tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

virt: acrn: Annotate struct vm_memory_region_batch with __counted_by

Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).

As found with Coccinelle[1], add __counted_by for struct vm_memory_region_batch.
Additionally, since the element count member must be set before accessing
the annotated flexible array member, move its initialization earlier.

[1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci

Cc: Fei Li <fei1.li@intel.com>
Reviewed-by: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20230922175102.work.020-kees@kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>

Kees Cook 51a71ab2 4a530cb9

+2 -2
+1 -1
drivers/virt/acrn/acrn_drv.h
··· 60 60 u16 reserved[3]; 61 61 u32 regions_num; 62 62 u64 regions_gpa; 63 - struct vm_memory_region_op regions_op[]; 63 + struct vm_memory_region_op regions_op[] __counted_by(regions_num); 64 64 }; 65 65 66 66 /**
+1 -1
drivers/virt/acrn/mm.c
··· 250 250 ret = -ENOMEM; 251 251 goto unmap_kernel_map; 252 252 } 253 + regions_info->regions_num = nr_regions; 253 254 254 255 /* Fill each vm_memory_region_op */ 255 256 vm_region = regions_info->regions_op; 256 257 regions_info->vmid = vm->vmid; 257 - regions_info->regions_num = nr_regions; 258 258 regions_info->regions_gpa = virt_to_phys(vm_region); 259 259 user_vm_pa = memmap->user_vm_pa; 260 260 i = 0;