1. Patchew
  2. linux
  3. View series

[PATCH RESEND] crypto: af_alg - Annotate struct af_alg_iv with __counted_by

Thorsten Blum posted 1 patch 1 month ago 
include/uapi/linux/if_alg.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH RESEND] crypto: af_alg - Annotate struct af_alg_iv with __counted_by
Posted by Thorsten Blum 1 month ago 
Add the __counted_by() compiler attribute to the flexible array member
'iv' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.

Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 include/uapi/linux/if_alg.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/uapi/linux/if_alg.h b/include/uapi/linux/if_alg.h
index b35871cbeed7..4f51e198ac2e 100644
--- a/include/uapi/linux/if_alg.h
+++ b/include/uapi/linux/if_alg.h
@@ -42,7 +42,7 @@ struct sockaddr_alg_new {
 
 struct af_alg_iv {
 	__u32	ivlen;
-	__u8	iv[];
+	__u8	iv[] __counted_by(ivlen);
 };
 
 /* Socket options */
-- 
Thorsten Blum <thorsten.blum@linux.dev>
GPG: 1D60 735E 8AEF 3BE4 73B6  9D84 7336 78FD 8DFE EAD4
Re: [PATCH RESEND] crypto: af_alg - Annotate struct af_alg_iv with __counted_by
Posted by Kees Cook 3 weeks, 4 days ago 
On Mon, 05 Jan 2026 13:24:03 +0100, Thorsten Blum wrote:
> Add the __counted_by() compiler attribute to the flexible array member
> 'iv' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
> CONFIG_FORTIFY_SOURCE.
> 
> 

Applied to for-next/hardening, thanks!

[1/1] crypto: af_alg - Annotate struct af_alg_iv with __counted_by
      https://git.kernel.org/kees/c/98569017111e

Take care,

-- 
Kees Cook

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.