Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp3759622rdh; Tue, 28 Nov 2023 03:11:44 -0800 (PST) X-Google-Smtp-Source: AGHT+IHvfZSZb1PztPghdkMCh8Z5AHKoziIWbTD+fLWoo+XuPfHPaKVg4uS+kTsh0mWmSfZUObtt X-Received: by 2002:a92:d809:0:b0:35c:ae44:1766 with SMTP id y9-20020a92d809000000b0035cae441766mr9942657ilm.4.1701169904521; Tue, 28 Nov 2023 03:11:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701169904; cv=none; d=google.com; s=arc-20160816; b=tOlGgS51ppkHA3sRLMbq7I9T7w4DPHKyhfu5I2jFH3Now04Fc9rC5C7BFRND9NAVEt DoMmfC1b3pfkcPwFZg/sVAoFnmxOvmL7leFjSUpAlh/fmcvIuVkSSakqX9ZRs8e5RDLo 1vtoW5iGqOG440kgmOWgKHZ0gAM7uRG9xlhv7zsukiPXnpBbQgQZsKF3JE6th7wwolBQ 6tW8tam8eV6/I2z2vds+VU5h9BB/Eo9VdU+o7nh8E0LqaFmhODrUAvKboxFbkirmWJlR FcHPnehuSXFV/ek2nIbTVgN0xOB9TApZyf+NDXbojwmJMLVja/yYT3rUF4iJRNhZrPAS rgYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=hPj+RHcla99rHDnF5Bw+2c22M6E4B0TD5XWj39SfT1M=; fh=x7K5nRBdlxD4x9nIt2mu5KKoeK4osvvDT5JnvA5Ip+g=; b=n4f+8GGQTCPBgTK2zMU++3FILSAHf6i9adzmCqFKO0B+zpfpEM1n+a9kDeLYHjgs0V bkA7WMv+GrJ+j5Q1fqRd8Km+yFXMGSLUjYmQqMXTckz3ty6Mu377feInccNygQlAUxN8 wsvXQ4iAI/XN9HFPRDjT0DMa0pIqfkoK+xCHqE970jbCwEGP1gUuxPc0yD8i5b1QgvJq h7bRSnC6IjdRPY5iBzgCAE9oyAATwOxhi9LFdhAYJrcPNbadaZeJI+4+Ojn8/0BE9qye Jv+pMxePcWS+FOm/gGKhXOR2nEluKIxXOUOH27E6KunuXyHQzSyxB0oZPIFcJKHbEaat 8YgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id c9-20020a654209000000b005b57aa8517bsi11582882pgq.91.2023.11.28.03.11.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Nov 2023 03:11:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 0DB1A8077FD6; Tue, 28 Nov 2023 03:10:45 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344473AbjK1LKa (ORCPT + 99 others); Tue, 28 Nov 2023 06:10:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38468 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234676AbjK1LK2 (ORCPT ); Tue, 28 Nov 2023 06:10:28 -0500 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id CD5C0D45; Tue, 28 Nov 2023 03:10:34 -0800 (PST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1B019C15; Tue, 28 Nov 2023 03:11:22 -0800 (PST) Received: from e124191.cambridge.arm.com (e124191.cambridge.arm.com [10.1.197.45]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 431303F73F; Tue, 28 Nov 2023 03:10:33 -0800 (PST) Date: Tue, 28 Nov 2023 11:10:28 +0000 From: Joey Gouly To: "Gustavo A. R. Silva" Cc: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Bill Wendling , Kees Cook , netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] neighbour: Fix __randomize_layout crash in struct neighbour Message-ID: <20231128111028.GA2382233@e124191.cambridge.arm.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 28 Nov 2023 03:10:46 -0800 (PST) Hi, On Sat, Nov 25, 2023 at 03:33:58PM -0600, Gustavo A. R. Silva wrote: > Previously, one-element and zero-length arrays were treated as true > flexible arrays, even though they are actually "fake" flex arrays. > The __randomize_layout would leave them untouched at the end of the > struct, similarly to proper C99 flex-array members. > > However, this approach changed with commit 1ee60356c2dc ("gcc-plugins: > randstruct: Only warn about true flexible arrays"). Now, only C99 > flexible-array members will remain untouched at the end of the struct, > while one-element and zero-length arrays will be subject to randomization. > > Fix a `__randomize_layout` crash in `struct neighbour` by transforming > zero-length array `primary_key` into a proper C99 flexible-array member. > > Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays") > Closes: https://lore.kernel.org/linux-hardening/20231124102458.GB1503258@e124191.cambridge.arm.com/ > Signed-off-by: Gustavo A. R. Silva > --- > include/net/neighbour.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/net/neighbour.h b/include/net/neighbour.h > index 07022bb0d44d..0d28172193fa 100644 > --- a/include/net/neighbour.h > +++ b/include/net/neighbour.h > @@ -162,7 +162,7 @@ struct neighbour { > struct rcu_head rcu; > struct net_device *dev; > netdevice_tracker dev_tracker; > - u8 primary_key[0]; > + u8 primary_key[]; > } __randomize_layout; > > struct neigh_ops { Fixes the crash for me! Tested-by: Joey Gouly