From patchwork Tue Oct 22 07:52:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thorsten Blum X-Patchwork-Id: 13845260 Received: from out-171.mta0.migadu.com (out-171.mta0.migadu.com [91.218.175.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 95022132120 for ; Tue, 22 Oct 2024 07:54:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729583642; cv=none; b=X4Uo24ICAIBtfFvBJQxCIRiycBegV0r0C2yMbTMcSAIiHKjBkUmrM70Lk0Xj5129jjaEra6ut1RZMiP7T7iKApxB7d2EDOI9jeZKFi1nUR/7RTH6OgW8s5zfoxBxvglUzkv4c2UQqB0/Ih/r3OLI/RYRKD9JfoqRwSHUgTHRzu8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729583642; c=relaxed/simple; bh=iIIvTHgFWcs4L02/4PWh5iLiyHx6s9FXGG4F2p+omkw=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=VC5Xj3H2BbrmcZj6h18Dsdrcrs38kMQZ02nwnJM5TZsk+M4N0UcLG3uQeUowAleIuDF6fthooR+9TgnAjtrB/jHJkeFZYuTOygARyCOkTjvfp9BWHAQJRSCuTW0N0nwgef3tokFiD/p+UWALcYqq+BRb1BXn7+1nn3jKPTv49HY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=sQMtidzE; arc=none smtp.client-ip=91.218.175.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="sQMtidzE" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1729583638; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=eN7/9lTFH3drC1NWRnwey0aE0NlX+JngFZv69nq9QD4=; b=sQMtidzEIgmJgfB4MOqXPEDgbF8UHLgWB4G8GKBRRafgQsNnE9DFDOoR/EmH5sgV4MHSxC mUpY9pJMvcXI1PxVTF6j3qnl3cT5T7SGgJH4ec8W+VrxdHvvJUiPQiECVntIGD0AUfa+Eg W84vVGkgTwPWsyd5qyHI6GFiKQJ9oF4= From: Thorsten Blum To: "Theodore Ts'o" , Andreas Dilger , Kees Cook , "Gustavo A. R. Silva" Cc: Thorsten Blum , Jan Kara , linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [RESEND PATCH] ext4: Annotate struct fname with __counted_by() Date: Tue, 22 Oct 2024 09:52:53 +0200 Message-ID: <20241022075252.34308-2-thorsten.blum@linux.dev> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT Add the __counted_by compiler attribute to the flexible array member name to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Inline and use struct_size() to calculate the number of bytes to allocate for new_fn and remove the local variable len. Signed-off-by: Thorsten Blum Reviewed-by: Jan Kara --- fs/ext4/dir.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c index ef6a3c8f3a9a..02d47a64e8d1 100644 --- a/fs/ext4/dir.c +++ b/fs/ext4/dir.c @@ -418,7 +418,7 @@ struct fname { __u32 inode; __u8 name_len; __u8 file_type; - char name[]; + char name[] __counted_by(name_len); }; /* @@ -471,14 +471,13 @@ int ext4_htree_store_dirent(struct file *dir_file, __u32 hash, struct rb_node **p, *parent = NULL; struct fname *fname, *new_fn; struct dir_private_info *info; - int len; info = dir_file->private_data; p = &info->root.rb_node; /* Create and allocate the fname structure */ - len = sizeof(struct fname) + ent_name->len + 1; - new_fn = kzalloc(len, GFP_KERNEL); + new_fn = kzalloc(struct_size(new_fn, name, ent_name->len + 1), + GFP_KERNEL); if (!new_fn) return -ENOMEM; new_fn->hash = hash;