rnel.org/linux-hardening/ZrDwoVKH8d6TdVxn@cute/
Reviewed-by: Simon Horman
;
> Signed-off-by: Kees Cook
Reviewed-by: Simon Horman
On Thu, Sep 12, 2024 at 01:47:22PM -0700, Justin Stitt wrote:
> On Thu, Sep 12, 2024 at 1:43 PM Justin Stitt wrote:
> >
> > Hi,
> >
> > On Tue, Sep 10, 2024 at 2:37 AM Simon Horman wrote:
> > >
> > > On Mon, Sep 09, 2024 at 04:39:28PM -0700, Justin
On Mon, Sep 09, 2024 at 04:39:28PM -0700, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings [1] and
> as such we should prefer more robust and less ambiguous string interfaces.
>
> Towards the goal of [2], replace strncpy() with an alternative that
> guara
structure
> [-Wflex-array-member-not-at-end]
>
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
cture, they are always included within this tagged struct.
>
> So, we use `static_assert()` to ensure that the memory layout for
> both the flexible structure and the tagged struct is the same after
> any changes.
>
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
ure
> [-Wflex-array-member-not-at-end]
> drivers/net/wireless/virtual/mac80211_hwsim.c:767:42: warning: structure
> containing a flexible array member is not at the end of another structure
> [-Wflex-array-member-not-at-end]
>
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
45:27: warning:
> structure containing a flexible array member is not at the end of another
> structure [-Wflex-array-member-not-at-end]
>
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
On Wed, Aug 07, 2024 at 05:26:02PM +0100, Simon Horman wrote:
> On Mon, Aug 05, 2024 at 09:38:08AM -0600, Gustavo A. R. Silva wrote:
> > -Wflex-array-member-not-at-end was introduced in GCC-14, and we are
> > getting ready to enable it, globally.
> >
> > Move the con
ember-not-at-end]
>
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
; Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
itly target the patch against net-next.
Subject: [PATCH net-next v2] tcp: ...
That notwithstanding, this looks good to me.
Reviewed-by: Simon Horman
...
On Wed, Jul 10, 2024 at 04:30:28AM -0700, Breno Leitao wrote:
> From: Alexander Lobakin
>
> In fact, this structure contains a flexible array at the end, but
> historically its size, alignment etc., is calculated manually.
> There are several instances of the structure embedded into other
> struc
On Tue, Jul 09, 2024 at 01:19:44PM -0700, Breno Leitao wrote:
> On Tue, Jul 09, 2024 at 07:11:28PM +0100, Simon Horman wrote:
> > On Tue, Jul 09, 2024 at 05:54:25AM -0700, Breno Leitao wrote:
> > > From: Alexander Lobakin
> > >
> > > In fact, this structure
On Tue, Jul 09, 2024 at 05:54:25AM -0700, Breno Leitao wrote:
> From: Alexander Lobakin
>
> In fact, this structure contains a flexible array at the end, but
> historically its size, alignment etc., is calculated manually.
> There are several instances of the structure embedded into other
> struc
+ Kees Cook, linux-hardening
On Tue, Jun 25, 2024 at 08:01:56PM +0100, David Woodhouse wrote:
> From: David Woodhouse
>
> The vmclock "device" provides a shared memory region with precision clock
> information. By using shared memory, it is safe across Live Migration.
>
> Like the KVM PTP clock
On Wed, Jun 05, 2024 at 01:39:06AM -0700, Shradha Gupta wrote:
> On Tue, Jun 04, 2024 at 10:33:49AM +0100, Simon Horman wrote:
> > On Fri, May 31, 2024 at 08:37:41AM -0700, Shradha Gupta wrote:
> > > Allow variable size indirection table allocation in MANA instead
> > >
On Tue, Jun 04, 2024 at 05:49:20PM -0700, Kees Cook wrote:
> On Tue, Jun 04, 2024 at 04:13:32PM -0600, Tycho Andersen wrote:
> > On Tue, Jun 04, 2024 at 04:02:28PM +0100, Simon Horman wrote:
> > > On Fri, May 31, 2024 at 12:14:56PM -0700, Kees Cook wrote:
> > >
On Fri, May 31, 2024 at 12:14:56PM -0700, Kees Cook wrote:
...
> diff --git a/mm/slab_common.c b/mm/slab_common.c
> index b5c879fa66bc..f42a98d368a9 100644
> --- a/mm/slab_common.c
> +++ b/mm/slab_common.c
> @@ -392,6 +392,82 @@ kmem_cache_create(const char *name, unsigned int size,
> unsigned i
On Fri, May 31, 2024 at 08:37:41AM -0700, Shradha Gupta wrote:
> Allow variable size indirection table allocation in MANA instead
> of using a constant value MANA_INDIRECT_TABLE_SIZE.
> The size is now derived from the MANA_QUERY_VPORT_CONFIG and the
> indirection table is allocated dynamically.
>
On Thu, May 23, 2024 at 11:35:37AM +0200, Johannes Berg wrote:
> On Fri, 2024-05-17 at 21:45 +0100, Simon Horman wrote:
> >
> > FWWIW, it seems unfortunate to me that the __counted_by field (n_channels)
> > is set some distance away from the allocation of the flex-array
FWWIW, it seems unfortunate to me that the __counted_by field (n_channels)
is set some distance away from the allocation of the flex-array (channels)
whose bounds it checks. It seems it would be pretty easy for a bug in the
code being updated here to result in an overrun.
But in any case, I think this is an improvement and seems correct to me.
Reviewed-by: Simon Horman
ccinelle, and audited and
> modified manually.
>
> Link:
> https://www.kernel.org/doc/html/next/process/deprecated.html#zero-length-and-one-element-arrays
> [1]
> Link:
> https://www.kernel.org/doc/html/next/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments
> [2]
> Signed-off-by: Erick Archer
Reviewed-by: Simon Horman
e_gstrings_adminq_stats' too small (32 vs 512)
Compile tested only.
Reviewed-by: Shailend Chand
Reviewed-by: Larysa Zaremba
Signed-off-by: Simon Horman
---
drivers/net/ethernet/google/gve/gve_ethtool.c | 42 +++
1 file changed, 17 insertions(+), 25 deletions(-)
d
Although it does not seem to have any untoward side-effects,
the use of ';' to separate to assignments seems more appropriate than ','.
Flagged by clang-18 -Wcomma
No functional change intended.
Compile tested only.
Reviewed-by: Shailend Chand
Reviewed-by: Larysa Zaremba
!
- Rebased
- Link to v1:
https://lore.kernel.org/r/20240503-gve-comma-v1-0-b50f96569...@kernel.org
---
Simon Horman (2):
gve: Avoid unnecessary use of comma operator
gve: Use ethtool_sprintf/puts() to fill stats strings
drivers/net/ethernet/google/gve/gve_adminq.c | 4 +--
drivers
On Tue, May 07, 2024 at 03:28:46PM -0700, Jakub Kicinski wrote:
> On Fri, 03 May 2024 21:31:25 +0100 Simon Horman wrote:
> > This short patchset provides two minor cleanups for the gve driver.
> >
> > These were found by tooling as mentioned in each patch,
> >
e_gstrings_adminq_stats' too small (32 vs 512)
Compile tested only.
Signed-off-by: Simon Horman
---
drivers/net/ethernet/google/gve/gve_ethtool.c | 42 +++
1 file changed, 17 insertions(+), 25 deletions(-)
diff --git a/drivers/net/ethernet/google/gve/gve_etht
Although it does not seem to have any untoward side-effects,
the use of ';' to separate to assignments seems more appropriate than ','.
Flagged by clang-18 -Wcomma
No functional change intended.
Compile tested only.
Signed-off-by: Simon Horman
---
drivers/net/ethernet/goo
Hi,
This short patchset provides two minor cleanups for the gve driver.
These were found by tooling as mentioned in each patch,
and otherwise by inspection.
No change in run time behaviour is intended.
Each patch is compile tested only.
---
Simon Horman (2):
gve: Avoid unnecessary use of
On Mon, Mar 18, 2024 at 02:03:54PM +0100, Alexander Lobakin wrote:
> Both virtchnl2.h and its consumer idpf_virtchnl.c are very error-prone.
> There are 10 structures with flexible arrays at the end, but 9 of them
> has flex member counter in Little Endian.
> Make the code a bit more robust by appl
On Sat, Mar 09, 2024 at 12:32:45PM -0800, Kees Cook wrote:
> On Fri, Mar 08, 2024 at 08:20:18PM +0000, Simon Horman wrote:
> > On Wed, Mar 06, 2024 at 03:51:36PM -0800, Kees Cook wrote:
> > > The norm should be flexible array structures with __counted_by
> > > annot
On Wed, Mar 06, 2024 at 03:51:36PM -0800, Kees Cook wrote:
> The norm should be flexible array structures with __counted_by
> annotations, so DEFINE_FLEX() is updated to expect that. Rename
> the non-annotated version to DEFINE_RAW_FLEX(), and update the
> few existing users.
>
> Signed-off-by: Ke
rnel.org
> v3: fix inet_reqsk_clone() comment
> v2: https://lore.kernel.org/lkml/20240216232220.it.450-k...@kernel.org
> v1: https://lore.kernel.org/lkml/20240216204423.work.066-k...@kernel.org
Reviewed-by: Simon Horman
> 0-sized destinations in memcpy(), an exception must be made for the one
> place where it is still a destination. Since memcpy() was already
> skipping checks for 0-sized destinations, using unsafe_memcpy() is no
> change in behavior.
>
> Signed-off-by: Kees Cook
Reviewed-by: Simon Horman
On Sat, Feb 17, 2024 at 11:24:07AM +0100, Christophe Leroy wrote:
> arch_protect_bpf_trampoline() and alloc_new_pack() call
> set_memory_rox() which can fail, leading to unprotected memory.
>
> Take into account return from set_memory_XX() functions and add
> __must_check flag to arch_protect_bpf_
t;
> Cc: Eric Dumazet
> Cc: Jakub Kicinski
> Cc: Paolo Abeni
> Cc: Gustavo A. R. Silva
> Cc: net...@vger.kernel.org
> Signed-off-by: Kees Cook
Reviewed-by: Simon Horman
Tested-by: Simon Horman # build-tested
...
w_table.h
> > @@ -48,7 +48,7 @@ struct mask_array {
> > int count, max;
> > struct mask_array_stats __percpu *masks_usage_stats;
> > u64 *masks_usage_zero_cntr;
> > - struct sw_flow_mask __rcu *masks[];
> > + struct sw_flow_mask __rcu *masks[] __counted_by(max);
> > };
>
> Yup, this looks correct to me. Thanks!
>
> Reviewed-by: Kees Cook
>
Likewise, I agree this is correct.
Reviewed-by: Simon Horman
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt
> ---
> Note: build-tested only.
>
> Found with: $ rg "strncpy\("
I agree that this is functionally equivalent.
Reviewed-by: Simon Horman
a
> one-element array, and started to be used as a Variable Length Object
> (VLO) at run-time.
>
> Fixes: f5823fe6897c ("qed: Add ll2 option to limit the number of bds per
> packet")
> Cc: sta...@vger.kernel.org
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Simon Horman
40 matches
Mail list logo
