Re: [linux-yocto] [linux-yocto v6.5 1/1] neighbour: Fix __randomize_layout crash in struct neighbour

2024-03-12 Thread Bruce Ashfield 
merged.

I'm not updating the 6.5 SRCREVs very often now, so
if you need this sooner rather than later, I'd suggest
bumping your SRCREVs locally.

Bruce

In message: [linux-yocto v6.5 1/1] neighbour: Fix __randomize_layout crash in 
struct neighbour
on 12/03/2024 Jon Mason wrote:

> From: "Gustavo A. R. Silva" 
> 
> Previously, one-element and zero-length arrays were treated as true
> flexible arrays, even though they are actually "fake" flex arrays.
> The __randomize_layout would leave them untouched at the end of the
> struct, similarly to proper C99 flex-array members.
> 
> However, this approach changed with commit 1ee60356c2dc ("gcc-plugins:
> randstruct: Only warn about true flexible arrays"). Now, only C99
> flexible-array members will remain untouched at the end of the struct,
> while one-element and zero-length arrays will be subject to randomization.
> 
> Fix a `__randomize_layout` crash in `struct neighbour` by transforming
> zero-length array `primary_key` into a proper C99 flexible-array member.
> 
> Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible 
> arrays")
> Closes: 
> https://lore.kernel.org/linux-hardening/20231124102458.gb1503...@e124191.cambridge.arm.com/
> Signed-off-by: Gustavo A. R. Silva 
> Reviewed-by: Kees Cook 
> Tested-by: Joey Gouly 
> Link: https://lore.kernel.org/r/ZWJoRsJGnCPdJ3+2@work
> Signed-off-by: Paolo Abeni 
> ---
>  include/net/neighbour.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/include/net/neighbour.h b/include/net/neighbour.h
> index 07022bb0d44d..0d28172193fa 100644
> --- a/include/net/neighbour.h
> +++ b/include/net/neighbour.h
> @@ -162,7 +162,7 @@ struct neighbour {
>   struct rcu_head rcu;
>   struct net_device   *dev;
>   netdevice_tracker   dev_tracker;
> - u8  primary_key[0];
> + u8  primary_key[];
>  } __randomize_layout;
>  
>  struct neigh_ops {
> -- 
> 2.30.2
> 

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#13676): 
https://lists.yoctoproject.org/g/linux-yocto/message/13676
Mute This Topic: https://lists.yoctoproject.org/mt/104893318/21656
Group Owner: linux-yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[linux-yocto] [linux-yocto v6.5 1/1] neighbour: Fix __randomize_layout crash in struct neighbour

2024-03-12 Thread Jon Mason 
From: "Gustavo A. R. Silva" 

Previously, one-element and zero-length arrays were treated as true
flexible arrays, even though they are actually "fake" flex arrays.
The __randomize_layout would leave them untouched at the end of the
struct, similarly to proper C99 flex-array members.

However, this approach changed with commit 1ee60356c2dc ("gcc-plugins:
randstruct: Only warn about true flexible arrays"). Now, only C99
flexible-array members will remain untouched at the end of the struct,
while one-element and zero-length arrays will be subject to randomization.

Fix a `__randomize_layout` crash in `struct neighbour` by transforming
zero-length array `primary_key` into a proper C99 flexible-array member.

Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible 
arrays")
Closes: 
https://lore.kernel.org/linux-hardening/20231124102458.gb1503...@e124191.cambridge.arm.com/
Signed-off-by: Gustavo A. R. Silva 
Reviewed-by: Kees Cook 
Tested-by: Joey Gouly 
Link: https://lore.kernel.org/r/ZWJoRsJGnCPdJ3+2@work
Signed-off-by: Paolo Abeni 
---
 include/net/neighbour.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/net/neighbour.h b/include/net/neighbour.h
index 07022bb0d44d..0d28172193fa 100644
--- a/include/net/neighbour.h
+++ b/include/net/neighbour.h
@@ -162,7 +162,7 @@ struct neighbour {
struct rcu_head rcu;
struct net_device   *dev;
netdevice_tracker   dev_tracker;
-   u8  primary_key[0];
+   u8  primary_key[];
 } __randomize_layout;
 
 struct neigh_ops {
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#13672): 
https://lists.yoctoproject.org/g/linux-yocto/message/13672
Mute This Topic: https://lists.yoctoproject.org/mt/104893318/21656
Group Owner: linux-yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-