memcpy Message-ID: <202301121458.865E4834C@keescook> References: <20230107031406.gonna.761-kees@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 09, 2023 at 04:02:26PM +0100, Julius Werner wrote: > Reviewed-by: Julius Werner > > > - memcpy(&device->entry, ptr_entry, entry->size); > > + memcpy(device->raw, entry, entry->size); > > nit: It's a bit odd to change the source pointer from ptr_entry to > entry here. Technically the static analyzer would be within its rights > to give you a warning for that as well, because you're now > "overrunning" the source struct instead of the destination one. True. We've been focused on write overflows, but yeah, since the location of the flex array changed, I'll switch this back to ptr_entry. -- Kees Cook