Received: by 2002:ab2:60d1:0:b0:1f7:5705:b850 with SMTP id i17csp704989lqm; Wed, 1 May 2024 13:04:24 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUzB/7DLp2ihcWoBLIuC/17co/QPVKMS81KIGR3dQQll47VFMXS31USOOBKhhPnCWK0sLi7jeVeM3qk0JdDAVUQp18g4bTFxgi7JmUefw== X-Google-Smtp-Source: AGHT+IFIVfx7P7KzF+PKcYkRoQeRVxUM0rq0agugrkQgI5+PfIJzhWCVNe+puCJVj0sAtG9xroCu X-Received: by 2002:a05:6358:9989:b0:186:ea4:b1a3 with SMTP id j9-20020a056358998900b001860ea4b1a3mr4359544rwb.32.1714593864091; Wed, 01 May 2024 13:04:24 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714593864; cv=pass; d=google.com; s=arc-20160816; b=Zsf7UOMV9sbE3oA5w3a9xYr2yt4+9hSCUxAgHRgUsmJxT64IayE2Y9zdh3IRSNJ0yL 2I0PI2muAgd9Py3Ey5qBOF0PshbYbXUwN8LMxLzX4VU6ptj+sbdFf+w1HxGyg+iN8pyO o3sDDrESBMuyvDcThUyq2eZWbKMH/yhBZXKtLITbZtic1yU2c5fNB4/4qtnwazIwEkFb +D1J2RU0Hu11nldwWfDV9M0AN/xolMpiqDu1gqx0xGIKzzm4TbeonAk0jpnMGuXlWaGa EZJj1DeDadiMDDT3yH+ze7dSi3IGEqJn93O79tTyvzfvakOrgB961WKVWjnKi8BOtwz4 TSAw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=la4DlPMR/LfwCzRSAUSsTV1pUfLPTBPpS3kAQ67eY88=; fh=ZWMRIQqDyqhMuYoAyq9jxbVBWgZ3v4EdjJ7jNiiiIYA=; b=nY8tW8LFZtv7Q+wg7eaQl5hL17UzaPyg789SsLVzKVwbzytDSj0bNeIRHg+pwa+mz9 vMsFWDDSzY4Jr7z/mMOBkHASybPJXz1k/G50uh1ZWC3lvduoJvjflc5qegiAdNiFZplB wQX+sozzT99s79exhpaWCJLKkcODlPNvG/LbV4dc4SNdJuNzWelII6h9zZwcqCIOTUAE oZLvwMH/NplCQN51ZbR4uXs5PokRlh4gO5SnesB4by93A8hD/YkqD8J7BWDPZeG5ZwnA vDCmVh2rYJmZxI/oK/cVphIfmhkFkWtDJtSU2FipqA4ekZXrbufqU4+YPe3utWE2gR5X 0ZuQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=0Dst0cKx; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-165734-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-165734-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id is10-20020a056130638a00b007f01baeb591si1771199uab.206.2024.05.01.13.04.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 May 2024 13:04:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-165734-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=0Dst0cKx; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-165734-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-165734-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id C529D1C22710 for ; Wed, 1 May 2024 20:04:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7DB46161933; Wed, 1 May 2024 20:04:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="0Dst0cKx" Received: from mail-io1-f52.google.com (mail-io1-f52.google.com [209.85.166.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 58746161319 for ; Wed, 1 May 2024 20:04:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.52 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714593856; cv=none; b=LiaVnx6qTdNzdDXe9F7NhEUuyZ41rxktcMoho/jUjXyOAGyBJrKgmT1lMKyQI9q6NNeDSNmwS/0SZUFcxoGWvQt8Fvz+2b7bObZCPRglB0qY8PExeq3GXsBNPtSzspYlWpixG7hCMH/JwVMgfvgn2yGKgK3Y1g5HnbsHMvZka2o= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714593856; c=relaxed/simple; bh=goFmT9k+2JBPJZfg9ckRb9nR9k6bSBMAukkNNw6B6Hg=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=QTkI5LK0Vs4mWXNPoO6h5aZT25rVWL8K7cgDrirNyp6FMY0fUZ+sWLDJZG8MDV6UP1Q0HIPxbHlm8GNDpMY44ruXVD1xqOqxnp/zKPF/MP+97wW2Cefk0mxs2IFMVX+w0XwEjDpamDdQU3J46OLnUXxCSKyf+HnHEvw1RQSpaXc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=0Dst0cKx; arc=none smtp.client-ip=209.85.166.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Received: by mail-io1-f52.google.com with SMTP id ca18e2360f4ac-7dee8d177e1so44395439f.2 for ; Wed, 01 May 2024 13:04:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714593854; x=1715198654; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=la4DlPMR/LfwCzRSAUSsTV1pUfLPTBPpS3kAQ67eY88=; b=0Dst0cKxRAN94eQXZsEOLg8krWQz3TQsYZ1f/u6n9FX72Kl/C+L5A1/y9GDu1SZLPl rKD25k7N7AU6YwQjJjyKazefqadIwmW5C8dRG1j/oh2ner+lT4EuO6bJVZRYkp49Wutv 9WrAflyCslzVnf7Pmhp28ohqVmshCfKWPT36Y4Impy2XrgNlDh9ILVhyCk9mdw+ptrc/ CwGsgTYPE43vgaaebaRzpzWda+p8i38QafhBEvqbmqt0lqZq6+7K3pMSYSNrhaMstgSw VDhmt91s9FmZZ7pjKEokcAo5YToLqKC1rfGJ6Rd6/123ROZOD8luy9TfeCYHIcmEwnEW RB6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714593854; x=1715198654; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=la4DlPMR/LfwCzRSAUSsTV1pUfLPTBPpS3kAQ67eY88=; b=GouKuU0ArSG/dEKtRFgA68M5Ur0wjsN4QxClmnFaoA0YMw2MOt4ZFDthFBi9DU6JQy 9bxiTevqzrGs0CssEuvl48yIxhE+EW7SAvvT7kh60K64WLm9mfd781gTEUi9d7UGvAK6 jaVnl/rdhkaurd1AuHR9g4kAFdsxjztxdjwY54aCuRCqw5/KdMGV1++Cu0rPtk6vJH7w Br+OJtbB/gSvSs+7t0hSkZ38wHWHkfUA76NOvbdoswxpY/3fjWVYR9QRopbgN4Bcm80b IVMpmjXrqsmotL/uZWHtyvMfv4Pa7FpL7NzAG2hsT6yLX+JQGrmGIu9lq6Gd5w85YBzU YSgA== X-Forwarded-Encrypted: i=1; AJvYcCW5oB19BGjwP8s5AV4c1WTEZSRtCeMqm/7XKhZ3g8VYtgjkDhg24dHTajmprFPqLzw2TNh14C9ksZnr0t8i0pdhEsKHzXC5jdLoYHga X-Gm-Message-State: AOJu0Yx8BG25Z2NQMBVgYOvMyi/PdW/B3xgGpeCaNY95gzVQgiHV8r9n GguVuFeLJkMILFufmy8XSNHWOhu7NzxFYUk4pRQK5rkZ5p5bagv0Tu4tUa1RIQ== X-Received: by 2002:a5e:c80c:0:b0:7de:ca48:4fab with SMTP id y12-20020a5ec80c000000b007deca484fabmr4120481iol.2.1714593854425; Wed, 01 May 2024 13:04:14 -0700 (PDT) Received: from google.com (195.121.66.34.bc.googleusercontent.com. [34.66.121.195]) by smtp.gmail.com with ESMTPSA id f3-20020a056638168300b00487bf7fcf5csm1925536jat.179.2024.05.01.13.04.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 May 2024 13:04:13 -0700 (PDT) Date: Wed, 1 May 2024 20:04:11 +0000 From: Justin Stitt To: Erick Archer Cc: Marcelo Ricardo Leitner , Xin Long , Kees Cook , "Gustavo A. R. Silva" , Nathan Chancellor , Nick Desaulniers , Bill Wendling , linux-sctp@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, llvm@lists.linux.dev Subject: Re: [PATCH] sctp: annotate struct sctp_assoc_ids with __counted_by() Message-ID: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Hi, On Wed, May 01, 2024 at 07:01:22PM +0200, Erick Archer wrote: > Prepare for the coming implementation by GCC and Clang of the > __counted_by attribute. Flexible array members annotated with > __counted_by can have their accesses bounds-checked at run-time via > CONFIG_UBSAN_BOUNDS (for array indexing) and CONFIG_FORTIFY_SOURCE > (for strcpy/memcpy-family functions). > > Suggested-by: Kees Cook > Signed-off-by: Erick Archer > --- > include/uapi/linux/sctp.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/uapi/linux/sctp.h b/include/uapi/linux/sctp.h > index b7d91d4cf0db..836173e73401 100644 > --- a/include/uapi/linux/sctp.h > +++ b/include/uapi/linux/sctp.h > @@ -1007,7 +1007,7 @@ enum sctp_sstat_state { > */ > struct sctp_assoc_ids { > __u32 gaids_number_of_ids; > - sctp_assoc_t gaids_assoc_id[]; > + sctp_assoc_t gaids_assoc_id[] __counted_by(gaids_number_of_ids); Crucially, gaids_number_of_ids is assigned before any accesses to gaids_assoc_id[] are made. | ids->gaids_number_of_ids = num; | num = 0; | list_for_each_entry(asoc, &(sp->ep->asocs), asocs) { | ids->gaids_assoc_id[num++] = asoc->assoc_id; | } So this looks good to me. Reviewed-by: Justin Stitt > }; > > /* > -- > 2.25.1 > Thanks Justin