[0/3] net: Cleanups for FORTIFY_SOURCE

Message ID	20210819202825.3545692-1-keescook@chromium.org (mailing list archive)
Headers	show Return-Path: <linux-rdma-owner@kernel.org> From: Kees Cook <keescook@chromium.org> To: netdev@vger.kernel.org Cc: Kees Cook <keescook@chromium.org>, Stanislav Yakovlev <stas.yakovlev@gmail.com>, Kalle Valo <kvalo@codeaurora.org>, "David S. Miller" <davem@davemloft.net>, Jakub Kicinski <kuba@kernel.org>, Saeed Mahameed <saeedm@nvidia.com>, Leon Romanovsky <leon@kernel.org>, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Jesper Dangaard Brouer <hawk@kernel.org>, John Fastabend <john.fastabend@gmail.com>, Andrii Nakryiko <andrii@kernel.org>, Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>, KP Singh <kpsingh@kernel.org>, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, linux-rdma@vger.kernel.org, bpf@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH 0/3] net: Cleanups for FORTIFY_SOURCE Date: Thu, 19 Aug 2021 13:28:22 -0700 Message-Id: <20210819202825.3545692-1-keescook@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	net: Cleanups for FORTIFY_SOURCE \| expand [0/3] net: Cleanups for FORTIFY_SOURCE [1/3] ipw2x00: Avoid field-overflowing memcpy() [2/3] net/mlx5e: Avoid field-overflowing memcpy() [3/3] pcmcia: ray_cs: Split memcpy() to avoid bounds check warning

Message ID

20210819202825.3545692-1-keescook@chromium.org (mailing list archive)

Headers

From: Kees Cook <keescook@chromium.org>
To: netdev@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
        Stanislav Yakovlev <stas.yakovlev@gmail.com>,
        Kalle Valo <kvalo@codeaurora.org>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>,
        Saeed Mahameed <saeedm@nvidia.com>,
        Leon Romanovsky <leon@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Jesper Dangaard Brouer <hawk@kernel.org>,
        John Fastabend <john.fastabend@gmail.com>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <kafai@fb.com>,
        Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
        KP Singh <kpsingh@kernel.org>, linux-kernel@vger.kernel.org,
        linux-wireless@vger.kernel.org, linux-rdma@vger.kernel.org,
        bpf@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: [PATCH 0/3] net: Cleanups for FORTIFY_SOURCE
Date: Thu, 19 Aug 2021 13:28:22 -0700
Message-Id: <20210819202825.3545692-1-keescook@chromium.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

net: Cleanups for FORTIFY_SOURCE | expand

Message

Kees Cook Aug. 19, 2021, 8:28 p.m. UTC

Hi,

In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memcpy(), memmove(), and memset(), avoid
intentionally writing across neighboring fields.

These three changes have been living in my memcpy() series[1], but have
no external dependencies. It's probably better to have these go via
netdev.

Thanks!

-Kees

[1] https://lore.kernel.org/lkml/20210818060533.3569517-1-keescook@chromium.org/

Kees Cook (3):
  ipw2x00: Avoid field-overflowing memcpy()
  net/mlx5e: Avoid field-overflowing memcpy()
  pcmcia: ray_cs: Split memcpy() to avoid bounds check warning

 drivers/net/ethernet/mellanox/mlx5/core/en.h  |  4 +-
 .../net/ethernet/mellanox/mlx5/core/en/xdp.c  |  4 +-
 .../net/wireless/intel/ipw2x00/libipw_rx.c    | 56 ++++++-------------
 drivers/net/wireless/ray_cs.c                 |  4 +-
 4 files changed, 25 insertions(+), 43 deletions(-)

Comments

Jakub Kicinski Aug. 20, 2021, 5:01 p.m. UTC | #1

On Thu, 19 Aug 2021 13:28:22 -0700 Kees Cook wrote:
> Hi,
> 
> In preparation for FORTIFY_SOURCE performing compile-time and run-time
> field bounds checking for memcpy(), memmove(), and memset(), avoid
> intentionally writing across neighboring fields.
> 
> These three changes have been living in my memcpy() series[1], but have
> no external dependencies. It's probably better to have these go via
> netdev.

Thanks.

Kalle, Saeed - would you like to take the relevant changes? Presumably
they would get into net-next anyway by the time the merge window opens.

Kalle Valo Aug. 21, 2021, 10:11 a.m. UTC | #2

Jakub Kicinski <kuba@kernel.org> writes:

> On Thu, 19 Aug 2021 13:28:22 -0700 Kees Cook wrote:
>> Hi,
>> 
>> In preparation for FORTIFY_SOURCE performing compile-time and run-time
>> field bounds checking for memcpy(), memmove(), and memset(), avoid
>> intentionally writing across neighboring fields.
>> 
>> These three changes have been living in my memcpy() series[1], but have
>> no external dependencies. It's probably better to have these go via
>> netdev.
>
> Thanks.
>
> Kalle, Saeed - would you like to take the relevant changes? Presumably
> they would get into net-next anyway by the time the merge window opens.

Ok, I'll take patch 1 to wireless-drivers-next.

Kalle Valo Aug. 21, 2021, 10:13 a.m. UTC | #3

Kalle Valo <kvalo@codeaurora.org> writes:

> Jakub Kicinski <kuba@kernel.org> writes:
>
>> On Thu, 19 Aug 2021 13:28:22 -0700 Kees Cook wrote:
>>> Hi,
>>> 
>>> In preparation for FORTIFY_SOURCE performing compile-time and run-time
>>> field bounds checking for memcpy(), memmove(), and memset(), avoid
>>> intentionally writing across neighboring fields.
>>> 
>>> These three changes have been living in my memcpy() series[1], but have
>>> no external dependencies. It's probably better to have these go via
>>> netdev.
>>
>> Thanks.
>>
>> Kalle, Saeed - would you like to take the relevant changes? Presumably
>> they would get into net-next anyway by the time the merge window opens.
>
> Ok, I'll take patch 1 to wireless-drivers-next.

Correction: I'll take patches 1 and 3 to wireless-drivers-next.

Kees Cook Aug. 22, 2021, 5:16 a.m. UTC | #4

On Sat, Aug 21, 2021 at 01:13:37PM +0300, Kalle Valo wrote:
> Kalle Valo <kvalo@codeaurora.org> writes:
> 
> > Jakub Kicinski <kuba@kernel.org> writes:
> >
> >> On Thu, 19 Aug 2021 13:28:22 -0700 Kees Cook wrote:
> >>> Hi,
> >>> 
> >>> In preparation for FORTIFY_SOURCE performing compile-time and run-time
> >>> field bounds checking for memcpy(), memmove(), and memset(), avoid
> >>> intentionally writing across neighboring fields.
> >>> 
> >>> These three changes have been living in my memcpy() series[1], but have
> >>> no external dependencies. It's probably better to have these go via
> >>> netdev.
> >>
> >> Thanks.
> >>
> >> Kalle, Saeed - would you like to take the relevant changes? Presumably
> >> they would get into net-next anyway by the time the merge window opens.
> >
> > Ok, I'll take patch 1 to wireless-drivers-next.
> 
> Correction: I'll take patches 1 and 3 to wireless-drivers-next.

Great; thanks!