On Mon, Aug 05, 2024 at 07:52:38PM +0200, Thorsten Blum wrote: > Add the __counted_by compiler attribute to the flexible array member > salt to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > CONFIG_FORTIFY_SOURCE. > > Use struct_size_t() instead of manually calculating the struct's size. > > Signed-off-by: Thorsten Blum <[email protected]> > --- > crypto/chacha20poly1305.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/crypto/chacha20poly1305.c b/crypto/chacha20poly1305.c > index 9e4651330852..b37f59a8280a 100644 > --- a/crypto/chacha20poly1305.c > +++ b/crypto/chacha20poly1305.c > @@ -27,7 +27,7 @@ struct chachapoly_ctx { > struct crypto_ahash *poly; > /* key bytes we use for the ChaCha20 IV */ > unsigned int saltlen; > - u8 salt[]; > + u8 salt[] __counted_by(saltlen); > };
AFAICT, all the allocations of struct chachapoly_ctx set "saltlen" before using "salt". Reviewed-by: Kees Cook <[email protected]> > > struct poly_req { > @@ -611,8 +611,8 @@ static int chachapoly_create(struct crypto_template > *tmpl, struct rtattr **tb, > poly->base.cra_priority) / 2; > inst->alg.base.cra_blocksize = 1; > inst->alg.base.cra_alignmask = chacha->base.cra_alignmask; > - inst->alg.base.cra_ctxsize = sizeof(struct chachapoly_ctx) + > - ctx->saltlen; > + inst->alg.base.cra_ctxsize = struct_size_t(struct chachapoly_ctx, salt, > + ctx->saltlen); > inst->alg.ivsize = ivsize; > inst->alg.chunksize = chacha->chunksize; > inst->alg.maxauthsize = POLY1305_DIGEST_SIZE; My instinct is to use struct_size_t() as little as possible (compared to normal struct_size), since I prefer to use it where a thing is being allocated. (In this case, it's "far away".) So given Eric already thinks this part should be dropped, I would agree: leave this as is. -- Kees Cook
