Re: [PATCH net-next v3] net: mana: Allow variable size indirection table

On Wed, Jun 05, 2024 at 01:39:06AM -0700, Shradha Gupta wrote: > On Tue, Jun 04, 2024 at 10:33:49AM +0100, Simon Horman wrote: > > On Fri, May 31, 2024 at 08:37:41AM -0700, Shradha Gupta wrote: > > > Allow variable size indirection table allocation in MANA instead > > >

Re: [PATCH v4 4/6] mm/slab: Introduce kmem_buckets_create() and family

On Tue, Jun 04, 2024 at 05:49:20PM -0700, Kees Cook wrote: > On Tue, Jun 04, 2024 at 04:13:32PM -0600, Tycho Andersen wrote: > > On Tue, Jun 04, 2024 at 04:02:28PM +0100, Simon Horman wrote: > > > On Fri, May 31, 2024 at 12:14:56PM -0700, Kees Cook wrote: > > >

Re: [PATCH v4 4/6] mm/slab: Introduce kmem_buckets_create() and family

On Fri, May 31, 2024 at 12:14:56PM -0700, Kees Cook wrote: ... > diff --git a/mm/slab_common.c b/mm/slab_common.c > index b5c879fa66bc..f42a98d368a9 100644 > --- a/mm/slab_common.c > +++ b/mm/slab_common.c > @@ -392,6 +392,82 @@ kmem_cache_create(const char *name, unsigned int size, > unsigned

Re: [PATCH net-next v3] net: mana: Allow variable size indirection table

On Fri, May 31, 2024 at 08:37:41AM -0700, Shradha Gupta wrote: > Allow variable size indirection table allocation in MANA instead > of using a constant value MANA_INDIRECT_TABLE_SIZE. > The size is now derived from the MANA_QUERY_VPORT_CONFIG and the > indirection table is allocated dynamically. >

Re: [PATCH v2] wifi: mac80211: Avoid address calculations via out of bounds array indexing

On Thu, May 23, 2024 at 11:35:37AM +0200, Johannes Berg wrote: > On Fri, 2024-05-17 at 21:45 +0100, Simon Horman wrote: > > > > FWWIW, it seems unfortunate to me that the __counted_by field (n_channels) > > is set some distance away from the allocation of the flex-array

Re: [PATCH v2] wifi: mac80211: Avoid address calculations via out of bounds array indexing

seems unfortunate to me that the __counted_by field (n_channels) is set some distance away from the allocation of the flex-array (channels) whose bounds it checks. It seems it would be pretty easy for a bug in the code being updated here to result in an overrun. But in any case, I think this is an improvement and seems correct to me. Reviewed-by: Simon Horman

Re: [PATCH] net: prestera: Add flex arrays to some structs

ccinelle, and audited and > modified manually. > > Link: > https://www.kernel.org/doc/html/next/process/deprecated.html#zero-length-and-one-element-arrays > [1] > Link: > https://www.kernel.org/doc/html/next/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments > [2] > Signed-off-by: Erick Archer Reviewed-by: Simon Horman

[PATCH net-next v2 2/2] gve: Use ethtool_sprintf/puts() to fill stats strings

tested only. Reviewed-by: Shailend Chand Reviewed-by: Larysa Zaremba Signed-off-by: Simon Horman --- drivers/net/ethernet/google/gve/gve_ethtool.c | 42 +++ 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/drivers/net/ethernet/google/gve/gve_ethtool.c b

[PATCH net-next v2 1/2] gve: Avoid unnecessary use of comma operator

Although it does not seem to have any untoward side-effects, the use of ';' to separate to assignments seems more appropriate than ','. Flagged by clang-18 -Wcomma No functional change intended. Compile tested only. Reviewed-by: Shailend Chand Reviewed-by: Larysa Zaremba Signed-off-by: Simon

[PATCH net-next v2 0/2] gve: Minor cleanups

! - Rebased - Link to v1: https://lore.kernel.org/r/20240503-gve-comma-v1-0-b50f96569...@kernel.org --- Simon Horman (2): gve: Avoid unnecessary use of comma operator gve: Use ethtool_sprintf/puts() to fill stats strings drivers/net/ethernet/google/gve/gve_adminq.c | 4 +-- drivers

Re: [PATCH net-next 0/2] gve: Minor cleanups

On Tue, May 07, 2024 at 03:28:46PM -0700, Jakub Kicinski wrote: > On Fri, 03 May 2024 21:31:25 +0100 Simon Horman wrote: > > This short patchset provides two minor cleanups for the gve driver. > > > > These were found by tooling as mentioned in each patch, > >

[PATCH net-next 2/2] gve: Use ethtool_sprintf/puts() to fill stats strings

tested only. Signed-off-by: Simon Horman --- drivers/net/ethernet/google/gve/gve_ethtool.c | 42 +++ 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/drivers/net/ethernet/google/gve/gve_ethtool.c b/drivers/net/ethernet/google/gve/gve_ethtool.c index

[PATCH net-next 1/2] gve: Avoid unnecessary use of comma operator

Although it does not seem to have any untoward side-effects, the use of ';' to separate to assignments seems more appropriate than ','. Flagged by clang-18 -Wcomma No functional change intended. Compile tested only. Signed-off-by: Simon Horman --- drivers/net/ethernet/google/gve/gve_adminq.c

[PATCH net-next 0/2] gve: Minor cleanups

Hi, This short patchset provides two minor cleanups for the gve driver. These were found by tooling as mentioned in each patch, and otherwise by inspection. No change in run time behaviour is intended. Each patch is compile tested only. --- Simon Horman (2): gve: Avoid unnecessary use

Re: [PATCH RFC kspp-next 3/3] idpf: sprinkle __counted_by{,_le}() in the virtchnl2 header

On Mon, Mar 18, 2024 at 02:03:54PM +0100, Alexander Lobakin wrote: > Both virtchnl2.h and its consumer idpf_virtchnl.c are very error-prone. > There are 10 structures with flexible arrays at the end, but 9 of them > has flex member counter in Little Endian. > Make the code a bit more robust by

Re: [PATCH v2] overflow: Change DEFINE_FLEX to take __counted_by member

On Sat, Mar 09, 2024 at 12:32:45PM -0800, Kees Cook wrote: > On Fri, Mar 08, 2024 at 08:20:18PM +0000, Simon Horman wrote: > > On Wed, Mar 06, 2024 at 03:51:36PM -0800, Kees Cook wrote: > > > The norm should be flexible array structures with __counted_by > > >

Re: [PATCH v2] overflow: Change DEFINE_FLEX to take __counted_by member

On Wed, Mar 06, 2024 at 03:51:36PM -0800, Kees Cook wrote: > The norm should be flexible array structures with __counted_by > annotations, so DEFINE_FLEX() is updated to expect that. Rename > the non-annotated version to DEFINE_RAW_FLEX(), and update the > few existing users. > > Signed-off-by:

Re: [PATCH v3] sock: Use unsafe_memcpy() for sock_copy()

v3: fix inet_reqsk_clone() comment > v2: https://lore.kernel.org/lkml/20240216232220.it.450-k...@kernel.org > v1: https://lore.kernel.org/lkml/20240216204423.work.066-k...@kernel.org Reviewed-by: Simon Horman

Re: [PATCH] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination

> 0-sized destinations in memcpy(), an exception must be made for the one > place where it is still a destination. Since memcpy() was already > skipping checks for 0-sized destinations, using unsafe_memcpy() is no > change in behavior. > > Signed-off-by: Kees Cook Reviewed-by: Simon Horman

Re: [PATCH bpf-next] bpf: Check return from set_memory_rox() and friends

On Sat, Feb 17, 2024 at 11:24:07AM +0100, Christophe Leroy wrote: > arch_protect_bpf_trampoline() and alloc_new_pack() call > set_memory_rox() which can fail, leading to unprotected memory. > > Take into account return from set_memory_XX() functions and add > __must_check flag to

Re: [PATCH] net/sun3_82586: Avoid reading past buffer in debug output

Cc: Jakub Kicinski > Cc: Paolo Abeni > Cc: Gustavo A. R. Silva > Cc: net...@vger.kernel.org > Signed-off-by: Kees Cook Reviewed-by: Simon Horman Tested-by: Simon Horman # build-tested ...

Re: [PATCH] net: phy: smsc: replace deprecated strncpy with ethtool_sprintf

[2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt > --- > Note: build-tested only. > > Found with: $ rg "strncpy\(" I agree that this is functionally equivalent. Reviewed-by: Simon Horman

Re: [PATCH] qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info

o a > one-element array, and started to be used as a Variable Length Object > (VLO) at run-time. > > Fixes: f5823fe6897c ("qed: Add ll2 option to limit the number of bds per > packet") > Cc: sta...@vger.kernel.org > Signed-off-by: Gustavo A. R. Silva Reviewed-by: Simon Horman