On Fri, Feb 16, 2024 at 7:04 PM Gustavo A. R. Silva <[email protected]> wrote: > > > > On 2/16/24 17:27, Kees Cook wrote: > > Prepare for the coming implementation by GCC and Clang of the __counted_by > > attribute. Flexible array members annotated with __counted_by can have > > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > > functions). > > > > As found with Coccinelle[1], add __counted_by for struct tc_pedit. > > Additionally, since the element count member must be set before accessing > > the annotated flexible array member, move its initialization earlier. > > > > Link: > > https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci > > [1] > > Signed-off-by: Kees Cook <[email protected]> > > --- > > Cc: Jakub Kicinski <[email protected]> > > Cc: Jamal Hadi Salim <[email protected]> > > Cc: Cong Wang <[email protected]> > > Cc: Jiri Pirko <[email protected]> > > Cc: "David S. Miller" <[email protected]> > > Cc: Eric Dumazet <[email protected]> > > Cc: Paolo Abeni <[email protected]> > > Cc: "Gustavo A. R. Silva" <[email protected]> > > Cc: [email protected] > > Cc: [email protected] > > `opt->nkeys` updated before `memcpy()`, looks good to me: > > Reviewed-by: Gustavo A. R. Silva <[email protected]>
Looks good to me. Acked-by: Jamal Hadi Salim <[email protected]> cheers, jamal > Thanks! > -- > Gustavo > > > --- > > include/uapi/linux/tc_act/tc_pedit.h | 2 +- > > net/sched/act_pedit.c | 2 +- > > 2 files changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/include/uapi/linux/tc_act/tc_pedit.h > > b/include/uapi/linux/tc_act/tc_pedit.h > > index f3e61b04fa01..f5cab7fc96ab 100644 > > --- a/include/uapi/linux/tc_act/tc_pedit.h > > +++ b/include/uapi/linux/tc_act/tc_pedit.h > > @@ -62,7 +62,7 @@ struct tc_pedit_sel { > > tc_gen; > > unsigned char nkeys; > > unsigned char flags; > > - struct tc_pedit_key keys[0]; > > + struct tc_pedit_key keys[] __counted_by(nkeys); > > }; > > > > #define tc_pedit tc_pedit_sel > > diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c > > index 2ef22969f274..21e863d2898c 100644 > > --- a/net/sched/act_pedit.c > > +++ b/net/sched/act_pedit.c > > @@ -515,11 +515,11 @@ static int tcf_pedit_dump(struct sk_buff *skb, struct > > tc_action *a, > > spin_unlock_bh(&p->tcf_lock); > > return -ENOBUFS; > > } > > + opt->nkeys = parms->tcfp_nkeys; > > > > memcpy(opt->keys, parms->tcfp_keys, > > flex_array_size(opt, keys, parms->tcfp_nkeys)); > > opt->index = p->tcf_index; > > - opt->nkeys = parms->tcfp_nkeys; > > opt->flags = parms->tcfp_flags; > > opt->action = p->tcf_action; > > opt->refcnt = refcount_read(&p->tcf_refcnt) - ref;
