Received: by 2002:ab2:715a:0:b0:1fd:c064:50c with SMTP id l26csp27574lqm; Mon, 10 Jun 2024 11:33:42 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVGivZHPUwesS8M5Y2bO7aJSBRbZbTMPuxk5y7le4zYkSzedqS+ox7whqdEl/0sbkvFMm4dQZtYK/qe4KPoqaariy8FR/vDxJ3q+3ZJJA== X-Google-Smtp-Source: AGHT+IGhpe04lwGyS89WgeFYubfkz9XQcgC/n21yk87BsPDrWMiaYFZdgD4gVpXMYnNqLrenRAv1 X-Received: by 2002:a25:ae87:0:b0:dfa:4d10:4f8b with SMTP id 3f1490d57ef6-dfaf65b631bmr9279594276.13.1718044421901; Mon, 10 Jun 2024 11:33:41 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718044421; cv=pass; d=google.com; s=arc-20160816; b=jcDXJwwdrcETOHNG8kKuyOgv3Gr/+SHlwAkIfnldd4P8+ii2nBbDtz1sigw3d57Fnl DQoz96wnJWzW8GYfl2wvb9QWbwbtu+JLfCCOgCYOFmla7NVAT07uNM55EpgFRT3cSsct tvIEaK6p9KsPvJr+K9gkgihW/KNd0NMq1iA/nDbNW5Vkf/NGJche4/8V8En2FDCmOwb4 Prckck2TyG6pCGJgPP3ewjKXuaI13ChGmsfxkEGfKQIINdrWz0yojG//s7VO8m0rErzX bjsworBymDrdkLV8VggVtQI58knYtcvqRn7FIBa+qHa98XmmusF61BG0GGBHp9Rv4D9y lUPQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=2ZW4rZ2YPeBn8N6VRZSCudwXRxrHf9JDn7CPJp9KkGg=; fh=B5WKfTneFLGE7Bg1wVHhFDnH6SyF+z2H2LeldXAALJE=; b=UgxskaGsp1g1zOhGvbZdUhIDtq+pOSi0wZLtMKGjkU6roFlqrnB57huFhixvZdMEmL 9bDhuWgSPKHCGtpIFK+r4/a3KH8x6ULCCpAjPqga8cjITy7Aqhc7+0TOzVuQJfVj7a1a sJRPWEysmhPZ1YjqbNJ2JVTr45qlBUd/B1BGT2Uz5Oaq3JdnUOh0PTX85eI8hdNwe8F4 hWZVVnD6ELGcJhu307/5F7iKe64THimG+ZNo7AefIHWRHUCZW1pVo9w9twttzMvkM6LV 2VMqfR1uzfYS4j7DGz5bnpwiSYRiy2IFy2L4dkEKS26/n8mfcawVeC2kmLa3w6p5fgaD P0tw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NzWqFXHL; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-208737-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-208737-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d75a77b69052e-44038b55d32si112907481cf.518.2024.06.10.11.33.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Jun 2024 11:33:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-208737-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NzWqFXHL; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-208737-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-208737-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 349ED1C221D1 for ; Mon, 10 Jun 2024 18:33:27 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id F1F4014BFA8; Mon, 10 Jun 2024 18:33:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="NzWqFXHL" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1DAC726AF6; Mon, 10 Jun 2024 18:33:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718044400; cv=none; b=gydSrPMMhfrsI1g5BOe+o0Hj39RsQo1j/Hg2JArLKRdvWOsBPuPUiSXKRlSd5lN1TYjdQdeQeWOOQXmni1LInY9UNcMem3o5MEnztFCT/gpcGoGjzZRPW7QtKGbYUJEmG7aTQvcefuCP2Cvb2iEMsWU8hk4Eo+bSbfvtlFoxbQE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718044400; c=relaxed/simple; bh=z7GoEVteVgOtc8npLSzQ50VzcFsj6U4Ypa2U9npOXw4=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=jyYXIDZ4DXfAZNYncfnOjGJCpCiDIVU1jbOBxkU51L108jde2QNPiKVuugLHcibxFJCBQTgW/n/XdvSyFPFNo3PRvOqXnBD/eX9PGN4ya4Q9DA57VcJoDxDWqlxh0s1IHWQ59XcKcUjzxIp9F0yK5NGfwM5XzAC/ny0aon+OSbU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=NzWqFXHL; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 970D9C2BBFC; Mon, 10 Jun 2024 18:33:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1718044399; bh=z7GoEVteVgOtc8npLSzQ50VzcFsj6U4Ypa2U9npOXw4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=NzWqFXHL5/BIn5baIlyMU1n811fD+ayPsVixBIeSOKOiUePsTJkpYe5wS0/Nw4cpp 3o9WDVMHokXbbtKfTUfbsuTlZkHy23s/3joKCh3We6yoIzyJQrrqxUAM2/nwTXui4b P3f3/OsEv6VSMvMRo4wQM7Sz898CHzmS/veCX/nBtq9a55jj5q8jLD/xfy3MDVzNGC 0BZXwiSL+rwRv08pFWXNAeEusMBhtWzisLvAZPUWzPW/cvMLeTAU/KhJmcZFtv73R9 6wyS/LoeI6GNIlL5vCA8eiA2/qg8U6VeA60HcqQV/y1FFAlK/IVLlhuk0Zqan8ysxP pBPz2hK/5G/DQ== Date: Mon, 10 Jun 2024 11:33:18 -0700 From: Nathan Chancellor To: Kees Cook Cc: "Gustavo A. R. Silva" , Christian Schrefl , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] kunit/overflow: Adjust for __counted_by with DEFINE_RAW_FLEX() Message-ID: <20240610183318.GA3321@thelio-3990X> References: <20240610182301.work.272-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240610182301.work.272-kees@kernel.org> On Mon, Jun 10, 2024 at 11:23:05AM -0700, Kees Cook wrote: > When a flexible array structure has a __counted_by annotation, its use > with DEFINE_RAW_FLEX() will result in the count being zero-initialized. > This is expected since one doesn't want to use RAW with a counted_by > struct. Adjust the tests to check for the condition and for compiler > support. > > Reported-by: Christian Schrefl > Closes: https://lore.kernel.org/all/0bfc6b38-8bc5-4971-b6fb-dc642a73fbfe@gmail.com/ > Suggested-by: Nathan Chancellor > Signed-off-by: Kees Cook Seems reasonable to me. Reviewed-by: Nathan Chancellor > --- > Cc: "Gustavo A. R. Silva" > Cc: linux-hardening@vger.kernel.org > --- > lib/overflow_kunit.c | 20 +++++++++++++++++--- > 1 file changed, 17 insertions(+), 3 deletions(-) > > diff --git a/lib/overflow_kunit.c b/lib/overflow_kunit.c > index 4ef31b0bb74d..d305b0c054bb 100644 > --- a/lib/overflow_kunit.c > +++ b/lib/overflow_kunit.c > @@ -1178,14 +1178,28 @@ struct foo { > s16 array[] __counted_by(counter); > }; > > +struct bar { > + int a; > + u32 counter; > + s16 array[]; > +}; > + > static void DEFINE_FLEX_test(struct kunit *test) > { > - DEFINE_RAW_FLEX(struct foo, two, array, 2); > + /* Using _RAW_ on a __counted_by struct will initialize "counter" to zero */ > + DEFINE_RAW_FLEX(struct foo, two_but_zero, array, 2); > +#if __has_attribute(__counted_by__) > + int expected_raw_size = sizeof(struct foo); > +#else > + int expected_raw_size = sizeof(struct foo) + 2 * sizeof(s16); > +#endif > + /* Without annotation, it will always be on-stack size. */ > + DEFINE_RAW_FLEX(struct bar, two, array, 2); > DEFINE_FLEX(struct foo, eight, array, counter, 8); > DEFINE_FLEX(struct foo, empty, array, counter, 0); > > - KUNIT_EXPECT_EQ(test, __struct_size(two), > - sizeof(struct foo) + sizeof(s16) + sizeof(s16)); > + KUNIT_EXPECT_EQ(test, __struct_size(two_but_zero), expected_raw_size); > + KUNIT_EXPECT_EQ(test, __struct_size(two), sizeof(struct bar) + 2 * sizeof(s16)); > KUNIT_EXPECT_EQ(test, __struct_size(eight), 24); > KUNIT_EXPECT_EQ(test, __struct_size(empty), sizeof(struct foo)); > } > -- > 2.34.1 >