| Message ID | 20210727205855.411487-55-keescook@chromium.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Introduce strict memcpy() bounds checking | expand |
On Tue, 27 Jul 2021 13:58:45 -0700 Kees Cook wrote: > In preparation for FORTIFY_SOURCE performing compile-time and run-time > field bounds checking for memset(), avoid intentionally writing across > neighboring fields. > > Add struct_group() to mark region of struct rt6_info that should be > initialized to zero. memset_after() ? > diff --git a/include/net/ip6_fib.h b/include/net/ip6_fib.h > index 15b7fbe6b15c..9816e7444918 100644 > --- a/include/net/ip6_fib.h > +++ b/include/net/ip6_fib.h > @@ -205,20 +205,22 @@ struct fib6_info { > > struct rt6_info { > struct dst_entry dst; > - struct fib6_info __rcu *from; > - int sernum; > - > - struct rt6key rt6i_dst; > - struct rt6key rt6i_src; > - struct in6_addr rt6i_gateway; > - struct inet6_dev *rt6i_idev; > - u32 rt6i_flags; > - > - struct list_head rt6i_uncached; > - struct uncached_list *rt6i_uncached_list; > - > - /* more non-fragment space at head required */ > - unsigned short rt6i_nfheader_len; > + struct_group(init, > + struct fib6_info __rcu *from; > + int sernum; > + > + struct rt6key rt6i_dst; > + struct rt6key rt6i_src; > + struct in6_addr rt6i_gateway; > + struct inet6_dev *rt6i_idev; > + u32 rt6i_flags; > + > + struct list_head rt6i_uncached; > + struct uncached_list *rt6i_uncached_list; > + > + /* more non-fragment space at head required */ > + unsigned short rt6i_nfheader_len; > + ); > }; > > struct fib6_result { > diff --git a/net/ipv6/route.c b/net/ipv6/route.c > index 6b8051106aba..bbcc605bab57 100644 > --- a/net/ipv6/route.c > +++ b/net/ipv6/route.c > @@ -327,9 +327,7 @@ static const struct rt6_info ip6_blk_hole_entry_template = { > > static void rt6_info_init(struct rt6_info *rt) > { > - struct dst_entry *dst = &rt->dst; > - > - memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); > + memset(&rt->init, 0, sizeof(rt->init)); > INIT_LIST_HEAD(&rt->rt6i_uncached); > } >
On Thu, Jul 29, 2021 at 11:58:50AM -0700, Jakub Kicinski wrote: > On Tue, 27 Jul 2021 13:58:45 -0700 Kees Cook wrote: > > In preparation for FORTIFY_SOURCE performing compile-time and run-time > > field bounds checking for memset(), avoid intentionally writing across > > neighboring fields. > > > > Add struct_group() to mark region of struct rt6_info that should be > > initialized to zero. > > memset_after() ? Oh, hah. Yes. I will adjust for v2.
diff --git a/include/net/ip6_fib.h b/include/net/ip6_fib.h index 15b7fbe6b15c..9816e7444918 100644 --- a/include/net/ip6_fib.h +++ b/include/net/ip6_fib.h @@ -205,20 +205,22 @@ struct fib6_info { struct rt6_info { struct dst_entry dst; - struct fib6_info __rcu *from; - int sernum; - - struct rt6key rt6i_dst; - struct rt6key rt6i_src; - struct in6_addr rt6i_gateway; - struct inet6_dev *rt6i_idev; - u32 rt6i_flags; - - struct list_head rt6i_uncached; - struct uncached_list *rt6i_uncached_list; - - /* more non-fragment space at head required */ - unsigned short rt6i_nfheader_len; + struct_group(init, + struct fib6_info __rcu *from; + int sernum; + + struct rt6key rt6i_dst; + struct rt6key rt6i_src; + struct in6_addr rt6i_gateway; + struct inet6_dev *rt6i_idev; + u32 rt6i_flags; + + struct list_head rt6i_uncached; + struct uncached_list *rt6i_uncached_list; + + /* more non-fragment space at head required */ + unsigned short rt6i_nfheader_len; + ); }; struct fib6_result { diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 6b8051106aba..bbcc605bab57 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -327,9 +327,7 @@ static const struct rt6_info ip6_blk_hole_entry_template = { static void rt6_info_init(struct rt6_info *rt) { - struct dst_entry *dst = &rt->dst; - - memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); + memset(&rt->init, 0, sizeof(rt->init)); INIT_LIST_HEAD(&rt->rt6i_uncached); }
In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memset(), avoid intentionally writing across neighboring fields. Add struct_group() to mark region of struct rt6_info that should be initialized to zero. Signed-off-by: Kees Cook <keescook@chromium.org> --- include/net/ip6_fib.h | 30 ++++++++++++++++-------------- net/ipv6/route.c | 4 +--- 2 files changed, 17 insertions(+), 17 deletions(-)