1. Patchew
  2. linux
  3. View series

[PATCH] crypto: zstd - Annotate struct zstd_ctx with __counted_by

Thorsten Blum posted 1 patch 1 month, 1 week ago 
crypto/zstd.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
[PATCH] crypto: zstd - Annotate struct zstd_ctx with __counted_by
Posted by Thorsten Blum 1 month, 1 week ago 
Add the __counted_by() compiler attribute to the flexible array member
'wksp' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.

Use struct_size(), which provides additional compile-time checks for
structures with flexible array members (e.g., __must_be_array()), for
the allocation size for a new 'zstd_ctx' while we're at it.

Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 crypto/zstd.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/crypto/zstd.c b/crypto/zstd.c
index ac318d333b68..ace7a82ea45a 100644
--- a/crypto/zstd.c
+++ b/crypto/zstd.c
@@ -10,6 +10,7 @@
 #include <linux/mm.h>
 #include <linux/module.h>
 #include <linux/net.h>
+#include <linux/overflow.h>
 #include <linux/vmalloc.h>
 #include <linux/zstd.h>
 #include <crypto/internal/acompress.h>
@@ -25,7 +26,7 @@ struct zstd_ctx {
 	zstd_dctx *dctx;
 	size_t wksp_size;
 	zstd_parameters params;
-	u8 wksp[] __aligned(8);
+	u8 wksp[] __aligned(8) __counted_by(wksp_size);
 };
 
 static DEFINE_MUTEX(zstd_stream_lock);
@@ -44,7 +45,7 @@ static void *zstd_alloc_stream(void)
 	if (!wksp_size)
 		return ERR_PTR(-EINVAL);
 
-	ctx = kvmalloc(sizeof(*ctx) + wksp_size, GFP_KERNEL);
+	ctx = kvmalloc(struct_size(ctx, wksp, wksp_size), GFP_KERNEL);
 	if (!ctx)
 		return ERR_PTR(-ENOMEM);
 
-- 
2.51.1
Re: [PATCH] crypto: zstd - Annotate struct zstd_ctx with __counted_by
Posted by Herbert Xu 1 month ago 
On Sat, Nov 08, 2025 at 01:07:40PM +0100, Thorsten Blum wrote:
> Add the __counted_by() compiler attribute to the flexible array member
> 'wksp' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
> CONFIG_FORTIFY_SOURCE.
> 
> Use struct_size(), which provides additional compile-time checks for
> structures with flexible array members (e.g., __must_be_array()), for
> the allocation size for a new 'zstd_ctx' while we're at it.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  crypto/zstd.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: zstd - Annotate struct zstd_ctx with __counted_by
Posted by David Sterba 1 month ago 
On Sat, Nov 08, 2025 at 01:07:40PM +0100, Thorsten Blum wrote:
> Add the __counted_by() compiler attribute to the flexible array member
> 'wksp' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
> CONFIG_FORTIFY_SOURCE.
> 
> Use struct_size(), which provides additional compile-time checks for
> structures with flexible array members (e.g., __must_be_array()), for
> the allocation size for a new 'zstd_ctx' while we're at it.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>

Reviewed-by: David Sterba <dsterba@suse.com>

As this is crypto/zstd.c there's no need to sync with upstream zstd code
so it can go via the crypto tree.

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.