korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-27 14:14:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,240,328 Commits 113 Branches 5,292 Tags 3.5 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
1a807e46aa
Go to file
Nathan Chancellor 1a807e46aa xfrm: Avoid clang fortify warning in copy_to_user_tmpl() 
After a couple recent changes in LLVM, there is a warning (or error with
CONFIG_WERROR=y or W=e) from the compile time fortify source routines,
specifically the memset() in copy_to_user_tmpl().

  In file included from net/xfrm/xfrm_user.c:14:
  ...
  include/linux/fortify-string.h:438:4: error: call to '__write_overflow_field' declared with 'warning' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror,-Wattribute-warning]
    438 |                         __write_overflow_field(p_size_field, size);
        |                         ^
  1 error generated.

While ->xfrm_nr has been validated against XFRM_MAX_DEPTH when its value
is first assigned in copy_templates() by calling validate_tmpl() first
(so there should not be any issue in practice), LLVM/clang cannot really
deduce that across the boundaries of these functions. Without that
knowledge, it cannot assume that the loop stops before i is greater than
XFRM_MAX_DEPTH, which would indeed result a stack buffer overflow in the
memset().

To make the bounds of ->xfrm_nr clear to the compiler and add additional
defense in case copy_to_user_tmpl() is ever used in a path where
->xfrm_nr has not been properly validated against XFRM_MAX_DEPTH first,
add an explicit bound check and early return, which clears up the
warning.

Cc: stable@vger.kernel.org
Link: https://github.com/ClangBuiltLinux/linux/issues/1985
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2024-02-26 11:59:40 +01:00
arch Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
block Many singleton patches against the MM code. The patch series which 2024-01-09 11:18:47 -08:00
certs This update includes the following changes: 2023-11-02 16:15:30 -10:00
crypto crypto: scomp - fix req->dst buffer overflow 2023-12-29 11:25:56 +08:00
Documentation Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
drivers net: ravb: Fix dma_addr_t truncation in error case 2024-01-14 16:41:51 +00:00
fs Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
include net: netdev_queue: netdev_txq_completed_mb(): fix wake condition 2024-01-13 18:26:23 +00:00
init header cleanups for 6.8 2024-01-10 16:43:55 -08:00
io_uring Many singleton patches against the MM code. The patch series which 2024-01-09 11:18:47 -08:00
ipc shm: Slim down dependencies 2023-12-20 19:26:31 -05:00
kernel Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
lib Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
net xfrm: Avoid clang fortify warning in copy_to_user_tmpl() 2024-02-26 11:59:40 +01:00
rust net: phy: add Rust Asix PHY driver 2023-12-15 09:35:50 +00:00
samples Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
scripts Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
security header cleanups for 6.8 2024-01-10 16:43:55 -08:00
sound linux_kselftest-kunit-6.8-rc1 2024-01-09 17:16:58 -08:00
tools net: tls, add test to capture error on large splice 2024-01-14 12:17:14 +00:00
usr usr/Kconfig: fix typos of "its" 2023-12-20 15:02:58 -08:00
virt vfs-6.8.misc 2024-01-08 10:26:08 -08:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: rpm-pkg: generate kernel.spec in rpmbuild/SPECS/ 2023-10-03 20:49:09 +09:00
.mailmap Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: mark ax25 as Orphan 2024-01-11 16:25:04 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: eth: mvneta: update entry 2024-01-14 13:12:26 +00:00
Makefile Quite a lot of kexec work this time around. Many singleton patches in 2024-01-09 11:46:20 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.