On Fri, 22 Sep 2023 23:24:08 +0530, Kees Cook wrote:
> Prepare for the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
> functions).
>
> As found with Coccinelle[1], add __counted_by for struct watch_filter.
>
> [1]
> https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci
>
> Cc: David Howells <dhowe...@redhat.com>
> Cc: Randy Dunlap <rdun...@infradead.org>
> Cc: Al Viro <v...@zeniv.linux.org.uk>
> Cc: Christian Brauner <brau...@kernel.org>
> Cc: Jonathan Corbet <cor...@lwn.net>
> Cc: Siddh Raman Pant <c...@siddh.me>
> Cc: Mauro Carvalho Chehab <mche...@kernel.org>
> Cc: Qian Cai <c...@redhat.com>
> Signed-off-by: Kees Cook <keesc...@chromium.org>
Tested with keyutils testsuite.
Tested-by: Siddh Raman Pant <c...@siddh.me>
Thanks,
Siddh
> ---
> include/linux/watch_queue.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/linux/watch_queue.h b/include/linux/watch_queue.h
> index 45cd42f55d49..429c7b6afead 100644
> --- a/include/linux/watch_queue.h
> +++ b/include/linux/watch_queue.h
> @@ -32,7 +32,7 @@ struct watch_filter {
> DECLARE_BITMAP(type_filter, WATCH_TYPE__NR);
> };
> u32 nr_filters; /* Number of filters */
> - struct watch_type_filter filters[];
> + struct watch_type_filter filters[] __counted_by(nr_filters);
> };
>
> struct watch_queue {
> --
> 2.34.1
