| Message ID | 20220124172242.2410996-1-keescook@chromium.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 6d5c900eb64107001e91e1f46bddc254dded8a59 |
| Headers | show |
| Series | [RESEND] net/mlx5e: Use struct_group() for memcpy() region | expand |
On 24 Jan 09:22, Kees Cook wrote: >In preparation for FORTIFY_SOURCE performing compile-time and run-time >field bounds checking for memcpy(), memmove(), and memset(), avoid >intentionally writing across neighboring fields. > >Use struct_group() in struct vlan_ethhdr around members h_dest and >h_source, so they can be referenced together. This will allow memcpy() >and sizeof() to more easily reason about sizes, improve readability, >and avoid future warnings about writing beyond the end of h_dest. > >"pahole" shows no size nor member offset changes to struct vlan_ethhdr. >"objdump -d" shows no object code changes. > >Cc: Saeed Mahameed <saeedm@nvidia.com> >Cc: Leon Romanovsky <leon@kernel.org> >Cc: "David S. Miller" <davem@davemloft.net> >Cc: Jakub Kicinski <kuba@kernel.org> >Cc: netdev@vger.kernel.org >Cc: linux-rdma@vger.kernel.org >Signed-off-by: Kees Cook <keescook@chromium.org> >--- >Since this results in no binary differences, I will carry this in my tree >unless someone else wants to pick it up. It's one of the last remaining >clean-ups needed for the next step in memcpy() hardening. >--- applied to net-next-mlx5 Thanks, Saeed.
On Wed, Jan 26, 2022 at 01:28:54PM -0800, Saeed Mahameed wrote: > On 24 Jan 09:22, Kees Cook wrote: > > In preparation for FORTIFY_SOURCE performing compile-time and run-time > > field bounds checking for memcpy(), memmove(), and memset(), avoid > > intentionally writing across neighboring fields. > > > > Use struct_group() in struct vlan_ethhdr around members h_dest and > > h_source, so they can be referenced together. This will allow memcpy() > > and sizeof() to more easily reason about sizes, improve readability, > > and avoid future warnings about writing beyond the end of h_dest. > > > > "pahole" shows no size nor member offset changes to struct vlan_ethhdr. > > "objdump -d" shows no object code changes. > > > > Cc: Saeed Mahameed <saeedm@nvidia.com> > > Cc: Leon Romanovsky <leon@kernel.org> > > Cc: "David S. Miller" <davem@davemloft.net> > > Cc: Jakub Kicinski <kuba@kernel.org> > > Cc: netdev@vger.kernel.org > > Cc: linux-rdma@vger.kernel.org > > Signed-off-by: Kees Cook <keescook@chromium.org> > > --- > > Since this results in no binary differences, I will carry this in my tree > > unless someone else wants to pick it up. It's one of the last remaining > > clean-ups needed for the next step in memcpy() hardening. > > --- > > applied to net-next-mlx5 Thanks! How often does net-next-mlx5 flush into net-next?
On 26 Jan 14:53, Kees Cook wrote: >On Wed, Jan 26, 2022 at 01:28:54PM -0800, Saeed Mahameed wrote: [...] >> applied to net-next-mlx5 > >Thanks! How often does net-next-mlx5 flush into net-next? every couple of days.
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c index 7fd33b356cc8..ee7ecb88adc1 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c @@ -208,7 +208,7 @@ static inline void mlx5e_insert_vlan(void *start, struct sk_buff *skb, u16 ihs) int cpy1_sz = 2 * ETH_ALEN; int cpy2_sz = ihs - cpy1_sz; - memcpy(vhdr, skb->data, cpy1_sz); + memcpy(&vhdr->addrs, skb->data, cpy1_sz); vhdr->h_vlan_proto = skb->vlan_proto; vhdr->h_vlan_TCI = cpu_to_be16(skb_vlan_tag_get(skb)); memcpy(&vhdr->h_vlan_encapsulated_proto, skb->data + cpy1_sz, cpy2_sz); diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h index 8420fe504927..2be4dd7e90a9 100644 --- a/include/linux/if_vlan.h +++ b/include/linux/if_vlan.h @@ -46,8 +46,10 @@ struct vlan_hdr { * @h_vlan_encapsulated_proto: packet type ID or len */ struct vlan_ethhdr { - unsigned char h_dest[ETH_ALEN]; - unsigned char h_source[ETH_ALEN]; + struct_group(addrs, + unsigned char h_dest[ETH_ALEN]; + unsigned char h_source[ETH_ALEN]; + ); __be16 h_vlan_proto; __be16 h_vlan_TCI; __be16 h_vlan_encapsulated_proto;
In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memcpy(), memmove(), and memset(), avoid intentionally writing across neighboring fields. Use struct_group() in struct vlan_ethhdr around members h_dest and h_source, so they can be referenced together. This will allow memcpy() and sizeof() to more easily reason about sizes, improve readability, and avoid future warnings about writing beyond the end of h_dest. "pahole" shows no size nor member offset changes to struct vlan_ethhdr. "objdump -d" shows no object code changes. Cc: Saeed Mahameed <saeedm@nvidia.com> Cc: Leon Romanovsky <leon@kernel.org> Cc: "David S. Miller" <davem@davemloft.net> Cc: Jakub Kicinski <kuba@kernel.org> Cc: netdev@vger.kernel.org Cc: linux-rdma@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> --- Since this results in no binary differences, I will carry this in my tree unless someone else wants to pick it up. It's one of the last remaining clean-ups needed for the next step in memcpy() hardening. --- drivers/net/ethernet/mellanox/mlx5/core/en_tx.c | 2 +- include/linux/if_vlan.h | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-)