| Message ID | 20240609045419.240265-2-mailhol.vincent@wanadoo.fr (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | can: treewide: decorate flexible array members with __counted_by() | expand |
On Sun, Jun 09, 2024 at 01:54:18PM +0900, Vincent Mailhol wrote: > A new __counted_by() attribute was introduced in [1]. It makes the > compiler's sanitizer aware of the actual size of a flexible array > member, allowing for additional runtime checks. > > Move the end of line comments to the previous line to make room and > apply the __counted_by() attribute to the can flexible array member of > struct pciefd_board. > > [1] commit dd06e72e68bc ("Compiler Attributes: Add __counted_by macro") > Link: https://git.kernel.org/torvalds/c/dd06e72e68bc > > CC: Kees Cook <kees@kernel.org> > Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr> > --- > drivers/net/can/peak_canfd/peak_pciefd_main.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/drivers/net/can/peak_canfd/peak_pciefd_main.c b/drivers/net/can/peak_canfd/peak_pciefd_main.c > index 1df3c4b54f03..636102103a88 100644 > --- a/drivers/net/can/peak_canfd/peak_pciefd_main.c > +++ b/drivers/net/can/peak_canfd/peak_pciefd_main.c > @@ -190,8 +190,10 @@ struct pciefd_board { > void __iomem *reg_base; > struct pci_dev *pci_dev; > int can_count; > - spinlock_t cmd_lock; /* 64-bits cmds must be atomic */ > - struct pciefd_can *can[]; /* array of network devices */ > + /* 64-bits cmds must be atomic */ > + spinlock_t cmd_lock; > + /* array of network devices */ > + struct pciefd_can *can[] __counted_by(can_count); > }; > > /* supported device ids. */ You'll need to adjust the code logic that manipulates "can_count", as accesses to "can" will trap when they're seen as out of bounds. For example: pciefd = devm_kzalloc(&pdev->dev, struct_size(pciefd, can, can_count), GFP_KERNEL); ... /* pciefd->can_count is "0" now */ while (pciefd->can_count < can_count) { ... pciefd_can_probe(pciefd); /* which does: */ pciefd->can[pciefd->can_count] = priv; /// HERE ... pciefd->can_count++; } The access at "HERE" above will trap: "can" is believed to have "can_count" elements (0 on the first time through the loop). This needs to be adjusted to increment "can_count" first. Perhaps: diff --git a/drivers/net/can/peak_canfd/peak_pciefd_main.c b/drivers/net/can/peak_canfd/peak_pciefd_main.c index 1df3c4b54f03..df8304b2d291 100644 --- a/drivers/net/can/peak_canfd/peak_pciefd_main.c +++ b/drivers/net/can/peak_canfd/peak_pciefd_main.c @@ -676,7 +676,8 @@ static int pciefd_can_probe(struct pciefd_board *pciefd) spin_lock_init(&priv->tx_lock); /* save the object address in the board structure */ - pciefd->can[pciefd->can_count] = priv; + pciefd->can_count++; + pciefd->can[pciefd->can_count - 1] = priv; dev_info(&pciefd->pci_dev->dev, "%s at reg_base=0x%p irq=%d\n", ndev->name, priv->reg_base, ndev->irq); @@ -800,8 +801,6 @@ static int peak_pciefd_probe(struct pci_dev *pdev, err = pciefd_can_probe(pciefd); if (err) goto err_free_canfd; - - pciefd->can_count++; } /* set system timestamps counter in RST mode */
diff --git a/drivers/net/can/peak_canfd/peak_pciefd_main.c b/drivers/net/can/peak_canfd/peak_pciefd_main.c index 1df3c4b54f03..636102103a88 100644 --- a/drivers/net/can/peak_canfd/peak_pciefd_main.c +++ b/drivers/net/can/peak_canfd/peak_pciefd_main.c @@ -190,8 +190,10 @@ struct pciefd_board { void __iomem *reg_base; struct pci_dev *pci_dev; int can_count; - spinlock_t cmd_lock; /* 64-bits cmds must be atomic */ - struct pciefd_can *can[]; /* array of network devices */ + /* 64-bits cmds must be atomic */ + spinlock_t cmd_lock; + /* array of network devices */ + struct pciefd_can *can[] __counted_by(can_count); }; /* supported device ids. */
A new __counted_by() attribute was introduced in [1]. It makes the compiler's sanitizer aware of the actual size of a flexible array member, allowing for additional runtime checks. Move the end of line comments to the previous line to make room and apply the __counted_by() attribute to the can flexible array member of struct pciefd_board. [1] commit dd06e72e68bc ("Compiler Attributes: Add __counted_by macro") Link: https://git.kernel.org/torvalds/c/dd06e72e68bc CC: Kees Cook <kees@kernel.org> Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr> --- drivers/net/can/peak_canfd/peak_pciefd_main.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)