Reviewed-by: David Ahern <dsahern@kernel.org>
Link: https://lore.kernel.org/r/20230112012532.311021-1-jmaxwell37@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Cc: "Jitindar Singh, Suraj" <surajjs@amazon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/net/dst_ops.h | 2 +-
+++ /dev/null
-From 172db56d90d29e47e7d0d64885d5dbd92c87ec42 Mon Sep 17 00:00:00 2001
-From: Kees Cook <keescook@chromium.org>
-Date: Wed, 6 Dec 2023 12:59:07 -0800
-Subject: netlink: Return unsigned value for nla_len()
-
-From: Kees Cook <keescook@chromium.org>
-
-commit 172db56d90d29e47e7d0d64885d5dbd92c87ec42 upstream.
-
-The return value from nla_len() is never expected to be negative, and can
-never be more than struct nlattr::nla_len (a u16). Adjust the prototype
-on the function. This will let GCC's value range optimization passes
-know that the return can never be negative, and can never be larger than
-u16. As recently discussed[1], this silences the following warning in
-GCC 12+:
-
-net/wireless/nl80211.c: In function 'nl80211_set_cqm_rssi.isra':
-net/wireless/nl80211.c:12892:17: warning: 'memcpy' specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
-12892 | memcpy(cqm_config->rssi_thresholds, thresholds,
- | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-12893 | flex_array_size(cqm_config, rssi_thresholds,
- | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-12894 | n_thresholds));
- | ~~~~~~~~~~~~~~
-
-A future change would be to clamp the subtraction to make sure it never
-wraps around if nla_len is somehow less than NLA_HDRLEN, which would
-have the additional benefit of being defensive in the face of nlattr
-corruption or logic errors.
-
-Reported-by: kernel test robot <lkp@intel.com>
-Closes: https://lore.kernel.org/oe-kbuild-all/202311090752.hWcJWAHL-lkp@intel.com/ [1]
-Cc: Johannes Berg <johannes@sipsolutions.net>
-Cc: Jeff Johnson <quic_jjohnson@quicinc.com>
-Cc: Michael Walle <mwalle@kernel.org>
-Cc: Max Schulze <max.schulze@online.de>
-Link: https://lore.kernel.org/r/20231202202539.it.704-kees@kernel.org
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Link: https://lore.kernel.org/r/20231206205904.make.018-kees@kernel.org
-Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/net/netlink.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/include/net/netlink.h
-+++ b/include/net/netlink.h
-@@ -1181,7 +1181,7 @@ static inline void *nla_data(const struc
- * nla_len - length of payload
- * @nla: netlink attribute
- */
--static inline int nla_len(const struct nlattr *nla)
-+static inline u16 nla_len(const struct nlattr *nla)
- {
- return nla->nla_len - NLA_HDRLEN;
- }
nfsd-drop-the-nfsd_put-helper.patch
-netlink-return-unsigned-value-for-nla_len.patch
ipv6-remove-max_size-check-inline-with-ipv4.patch
+++ /dev/null
-From 172db56d90d29e47e7d0d64885d5dbd92c87ec42 Mon Sep 17 00:00:00 2001
-From: Kees Cook <keescook@chromium.org>
-Date: Wed, 6 Dec 2023 12:59:07 -0800
-Subject: netlink: Return unsigned value for nla_len()
-
-From: Kees Cook <keescook@chromium.org>
-
-commit 172db56d90d29e47e7d0d64885d5dbd92c87ec42 upstream.
-
-The return value from nla_len() is never expected to be negative, and can
-never be more than struct nlattr::nla_len (a u16). Adjust the prototype
-on the function. This will let GCC's value range optimization passes
-know that the return can never be negative, and can never be larger than
-u16. As recently discussed[1], this silences the following warning in
-GCC 12+:
-
-net/wireless/nl80211.c: In function 'nl80211_set_cqm_rssi.isra':
-net/wireless/nl80211.c:12892:17: warning: 'memcpy' specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
-12892 | memcpy(cqm_config->rssi_thresholds, thresholds,
- | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-12893 | flex_array_size(cqm_config, rssi_thresholds,
- | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-12894 | n_thresholds));
- | ~~~~~~~~~~~~~~
-
-A future change would be to clamp the subtraction to make sure it never
-wraps around if nla_len is somehow less than NLA_HDRLEN, which would
-have the additional benefit of being defensive in the face of nlattr
-corruption or logic errors.
-
-Reported-by: kernel test robot <lkp@intel.com>
-Closes: https://lore.kernel.org/oe-kbuild-all/202311090752.hWcJWAHL-lkp@intel.com/ [1]
-Cc: Johannes Berg <johannes@sipsolutions.net>
-Cc: Jeff Johnson <quic_jjohnson@quicinc.com>
-Cc: Michael Walle <mwalle@kernel.org>
-Cc: Max Schulze <max.schulze@online.de>
-Link: https://lore.kernel.org/r/20231202202539.it.704-kees@kernel.org
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Link: https://lore.kernel.org/r/20231206205904.make.018-kees@kernel.org
-Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/net/netlink.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/include/net/netlink.h
-+++ b/include/net/netlink.h
-@@ -1189,7 +1189,7 @@ static inline void *nla_data(const struc
- * nla_len - length of payload
- * @nla: netlink attribute
- */
--static inline int nla_len(const struct nlattr *nla)
-+static inline u16 nla_len(const struct nlattr *nla)
- {
- return nla->nla_len - NLA_HDRLEN;
- }
nfsd-drop-the-nfsd_put-helper.patch
-netlink-return-unsigned-value-for-nla_len.patch
+++ /dev/null
-From 172db56d90d29e47e7d0d64885d5dbd92c87ec42 Mon Sep 17 00:00:00 2001
-From: Kees Cook <keescook@chromium.org>
-Date: Wed, 6 Dec 2023 12:59:07 -0800
-Subject: netlink: Return unsigned value for nla_len()
-
-From: Kees Cook <keescook@chromium.org>
-
-commit 172db56d90d29e47e7d0d64885d5dbd92c87ec42 upstream.
-
-The return value from nla_len() is never expected to be negative, and can
-never be more than struct nlattr::nla_len (a u16). Adjust the prototype
-on the function. This will let GCC's value range optimization passes
-know that the return can never be negative, and can never be larger than
-u16. As recently discussed[1], this silences the following warning in
-GCC 12+:
-
-net/wireless/nl80211.c: In function 'nl80211_set_cqm_rssi.isra':
-net/wireless/nl80211.c:12892:17: warning: 'memcpy' specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
-12892 | memcpy(cqm_config->rssi_thresholds, thresholds,
- | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-12893 | flex_array_size(cqm_config, rssi_thresholds,
- | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-12894 | n_thresholds));
- | ~~~~~~~~~~~~~~
-
-A future change would be to clamp the subtraction to make sure it never
-wraps around if nla_len is somehow less than NLA_HDRLEN, which would
-have the additional benefit of being defensive in the face of nlattr
-corruption or logic errors.
-
-Reported-by: kernel test robot <lkp@intel.com>
-Closes: https://lore.kernel.org/oe-kbuild-all/202311090752.hWcJWAHL-lkp@intel.com/ [1]
-Cc: Johannes Berg <johannes@sipsolutions.net>
-Cc: Jeff Johnson <quic_jjohnson@quicinc.com>
-Cc: Michael Walle <mwalle@kernel.org>
-Cc: Max Schulze <max.schulze@online.de>
-Link: https://lore.kernel.org/r/20231202202539.it.704-kees@kernel.org
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Link: https://lore.kernel.org/r/20231206205904.make.018-kees@kernel.org
-Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/net/netlink.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/include/net/netlink.h
-+++ b/include/net/netlink.h
-@@ -1200,7 +1200,7 @@ static inline void *nla_data(const struc
- * nla_len - length of payload
- * @nla: netlink attribute
- */
--static inline int nla_len(const struct nlattr *nla)
-+static inline u16 nla_len(const struct nlattr *nla)
- {
- return nla->nla_len - NLA_HDRLEN;
- }
-netlink-return-unsigned-value-for-nla_len.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
