Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp188430pxb; Tue, 17 Aug 2021 23:18:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxWftHQPhnssT95riHZpLHa8vlAjcEaa6St9A5P9ELYWSt8rmD3cjJOKydAKsJCWTcrXekO X-Received: by 2002:a92:d0d1:: with SMTP id y17mr2734348ila.91.1629267485700; Tue, 17 Aug 2021 23:18:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629267485; cv=none; d=google.com; s=arc-20160816; b=TLhyJ2t0APBJZWk2bMbEJ1is/D3Kwkqbwpnb2+1QDhZmzjJ7ETlOFdzV3JnrWkAG6V zDUWuof6UfzuvN43XtGAc1UtsEwBdRJmln7j7saKzHFugV6D1R1PCCK6PVHGeSY4Y4wZ dYmf8UZLv1+Va4rbOlyMy0dyb5xzmlNBXnP0j2mhCHZCV8RHGnJAGm8CVNGUL7Puzdw0 CYUTar55qc5pLVpAKehythp4sPNA60Zlg9oQjZx+xgK9GRdwCoigbX6Akh50NJKBBlBN ncFPYj6oeXTJwFXVfmhFF7Kjc9A2tWOU1w66aec1+Piv74e7nsBCnLMCrFlUq/VFByIk i3PQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=HZ2pMteOO7qWfOmOYtxvBybCH7dbrKV5AXIyHH8PDAo=; b=dnXNZ3yKdBJvieWnfYCtVNV2u5s5EK0e2bTPGF9B8CH0lafV500ltJka5RGdtIQIyU Dr3sFK2egE/s5eW+KIy3d2sZcm1Uxfw6VbjwbncC49trRS4r8ioh7rtNFvlmH+xIlcpZ OAUgP9hjQm1RUF42gaZ1eulpz5TeWlQtmBjh6pFrLlFkB2fujzggieaGh+qH+1vyzq5g QMXAuOkPac/B7S1lMpF0CRPqaspEHHtM2mb/M7Y9wcw/OmUZpJBpXBkaiiS8wkey5NsO 57oSbbt69NoSlVro1MYf3fKQtxpz5VIeEmQ47KgkimQdYJeMl80evyKVGnwkWGt0ltRs dIvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="I/ZOMRfd"; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i10si5366426iow.33.2021.08.17.23.17.54; Tue, 17 Aug 2021 23:18:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="I/ZOMRfd"; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240694AbhHRGSV (ORCPT + 99 others); Wed, 18 Aug 2021 02:18:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45518 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239557AbhHRGQD (ORCPT ); Wed, 18 Aug 2021 02:16:03 -0400 Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F3397C08E6DF for ; Tue, 17 Aug 2021 23:14:20 -0700 (PDT) Received: by mail-pj1-x1030.google.com with SMTP id mq3so1911581pjb.5 for ; Tue, 17 Aug 2021 23:14:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HZ2pMteOO7qWfOmOYtxvBybCH7dbrKV5AXIyHH8PDAo=; b=I/ZOMRfdW0A1G/DcQVMDbVZ27xrUyPneZm3d4+Q2S2o/EDHaj6F19/FFLV/TwoMpwu skf+ZMMooatac88oo9CLvuJrGQA7BIMv1RkJv118S5WXUAW4DfMl92HZuy1jSJK9Q8/C xkWRC88V3Fuj6arr6OaRAS1UJvHk6WO+znvdE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HZ2pMteOO7qWfOmOYtxvBybCH7dbrKV5AXIyHH8PDAo=; b=nQs5f3tWZDFRDTKCnBodHfwTxFzsz1DM+BtKZuihpXQ5vnok7H5e4uMAuHRGNo9V3x 7s/IKi2w0GlkT4iDgBrMODPpWRkfmGnsw2YfhGLN+1WTOjOsCIWR3Q4hRVB02vgG+p6Z m1HY/kouBVMv73cVJBNO3rDsevvsJ0LFXOS0pwdqx0H3ax4WYtU6jrdWzWzdNu6zLOxh Ig3CqMhzvsaidCkbarrz8Mjjhph1mOY9G6/5IVO4D2+PI0+mQ/Fno7/rK6rc5lUM/GVG Z0xI+Bl9EMtTmY53bF0DmRpQdDbdQwrFIikndEIz13XTbvhPpundSW+CLn18o3lS4tdH R7bQ== X-Gm-Message-State: AOAM531NonSiMR7ptC+OfA7z0bj0m0FUxdqDAmFvsVO1LvGhco7blOyq 43K26OZ23PJCuEaAzpJdFH6SGA== X-Received: by 2002:a17:90b:1bc5:: with SMTP id oa5mr7694940pjb.170.1629267260592; Tue, 17 Aug 2021 23:14:20 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id v20sm5270585pgi.39.2021.08.17.23.14.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Aug 2021 23:14:19 -0700 (PDT) From: Kees Cook To: linux-kernel@vger.kernel.org Cc: Kees Cook , "David S. Miller" , Hideaki YOSHIFUJI , David Ahern , Jakub Kicinski , netdev@vger.kernel.org, "Gustavo A. R. Silva" , Greg Kroah-Hartman , Andrew Morton , linux-wireless@vger.kernel.org, dri-devel@lists.freedesktop.org, linux-staging@lists.linux.dev, linux-block@vger.kernel.org, linux-kbuild@vger.kernel.org, clang-built-linux@googlegroups.com, Rasmus Villemoes , linux-hardening@vger.kernel.org Subject: [PATCH v2 39/63] ipv6: Use memset_after() to zero rt6_info Date: Tue, 17 Aug 2021 23:05:09 -0700 Message-Id: <20210818060533.3569517-40-keescook@chromium.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210818060533.3569517-1-keescook@chromium.org> References: <20210818060533.3569517-1-keescook@chromium.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1045; h=from:subject; bh=Xphf8KZ59311q+SS41lPdZSHzYQuR48YTVr6kaXwlq8=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBhHKMmSJWz3eXi3vB6HuJ8ZVOxVmfPJDOfgTngkXFJ Y1HtemeJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCYRyjJgAKCRCJcvTf3G3AJlNxD/ 9sppezWOBqAWwsgfxRdXp14+IggzlcV6Cmuy+3yoHyda/CdCTve1snqU/mJj9ikiLYc+kAugfad4F0 cTsFl+ID962FFCkUfX+wrf2rcqUBBFlgJb2t38JcXrnDO88rm3r76AL2Wma0ueNPmaH5WllhHC2rCK fXKPe24PYrG5OSOBDVj0fD/osVthtrCfm/J2MtX+UxWh2FPgLGPm8bIuPN1IO4o/bkmRAPRJf3kWdx OKIoFSgRnAQCFZAkoDmto4fssngysQ/8xlWWYJ9nL7hXj3ybM7i4Riea2vc7uMtQ/LdrD24dqEDmKe f3+J4WogRasAKWDsVi1LKZLojHKBb+ZlIs6kkWujZ6bqPTPjVxgKPF1SyrDNzFRofsvKIdmiaocbM8 7Mbap+xZuyeBTwmrqENziN5DQQZC7J8joprP3D5XEgjPSSfo10I0ZhuYGFkZImfW3drIF9MNa/UFwb K/jR9NhcwjBeArtPiUgjZ/eTrdZygthG5tuDwEvP65vF/0qwPA/rmr7iPNZkf43crxfhCRZxUf8LGs suQoBCZbvMkCKKlTKgtbFTehnkPqB2dleq9pZC86P1KKoE7a9I7zAFa0vwJ32McHUjN4QjWLWEnIo1 ySO6vVD3cBOQ7RlV165HYCseHGnNSRZD6wdVzFjMgZMzsSBDx6RZHTkAU6fQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memset(), avoid intentionally writing across neighboring fields. Use memset_after() to clear everything after the dst_entry member of struct rt6_info. Cc: "David S. Miller" Cc: Hideaki YOSHIFUJI Cc: David Ahern Cc: Jakub Kicinski Cc: netdev@vger.kernel.org Signed-off-by: Kees Cook --- net/ipv6/route.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 6cf4bb89ca69..bd0ab3e436e7 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -327,9 +327,7 @@ static const struct rt6_info ip6_blk_hole_entry_template = { static void rt6_info_init(struct rt6_info *rt) { - struct dst_entry *dst = &rt->dst; - - memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); + memset_after(rt, 0, dst); INIT_LIST_HEAD(&rt->rt6i_uncached); } -- 2.30.2