From patchwork Sun Jun 9 04:54:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vincent Mailhol X-Patchwork-Id: 13691154 Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0262FF4E7; Sun, 9 Jun 2024 04:54:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717908893; cv=none; b=N02WGQYdxGcZp2LlT/XWGa2d9GFqJfzzLLTWgsa3gkuOTsX4yrQl2+xu+hOhJe2oONKr/4lIx66AgBF36DZRrmv5auFBtI2K+QzrDW+NH+t8HSJwlhfVD+8h8qcXIJ89crHFGL/mJc1N+2qMNnHydpWG3O6b2Xd36smUGKVGrZg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717908893; c=relaxed/simple; bh=FInk916v2m7Zh7+cgwypSrU7ivM0kVr+jqvRdof8/CE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=TGoT9yEgXpDnh65RaODD7fPr1qDQARha7E2329VWhm0Qi/nnr03WnGB4oneNvPwnTM9sCPMLoIq+DfsCgzEgMFxPMeUoqyFxkpolnp31L+jvnHlcnu4rFNnaDsKUrZZsd9bgJ7SZDEoAbjbDyAfu8RBWWGRL7/xUrJqw6BEpVd8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=wanadoo.fr; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=QwU0YvI4; arc=none smtp.client-ip=209.85.210.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=wanadoo.fr Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="QwU0YvI4" Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-70435f4c330so146910b3a.1; Sat, 08 Jun 2024 21:54:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1717908891; x=1718513691; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=Uc81iOGnINBSW07LGFje5b0VrHCOBORcUMbmc9odnls=; b=QwU0YvI4nq7eZPLibDKdaDfcZeqkP0gpyQzvkAdEdg/fh1GKTRJqQjG1O5ruBb/q+x urEZAoreGdXqBvKX/jzyjhsY7jancQGL42YQiJYaijoM4eWJYCHIAy3XOOIqMmnRJnwP ACuVY5pG/E7osypHbdcCtBWS34DdNqTZKgdPrx9vESgsGIyLp0T3LvbvOXHgZUaOWQQS bNzKY4sAdkX+UrBWmS0xNaaVqFEZ0MTVI9DNSujI+7QpA0VW0ZTMw3U93PbeecQT94v0 aBv1wiNTtujW+w1wdTQg8bvtfTkkmj3uDXwN55bICbNXjy/hT4wKdkqefFTt2QYNBT+q yKLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717908891; x=1718513691; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Uc81iOGnINBSW07LGFje5b0VrHCOBORcUMbmc9odnls=; b=mz7Kkshyu7URqd8eGVEYPiXujH5Fpbqv8XYSR7SaeZh4//Z0/ADnhnheGYFTEX1W8u Ik3ztumRmi2OZTGN9JbaDPAmvV9qxgwc3TGVnA9g4tW9C5svT4OQHNUUBnL2qNFaDV+W KsrzBWnZ4KAHcKuPTr/wbYE59SX0XD6J6zQ0tB72oCl8Yy+2PXk9kh9jgoZrzxUAOEYk qUNXBn1GMh6FXsTT7bu+gEVYD2kl5+zfTW5gbhG4BHHcs2zF1UjkhcjwIqXgZ3bywq/a 4IgiAWYZ1Tltu9AF2q+xVlWFIvSv6dMYdlnUoJkJ/WK0vYpOIfph74YqbqTsXPeInPqy rJDw== X-Forwarded-Encrypted: i=1; AJvYcCUftTXBfAuon8tM9wTDi+w0hzyhQhl1UgcT/KNBKKP6CH7UHLZW2YEOdAUIST+mhRbv334c6GzNda6GUfFBSFN155ctYj+/NEE82GLiASERhO0KFMavFknYIzofWrNrkzlbxLw2UWhpqNDPtMYHeW7RR99MjmVryGRKaT+Rn9yQxeUa X-Gm-Message-State: AOJu0YxGVzsT1XIQZtYZe6yxICCRd/efkG887o7UJP/WpINUjMprQID3 WaYsoBzTItgNz+0MB+lfX+MvgA4ZvGrHedOJRhOzr6nBMM83utbl X-Google-Smtp-Source: AGHT+IH++yGmRIHsSRLOhbaqBfY4S5ssBnHrO5XjYlIacCU2GTuP5M1ap/QcAxYhZV1/HpMMjnSjEQ== X-Received: by 2002:a05:6a00:4b14:b0:702:2749:6097 with SMTP id d2e1a72fcca58-7040c615dbfmr5874482b3a.1.1717908891126; Sat, 08 Jun 2024 21:54:51 -0700 (PDT) Received: from XH22050090-L.ad.ts.tri-ad.global ([103.175.111.222]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7041ec6f9cesm2284887b3a.78.2024.06.08.21.54.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Jun 2024 21:54:50 -0700 (PDT) Sender: Vincent Mailhol From: Vincent Mailhol To: Marc Kleine-Budde , linux-can@vger.kernel.org Cc: Thomas Kopp , Manivannan Sadhasivam , "Gustavo A . R . Silva" , netdev@vger.kernel.org, linux-hardening@vger.kernel.org, Vincent Mailhol , Kees Cook Subject: [PATCH 1/2] can: peak_canfd: decorate pciefd_board.can with __counted_by() Date: Sun, 9 Jun 2024 13:54:18 +0900 Message-Id: <20240609045419.240265-2-mailhol.vincent@wanadoo.fr> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240609045419.240265-1-mailhol.vincent@wanadoo.fr> References: <20240609045419.240265-1-mailhol.vincent@wanadoo.fr> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 A new __counted_by() attribute was introduced in [1]. It makes the compiler's sanitizer aware of the actual size of a flexible array member, allowing for additional runtime checks. Move the end of line comments to the previous line to make room and apply the __counted_by() attribute to the can flexible array member of struct pciefd_board. [1] commit dd06e72e68bc ("Compiler Attributes: Add __counted_by macro") Link: https://git.kernel.org/torvalds/c/dd06e72e68bc CC: Kees Cook Signed-off-by: Vincent Mailhol --- drivers/net/can/peak_canfd/peak_pciefd_main.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/net/can/peak_canfd/peak_pciefd_main.c b/drivers/net/can/peak_canfd/peak_pciefd_main.c index 1df3c4b54f03..636102103a88 100644 --- a/drivers/net/can/peak_canfd/peak_pciefd_main.c +++ b/drivers/net/can/peak_canfd/peak_pciefd_main.c @@ -190,8 +190,10 @@ struct pciefd_board { void __iomem *reg_base; struct pci_dev *pci_dev; int can_count; - spinlock_t cmd_lock; /* 64-bits cmds must be atomic */ - struct pciefd_can *can[]; /* array of network devices */ + /* 64-bits cmds must be atomic */ + spinlock_t cmd_lock; + /* array of network devices */ + struct pciefd_can *can[] __counted_by(can_count); }; /* supported device ids. */ From patchwork Sun Jun 9 04:54:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vincent Mailhol X-Patchwork-Id: 13691155 Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 63B0217550; Sun, 9 Jun 2024 04:54:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717908896; cv=none; b=sTvhveZrxaYmTQ32gOKRzZL9yonjCjcJjgtsvqLwMVraFdmyGNSQAS+hO66T0gyP0Y1XjfbCREbq3fJwR4VpRv4ROxnjoRFluWuqI0PfN3B06lc5I99zdWCJRLEJMvSFJZIMX0xuLk29uHLjYZTH/kuuMyGOknXs2VqgZj0sDQI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717908896; c=relaxed/simple; bh=FL7qskUleGjn84uH7bH8rrNNveYI5wutZRKPDHnrOqI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=cvrgVEfhV92tyLJ3kWde8u4MWE06QSu9Td8mRshm1iaBbxgTcP516nBVrBqpddzEuFoJt1kE8unuVG83QCxsb0TTTJRJ5W8cYY+2gVP59WolhWkVm/W2inV+upSEBM1CBKCAFemyox2hKBcJ1v3WCE2kjj1IIIVfp/fjRC/VnhQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=wanadoo.fr; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=JlYDwFN3; arc=none smtp.client-ip=209.85.210.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=wanadoo.fr Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JlYDwFN3" Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-7043102dcc1so439006b3a.2; Sat, 08 Jun 2024 21:54:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1717908894; x=1718513694; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=8faibjiM68wwxkYicrR8R+K2WuFNuCQ7y9NKR8UlbTM=; b=JlYDwFN344oJPlMweZHpMlzb2rLJGr5I8XSnDKiU8MJFsj/ez8f1AwEhwOiTP5BcxK KZYRWBs3XxSBLhQB/TO/7Qi4Xf8gW58+9DNz+RI7kVCxCKpuFRjrz6X0rkoBGggUsB/5 FBKm7PrCeDx8wpnVN2YIOfF9XtYgSaX/DtbiwwfMfTQ0G1FoK6u1bEwOJnJ9f7ZIEs29 NvCPBK+mEmLzieJ1gJZXvSIUNtZ5AaMbyTrz529ppISltzP0lvKeTNVBgRJ4N0M0402Z 3JlsKt+MqjPZuJDCu7eJkCFW/k/BLkJZ736ilKvI6rWTl7PEhYh6rH5YSfkJrvKKwuoR csuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717908894; x=1718513694; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=8faibjiM68wwxkYicrR8R+K2WuFNuCQ7y9NKR8UlbTM=; b=c02+LbkC3SqKTuFQYzjV7+cngyBlI/wDzCLmGzdVB6MwX6VgAgOC1EYdOnfZ0sRdQ8 Ej8jDn2GWK7kB5mPhcCrjIkw8lG7EqYjfaUTm++WyPQzwSG/uXHD7juLddRzVoI6L1E8 SRZB4o5TPaCd/Ucy5Ca2QoXXdLI24p4GjXQpDppJz2aUJY57KbyS17TsF14DdKJVCus1 9cp9LLygO8e/cjkYb6A+nw3HPo3dndvNFSzm6Ch3J6Du2dpiRw9h3tDB4l4eo5FxtImt DiHrEbjkRX/Lp3KvmwtZBA12JJqAnWU3xLIH2rYioJhdrHB1IHdEsWjkBLNnX8pTewuy a6Ow== X-Forwarded-Encrypted: i=1; AJvYcCU1yr2MENU3gyF8xMRN9zZ2cELiYC3oL0ee0q1kiBhtrtK1fV5hlDXIDWBvWxT61stuGMxtNxcpfjmIZJwsjHgf8SkAVjqMkU/oyxIYeqFe5M7aKk+mUH5+qGEnCc4dhHPZFRTs/0swNUki8RuLtQn+7f8d3LKW8Kz26a0LlfUiB234 X-Gm-Message-State: AOJu0YwyJA1afoQWq9cUI/NQOetzWGSmLtYJNhu5eOvxrm001RgCBxaA S6HGOyCv7kxWaPCNGdmRP5Vmw/35B0vrlwEWSPl6eZDQoObmts6uJ9LT7A/N X-Google-Smtp-Source: AGHT+IH6/C30xPV/9LkE93afjQSqwWV/sSbcZXpwrAH0AVOlWZ3Ufo1XU+uY/2XCC4Q6/HjXXziMBA== X-Received: by 2002:a05:6a00:1acb:b0:702:36a0:a28f with SMTP id d2e1a72fcca58-7040c629198mr7985134b3a.4.1717908893593; Sat, 08 Jun 2024 21:54:53 -0700 (PDT) Received: from XH22050090-L.ad.ts.tri-ad.global ([103.175.111.222]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7041ec6f9cesm2284887b3a.78.2024.06.08.21.54.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Jun 2024 21:54:53 -0700 (PDT) Sender: Vincent Mailhol From: Vincent Mailhol To: Marc Kleine-Budde , linux-can@vger.kernel.org Cc: Thomas Kopp , Manivannan Sadhasivam , "Gustavo A . R . Silva" , netdev@vger.kernel.org, linux-hardening@vger.kernel.org, Vincent Mailhol , Kees Cook Subject: [PATCH 2/2] can: mcp251xfd: decorate mcp251xfd_rx_ring.obj with __counted_by() Date: Sun, 9 Jun 2024 13:54:19 +0900 Message-Id: <20240609045419.240265-3-mailhol.vincent@wanadoo.fr> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240609045419.240265-1-mailhol.vincent@wanadoo.fr> References: <20240609045419.240265-1-mailhol.vincent@wanadoo.fr> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 A new __counted_by() attribute was introduced in [1]. It makes the compiler's sanitizer aware of the actual size of a flexible array member, allowing for additional runtime checks. Apply the __counted_by() attribute to the obj flexible array member of struct mcp251xfd_rx_ring. Note that the mcp251xfd_rx_ring.obj member is polymorphic: it can be either of: * an array of struct mcp251xfd_hw_rx_obj_can * an array of struct mcp251xfd_hw_rx_obj_canfd The canfd type was chosen in the declaration by the original author to reflect the upper bound. We pursue the same logic here: the sanitizer will only see the accurate size of canfd frames. For classical can frames, it will see a size bigger than the reality, making the check incorrect but silent (false negative). [1] commit dd06e72e68bc ("Compiler Attributes: Add __counted_by macro") Link: https://git.kernel.org/torvalds/c/dd06e72e68bc CC: Kees Cook Signed-off-by: Vincent Mailhol --- drivers/net/can/spi/mcp251xfd/mcp251xfd.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/can/spi/mcp251xfd/mcp251xfd.h b/drivers/net/can/spi/mcp251xfd/mcp251xfd.h index 24510b3b8020..b7579fba9457 100644 --- a/drivers/net/can/spi/mcp251xfd/mcp251xfd.h +++ b/drivers/net/can/spi/mcp251xfd/mcp251xfd.h @@ -565,7 +565,7 @@ struct mcp251xfd_rx_ring { union mcp251xfd_write_reg_buf uinc_buf; union mcp251xfd_write_reg_buf uinc_irq_disable_buf; struct spi_transfer uinc_xfer[MCP251XFD_FIFO_DEPTH]; - struct mcp251xfd_hw_rx_obj_canfd obj[]; + struct mcp251xfd_hw_rx_obj_canfd obj[] __counted_by(obj_num); }; struct __packed mcp251xfd_map_buf_nocrc {