Re: [PATCH] fs: Set file_handle::handle_bytes before referencing file_handle::f_handle

Linux-Hardening mirror
 help / color / mirror / Atom feed

From: Christian Brauner <brauner@kernel.org>
To: Jan Kara <jack@suse.cz>
Cc: Kees Cook <keescook@chromium.org>,
	 "Gustavo A. R. Silva" <gustavoars@kernel.org>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	 Chuck Lever <chuck.lever@oracle.com>,
	Jeff Layton <jlayton@kernel.org>,
	 Amir Goldstein <amir73il@gmail.com>,
	linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org,
	 linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fs: Set file_handle::handle_bytes before referencing file_handle::f_handle
Date: Fri, 5 Apr 2024 13:00:27 +0200	[thread overview]
Message-ID: <20240405-imponieren-scheppern-5e6b6842ccbf@brauner> (raw)
In-Reply-To: <20240404091900.woh6y2a52o7uo5vx@quack3>

On Thu, Apr 04, 2024 at 11:19:00AM +0200, Jan Kara wrote:
> On Wed 03-04-24 14:54:03, Kees Cook wrote:
> > With adding __counted_by(handle_bytes) to struct file_handle, we need
> > to explicitly set it in the one place it wasn't yet happening prior to
> > accessing the flex array "f_handle".
> > 
> > Fixes: 1b43c4629756 ("fs: Annotate struct file_handle with __counted_by() and use struct_size()")
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> 
> OK, so this isn't really a functional bug AFAIU but the compiler will
> wrongly complain we are accessing handle->f_handle beyond claimed array
> size (because handle->handle_bytes == 0 at that point). Am I right? If

And really, this also needs to please be mentioned in the commit message
because from reading the commit message I'm not even sure what this
patch is trying to fix.

     prev parent reply	other threads:[~2024-04-05 11:00 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-03 21:54 [PATCH] fs: Set file_handle::handle_bytes before referencing file_handle::f_handle Kees Cook
2024-04-03 22:11 ` Gustavo A. R. Silva
2024-04-04  9:19 ` Jan Kara
2024-04-04 15:25   ` Chuck Lever
2024-04-05 11:00   ` Christian Brauner [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240405-imponieren-scheppern-5e6b6842ccbf@brauner \
    --to=brauner@kernel.org \
    --cc=amir73il@gmail.com \
    --cc=chuck.lever@oracle.com \
    --cc=gustavoars@kernel.org \
    --cc=jack@suse.cz \
    --cc=jlayton@kernel.org \
    --cc=keescook@chromium.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).