| Message ID | 20230922175424.work.863-kees@kernel.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 3a133a4e44554bb7af114f231db2f30f447417cc |
| Headers | show |
| Series | media: i2c: Annotate struct i2c_atr with __counted_by | expand |
On Fri, Sep 22, 2023 at 10:54:25AM -0700, Kees Cook wrote: > Prepare for the coming implementation by GCC and Clang of the __counted_by > attribute. Flexible array members annotated with __counted_by can have > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > functions). > > As found with Coccinelle[1], add __counted_by for struct i2c_atr. > > [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > Cc: Wolfram Sang <wsa@kernel.org> > Cc: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com> > Cc: Luca Ceresoli <luca.ceresoli@bootlin.com> > Cc: Nathan Chancellor <nathan@kernel.org> > Cc: Nick Desaulniers <ndesaulniers@google.com> > Cc: Tom Rix <trix@redhat.com> > Cc: linux-i2c@vger.kernel.org > Cc: llvm@lists.linux.dev > Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Thanks -- Gustavo > --- > drivers/i2c/i2c-atr.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/i2c/i2c-atr.c b/drivers/i2c/i2c-atr.c > index 8ca1daadec93..f21475ae5921 100644 > --- a/drivers/i2c/i2c-atr.c > +++ b/drivers/i2c/i2c-atr.c > @@ -94,7 +94,7 @@ struct i2c_atr { > > struct notifier_block i2c_nb; > > - struct i2c_adapter *adapter[]; > + struct i2c_adapter *adapter[] __counted_by(max_adapters); > }; > > static struct i2c_atr_alias_pair * > -- > 2.34.1 > >
On Fri, Sep 22, 2023 at 10:54:25AM -0700, Kees Cook wrote: > Prepare for the coming implementation by GCC and Clang of the __counted_by > attribute. Flexible array members annotated with __counted_by can have > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > functions). > > As found with Coccinelle[1], add __counted_by for struct i2c_atr. > > [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > Cc: Wolfram Sang <wsa@kernel.org> > Cc: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com> > Cc: Luca Ceresoli <luca.ceresoli@bootlin.com> > Cc: Nathan Chancellor <nathan@kernel.org> > Cc: Nick Desaulniers <ndesaulniers@google.com> > Cc: Tom Rix <trix@redhat.com> > Cc: linux-i2c@vger.kernel.org > Cc: llvm@lists.linux.dev > Signed-off-by: Kees Cook <keescook@chromium.org> Removed "media: " from $subject and applied to for-next, thanks!
diff --git a/drivers/i2c/i2c-atr.c b/drivers/i2c/i2c-atr.c index 8ca1daadec93..f21475ae5921 100644 --- a/drivers/i2c/i2c-atr.c +++ b/drivers/i2c/i2c-atr.c @@ -94,7 +94,7 @@ struct i2c_atr { struct notifier_block i2c_nb; - struct i2c_adapter *adapter[]; + struct i2c_adapter *adapter[] __counted_by(max_adapters); }; static struct i2c_atr_alias_pair *
Prepare for the coming implementation by GCC and Clang of the __counted_by attribute. Flexible array members annotated with __counted_by can have their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family functions). As found with Coccinelle[1], add __counted_by for struct i2c_atr. [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci Cc: Wolfram Sang <wsa@kernel.org> Cc: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com> Cc: Luca Ceresoli <luca.ceresoli@bootlin.com> Cc: Nathan Chancellor <nathan@kernel.org> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Tom Rix <trix@redhat.com> Cc: linux-i2c@vger.kernel.org Cc: llvm@lists.linux.dev Signed-off-by: Kees Cook <keescook@chromium.org> --- drivers/i2c/i2c-atr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)