Received: by 2002:a05:7412:da14:b0:e2:908c:2ebd with SMTP id fe20csp644334rdb; Fri, 6 Oct 2023 14:18:08 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFdjEqsu347GsfSJ4rOCMtOE9ATzNdF/Ti8xKP4brdS5PoUKnYE0fC8kOdEt9Bc6tBXTs2C X-Received: by 2002:a05:6a20:7f9a:b0:163:a041:336c with SMTP id d26-20020a056a207f9a00b00163a041336cmr11015410pzj.48.1696627087704; Fri, 06 Oct 2023 14:18:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696627087; cv=none; d=google.com; s=arc-20160816; b=yXfctgGuZ3q8DMXtSCC52Qygv00zIJxB/SK8+ihmqh1m9VmvjTprwdV9OAaL+nC5ME xbVLssuMiXKPXtu/vq/UhTUOCL15m/2R/6+nMyT/3B+TXPhCzLXevOICe+fMUktpSKWG ivZlqgd6ft0yk7n5q6j5pes0FMEoj2tdfy4o5QZ6ShNBHuqTkAqy8dJEwhUDBCzRpizq 6JiFBYvZBt2lPpLAruO/mCDx9GfL/uAWqz11d3ZAzI9eDvaRP0NJrJHnT5R1/HjWfR6n wqo/EdHrWem7dn8NLEOcomTzeQUcKBOQsL6figJLLt7JqNdbjzbmd5hZyhJUBV/xGOgx EpgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=z8YyZNdSqKiy5DzZ/PIG6aNvb3OwzQTDwFSCpe0do0I=; fh=Rvp4RUlyDfIU9ExF0LLf5FI8A3By38pOywRVv/hNu/s=; b=JP5N0G2kuiIIiprONoLf2X1b7ILnvL52TqeNYGK18ZVffgaGtZK3T6E2JiZpqZZgjW MCNstp7dHgCl8zvjkJ8IM/glLY+1iPZmtNYsuiOsOSij0adcRQTojcolGUKTSB1eg6Hr lDOzZUe2dkg/9NHjzcbi6w0R67pjBGOmOhnvWMXc0NmNmeJU0vefoP2hdYZYHnCLB/Q9 sJQyPZzm4ULtxPDy7Exhfwf6YszewVoFquNw+NMm5hitZxEJWP6DTQP+xoVgcqUoRvT8 IQmgyk1TliWA5IYfvkLU1kBpyFGq2SLebf8OvP21eCL6fdSLBhh+emctPtE3lcrbb1qK eOJQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=HfrIIaae; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id s25-20020a656919000000b005859b1c086fsi4263544pgq.532.2023.10.06.14.18.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Oct 2023 14:18:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=HfrIIaae; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id AA22A81376A3; Fri, 6 Oct 2023 14:18:06 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233679AbjJFVSA (ORCPT + 99 others); Fri, 6 Oct 2023 17:18:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52806 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233678AbjJFVR7 (ORCPT ); Fri, 6 Oct 2023 17:17:59 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3D015EA for ; Fri, 6 Oct 2023 14:17:57 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id 41be03b00d2f7-56c306471ccso1995314a12.3 for ; Fri, 06 Oct 2023 14:17:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1696627076; x=1697231876; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=z8YyZNdSqKiy5DzZ/PIG6aNvb3OwzQTDwFSCpe0do0I=; b=HfrIIaaeG6ZvdsF5OrF+ECo8MaHyzuchjI1AMOtJwDfiR+5av1Hs68gj1ZcNWLXTnk jAk8cSEMYWr+7C2fRmFbadWnotGqYKgpOMRcy9LAKW3vzruv89qoLob8/YX3lSzwKWQw HdckU35LLE9t/ogFw8/vBM/afrJ4VBsgL6vhr5VIPWDNc/E2l1h+uSAYwhZvPR3kaEzi sn4RUx60bVtkWMJiB2dsHiSgtt10+h6HGFMf9oj2qlQnWsNNL0fDqb0QDtv1fSWJiU91 w77WpllBCrYQH7SCkXEZfRV6VaJkV/ZgKged5gmO1oDVHUvPVxed6DKE8QxuC1S+Jv3Z Z0dw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696627076; x=1697231876; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=z8YyZNdSqKiy5DzZ/PIG6aNvb3OwzQTDwFSCpe0do0I=; b=cGGdj4gbDmehOey6Xq/MNXdPW0rL9lltZE+eTt9VfCB4PtExczoUkH2s4LJcMUo2XZ zeU8XbPExbYIaa1tkBsirvBxlLxztGjhlJLHafM04pMFKjuEEt25Rtk1193yb0Xvkav4 YOBzNgqnVb+lwn0rdDdl36xz6vdMijlsE75wsz4GjFo+/dks7gZCbj4opp2X1f6mUb8P mIR1XCz6bR4PoEuBqBYqsTozcszcp0s+0zf7tNbb4lxB0PkVJk/vxASdi9fHCm0cW+x2 M/7RitVH7yRBgE+oAk33KYT1xOdr7P7HhNXdZJwnffrFT05sFHoGvytFC0KDm8IWheaJ yLQg== X-Gm-Message-State: AOJu0YzSPH7XPuzR51Igmqn/sLER8pOo1fzb1q7fmh9xauhIA1RSdO9Y 1RxchH/1ATVSnuJmqJUCEtcPoDI= X-Received: from sdf.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5935]) (user=sdf job=sendgmr) by 2002:a63:4e4d:0:b0:589:86ae:2107 with SMTP id o13-20020a634e4d000000b0058986ae2107mr57778pgl.9.1696627076618; Fri, 06 Oct 2023 14:17:56 -0700 (PDT) Date: Fri, 6 Oct 2023 14:17:55 -0700 In-Reply-To: <20231006201657.work.531-kees@kernel.org> Mime-Version: 1.0 References: <20231006201657.work.531-kees@kernel.org> Message-ID: Subject: Re: [PATCH] bpf: Annotate struct bpf_stack_map with __counted_by From: Stanislav Fomichev To: Kees Cook Cc: Song Liu , Jiri Olsa , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Yonghong Song , John Fastabend , KP Singh , Hao Luo , "Gustavo A. R. Silva" , bpf@vger.kernel.org, linux-hardening@vger.kernel.org, Nathan Chancellor , Nick Desaulniers , Tom Rix , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Content-Type: text/plain; charset="utf-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Fri, 06 Oct 2023 14:18:06 -0700 (PDT) On 10/06, Kees Cook wrote: > Prepare for the coming implementation by GCC and Clang of the __counted_by > attribute. Flexible array members annotated with __counted_by can have > their accesses bounds-checked at run-time via CONFIG_UBSAN_BOUNDS (for > array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > functions). > > As found with Coccinelle[1], add __counted_by for struct bpf_stack_map. > > Cc: Song Liu > Cc: Jiri Olsa > Cc: Alexei Starovoitov > Cc: Daniel Borkmann > Cc: Andrii Nakryiko > Cc: Martin KaFai Lau > Cc: Yonghong Song > Cc: John Fastabend > Cc: KP Singh > Cc: Stanislav Fomichev > Cc: Hao Luo > Cc: "Gustavo A. R. Silva" > Cc: bpf@vger.kernel.org > Cc: linux-hardening@vger.kernel.org > Link: https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci [1] > Signed-off-by: Kees Cook TIL about __counted_by :-) Acked-by: Stanislav Fomichev > --- > kernel/bpf/stackmap.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/bpf/stackmap.c b/kernel/bpf/stackmap.c > index 458bb80b14d5..d6b277482085 100644 > --- a/kernel/bpf/stackmap.c > +++ b/kernel/bpf/stackmap.c > @@ -28,7 +28,7 @@ struct bpf_stack_map { > void *elems; > struct pcpu_freelist freelist; > u32 n_buckets; > - struct stack_map_bucket *buckets[]; > + struct stack_map_bucket *buckets[] __counted_by(n_buckets); > }; > > static inline bool stack_map_use_build_id(struct bpf_map *map) > -- > 2.34.1 >