Re: [PATCH] usb: gadget: f_fs: Annotate struct ffs_buffer with __counted_by

2023-09-15 Thread Gustavo A. R. Silva 




On 9/15/23 13:58, Kees Cook wrote:

Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).

As found with Coccinelle[1], add __counted_by for struct ffs_buffer.

[1] 
https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci

Cc: Greg Kroah-Hartman 
Cc: John Keeping 
Cc: Udipto Goswami 
Cc: Linyu Yuan 
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook 


Reviewed-by: Gustavo A. R. Silva 

Thanks
--
Gustavo


---
  drivers/usb/gadget/function/f_fs.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/usb/gadget/function/f_fs.c 
b/drivers/usb/gadget/function/f_fs.c
index 6e9ef35a43a7..af400d083777 100644
--- a/drivers/usb/gadget/function/f_fs.c
+++ b/drivers/usb/gadget/function/f_fs.c
@@ -202,7 +202,7 @@ struct ffs_epfile {
  struct ffs_buffer {
size_t length;
char *data;
-   char storage[];
+   char storage[] __counted_by(length);
  };
  
  /*  ffs_io_data structure ***/

[PATCH] usb: gadget: f_fs: Annotate struct ffs_buffer with __counted_by

2023-09-15 Thread Kees Cook 
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).

As found with Coccinelle[1], add __counted_by for struct ffs_buffer.

[1] 
https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci

Cc: Greg Kroah-Hartman 
Cc: John Keeping 
Cc: Udipto Goswami 
Cc: Linyu Yuan 
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook 
---
 drivers/usb/gadget/function/f_fs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/usb/gadget/function/f_fs.c 
b/drivers/usb/gadget/function/f_fs.c
index 6e9ef35a43a7..af400d083777 100644
--- a/drivers/usb/gadget/function/f_fs.c
+++ b/drivers/usb/gadget/function/f_fs.c
@@ -202,7 +202,7 @@ struct ffs_epfile {
 struct ffs_buffer {
size_t length;
char *data;
-   char storage[];
+   char storage[] __counted_by(length);
 };
 
 /*  ffs_io_data structure ***/
-- 
2.34.1