| Message ID | 20230915201404.never.574-kees@kernel.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | d1d3fcb324eceee7c4bf34b0ac89942ee16e3b74 |
| Headers | show |
| Series | udf: Annotate struct udf_bitmap with __counted_by | expand |
On 9/15/23 14:14, Kees Cook wrote: > Prepare for the coming implementation by GCC and Clang of the __counted_by > attribute. Flexible array members annotated with __counted_by can have > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > functions). > > As found with Coccinelle[1], add __counted_by for struct udf_bitmap. > > [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > Cc: Jan Kara <jack@suse.com> > Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Thanks
On Fri 15-09-23 14:50:14, Gustavo A. R. Silva wrote: > > > On 9/15/23 14:14, Kees Cook wrote: > > Prepare for the coming implementation by GCC and Clang of the __counted_by > > attribute. Flexible array members annotated with __counted_by can have > > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > > functions). > > > > As found with Coccinelle[1], add __counted_by for struct udf_bitmap. > > > > [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > > > Cc: Jan Kara <jack@suse.com> > > Signed-off-by: Kees Cook <keescook@chromium.org> > > Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Thanks. I've queued the patch to my tree. Honza
diff --git a/fs/udf/udf_sb.h b/fs/udf/udf_sb.h index 9af6ff7f9747..f9a60bc1abcf 100644 --- a/fs/udf/udf_sb.h +++ b/fs/udf/udf_sb.h @@ -86,7 +86,7 @@ struct udf_virtual_data { struct udf_bitmap { __u32 s_extPosition; int s_nr_groups; - struct buffer_head *s_block_bitmap[]; + struct buffer_head *s_block_bitmap[] __counted_by(s_nr_groups); }; struct udf_part_map {
Prepare for the coming implementation by GCC and Clang of the __counted_by attribute. Flexible array members annotated with __counted_by can have their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family functions). As found with Coccinelle[1], add __counted_by for struct udf_bitmap. [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci Cc: Jan Kara <jack@suse.com> Signed-off-by: Kees Cook <keescook@chromium.org> --- fs/udf/udf_sb.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)