From nobody Sun Nov 24 15:08:12 2024 Received: from out-170.mta1.migadu.com (out-170.mta1.migadu.com [95.215.58.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 968A61D5CC2 for ; Mon, 4 Nov 2024 23:43:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730763797; cv=none; b=czviA7m8cJl7D+o9tl/CA23L8BYg1XEVDKZvAAaKCpEfJk8AUBWus3t2LYvipoHFjH4qwkujSv8WRJ81BYXTpYVgf2i8Sp8IXqWDv+a7vsZJPDOETW3oB4OAH6ksaMQvEsspyKcw2VdXPFUHxn4iyKNRtsJEsToHB46B4SSvuac= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730763797; c=relaxed/simple; bh=NTrgsxER1+7QIxrTxfrD4cJG/eY1xGd/3xVLkEsiYsk=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=dtcVkpqGzqp8C/n03jw7UfSz7EeDH5aFH3U58Q3dJactYhlfgI+WUfEegCEcyxDoZZ3/C6qzvFkFq8vT6uwh6m0SPLlgRUKKI/4QXx6805r9oFUotI9lNz5dud7ceduG0tVF9IJlXwHStZypzg/YbhWNTuKnZp/CiJbzdTh4jJg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=a5P5+jZv; arc=none smtp.client-ip=95.215.58.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="a5P5+jZv" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1730763793; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=WupKgLk/g34nk7lN15EZ9LyedA501TFFTjkXVizzcRg=; b=a5P5+jZvnyU48j6Ljz71yQn+KJB3NZfwIUkHGy2kDvytoxVm8zYJjHOJRoZ9/EXn0JDaSt AoK7fEfbpIUaS8tMaSkO2DBpQsVCJ9vpuJ4oYe88XYcp445bRT4TU0gZocWeEqHtYToB/x E5ZAostBI7ZH+h6SK3NWRlHIms0dtOA= From: Thorsten Blum To: "Theodore Ts'o" , Andreas Dilger , Kees Cook , "Gustavo A. R. Silva" Cc: Thorsten Blum , Jan Kara , linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [RESEND PATCH] ext4: Annotate struct fname with __counted_by() Date: Tue, 5 Nov 2024 00:42:14 +0100 Message-ID: <20241104234214.8094-2-thorsten.blum@linux.dev> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Migadu-Flow: FLOW_OUT Content-Type: text/plain; charset="utf-8" Add the __counted_by compiler attribute to the flexible array member name to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Inline and use struct_size() to calculate the number of bytes to allocate for new_fn and remove the local variable len. Reviewed-by: Jan Kara Signed-off-by: Thorsten Blum --- fs/ext4/dir.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c index ef6a3c8f3a9a..02d47a64e8d1 100644 --- a/fs/ext4/dir.c +++ b/fs/ext4/dir.c @@ -418,7 +418,7 @@ struct fname { __u32 inode; __u8 name_len; __u8 file_type; - char name[]; + char name[] __counted_by(name_len); }; =20 /* @@ -471,14 +471,13 @@ int ext4_htree_store_dirent(struct file *dir_file, __= u32 hash, struct rb_node **p, *parent =3D NULL; struct fname *fname, *new_fn; struct dir_private_info *info; - int len; =20 info =3D dir_file->private_data; p =3D &info->root.rb_node; =20 /* Create and allocate the fname structure */ - len =3D sizeof(struct fname) + ent_name->len + 1; - new_fn =3D kzalloc(len, GFP_KERNEL); + new_fn =3D kzalloc(struct_size(new_fn, name, ent_name->len + 1), + GFP_KERNEL); if (!new_fn) return -ENOMEM; new_fn->hash =3D hash; --=20 2.47.0