Received: by 2002:a89:2c3:0:b0:1ed:23cc:44d1 with SMTP id d3csp390997lqs; Tue, 5 Mar 2024 05:23:57 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXkqpg/lIgKmFpm98DEvxz+5jNA3/HKbY81EVbI3oUjs7cXqvi+HzrW/NXnHV8Yb29qdkwt9x8AdbmxKH7QKFdo4yZ9CYid3AG2O6j+kA== X-Google-Smtp-Source: AGHT+IFA561RV3wPiw3Zm27qcBYpUiJf7mok7t50wgWjHSix0p50eL2pxwr2//zxL/HgBQx3gDJx X-Received: by 2002:a05:6a00:8d3:b0:6e6:42b5:f746 with SMTP id s19-20020a056a0008d300b006e642b5f746mr989704pfu.29.1709645037262; Tue, 05 Mar 2024 05:23:57 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709645037; cv=pass; d=google.com; s=arc-20160816; b=AIytbvcB7KaqqbCOJOmvgf59YUxDl11+w4CHZ3yqyOztuwaTb+ncdbE53/F0no+WUe Eyd5oxzlAEm/w3pa6H6h3jNeHjLVPo8ll78a2wecdnhgrXh3CFxYIWPsejGeNniPnn13 5sRoQJGdnreZTb7UdW56hzhlOb115FKT/v03jHWJykA4wGjnMmj6I+nFK835Q7nhyXhg 3Y1IvJ0UiMN6xA/vBE+G5j/P/7Wz3kweA6PTA/q+R3WRV5NyiwVnun5zAVO4r5UvqYTc VcEWeHGp+ceDqtPAvqO7P24NmuBsAaM+yLdsjHMcTR3i2EHGC70i0vAUbpbOh7Xzk6Uw WyxA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=1SVi+4hMHF3VahXOsm78iv/WCI1KyXZ3SsNHaztcD3w=; fh=+FDVKFhWNaVYdi28gqLmoc2KaTmyyaaR4n21xes/UIE=; b=ejwjIUY7Jgdce3Y4CkM60MaanmICZGMFrPXsw3Nyh3ikOWdEuNCpeQbzRl2EiV3ae0 sTqK8OsSXDX83E3beArZ8tP00O8F3s5OOET+WGAPIeKdT/yeJLly9TNJvORSQXHMe/uO fM5hCJ0TE4UVEEcJRD1K6FS6vEXBEctgTGZh5K08kuIg4/mm0YwBM8zsFa+I56Gkgp3z jl8ou3CYvoJoMuqYdmOXtGzYLp4GRzy3BTgcjXZmjXLyLKYZA+g+K7BWzq3jOgBhP4oZ vruqad3JyH/XNuJ8UO+c9urj51gZF/CHbAEwUfyTcZ1zHH7uvRQAS45/Lqy+5gSNfOdD Ahaw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=jIIavN0w; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-92427-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-92427-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id 26-20020a63155a000000b005dcc0363c32si9803055pgv.596.2024.03.05.05.23.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Mar 2024 05:23:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-92427-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=jIIavN0w; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-92427-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-92427-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 09381287341 for ; Tue, 5 Mar 2024 13:23:42 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BC24785C46; Tue, 5 Mar 2024 13:23:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jIIavN0w" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D756C5A7A4; Tue, 5 Mar 2024 13:23:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709645012; cv=none; b=gBICQwvlYSBELwW/jn94m4jx2fCaxTPnpC4jVw9QPebK/+j5nk+GjhWL3p4mlMWXkYgdlj9H6vATK3xkafyQ1APeqgi8GjTEvPcaEjUjy0BK2gJo6ZXTA+QlKVfhClYwZq05FWfdMxrt3KbeX3lLy2BQQZgUg8KL0ZpgbMetAFs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709645012; c=relaxed/simple; bh=ZjacMFRjFcKPH1OLTek2CYbT+B+oPwe4QFvsl3DXWm4=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=n++0Cfmbtm0NMOpOqT/TbamTPf3QN13uT/suAdYGsOGVIElP2gvXhI+BdM9FHFTAe15Zo+tMBdD7SBM9V5fRL333s9m5jiPz2f9Oa5BVvekyEJeiKFmtLr+nAzjPYsLOdox95sYje0bqmRwFN3AhTHMnkcqVExlTrJxDiNXF4oc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jIIavN0w; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9BAD0C43390; Tue, 5 Mar 2024 13:23:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1709645011; bh=ZjacMFRjFcKPH1OLTek2CYbT+B+oPwe4QFvsl3DXWm4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=jIIavN0waKQKcV1EyO/wpS0H1pK1jeNJn1GezqFBjIrilCwRrLz/8IxcKXDOPIJ6h y5/NRftgrdirKEByRlN0f7N3w/LBCM3m8U7lFve3SHcDDiKnP9Oq4h8yJsRKDd2qQU dl6UjOhXGDASmp/uwgIEXgamHMk8O7QkENPcwYSQawYdOJvFsTxAF1Y8WxelnNjvhK s0szFET8QHzUo/8iul8FbbxY9wTwNNbG5/pCmdac+WqtqzOiG52kd5846uzfQVHK10 CAF4tqHJ4PHqLZnlgBzm+MDWgZNrZ8+LaUBkD3QED+h8DSvhDs6xhpI6w92jyXzk4n OX7hiN0Rwwccg== Date: Tue, 5 Mar 2024 13:23:26 +0000 From: Simon Horman To: Kees Cook Cc: Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , netdev@vger.kernel.org, David Ahern , Kuniyuki Iwashima , Abel Wu , Breno Leitao , Alexander Mikhalitsyn , David Howells , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v3] sock: Use unsafe_memcpy() for sock_copy() Message-ID: <20240305132326.GE2357@kernel.org> References: <20240304212928.make.772-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240304212928.make.772-kees@kernel.org> On Mon, Mar 04, 2024 at 01:29:31PM -0800, Kees Cook wrote: > While testing for places where zero-sized destinations were still showing > up in the kernel, sock_copy() and inet_reqsk_clone() were found, which > are using very specific memcpy() offsets for both avoiding a portion of > struct sock, and copying beyond the end of it (since struct sock is really > just a common header before the protocol-specific allocation). Instead > of trying to unravel this historical lack of container_of(), just switch > to unsafe_memcpy(), since that's effectively what was happening already > (memcpy() wasn't checking 0-sized destinations while the code base was > being converted away from fake flexible arrays). > > Avoid the following false positive warning with future changes to > CONFIG_FORTIFY_SOURCE: > > memcpy: detected field-spanning write (size 3068) of destination "&nsk->__sk_common.skc_dontcopy_end" at net/core/sock.c:2057 (size 0) > > Signed-off-by: Kees Cook > --- > Cc: Jakub Kicinski > Cc: "David S. Miller" > Cc: Eric Dumazet > Cc: Paolo Abeni > Cc: netdev@vger.kernel.org > v3: fix inet_reqsk_clone() comment > v2: https://lore.kernel.org/lkml/20240216232220.it.450-kees@kernel.org > v1: https://lore.kernel.org/lkml/20240216204423.work.066-kees@kernel.org Reviewed-by: Simon Horman