On 8/17/23 17:58, Kees Cook wrote:
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).
As found with Coccinelle[1], add __counted_by for struct tegra_dma_desc.
[1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci
Cc: Vinod Koul <vkoul@xxxxxxxxxx>
Cc: Laxman Dewangan <ldewangan@xxxxxxxxxx>
Cc: Jon Hunter <jonathanh@xxxxxxxxxx>
Cc: Thierry Reding <thierry.reding@xxxxxxxxx>
Cc: dmaengine@xxxxxxxxxxxxxxx
Cc: linux-tegra@xxxxxxxxxxxxxxx
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Reviewed-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
Thanks
--
Gustavo
---
drivers/dma/tegra186-gpc-dma.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/dma/tegra186-gpc-dma.c b/drivers/dma/tegra186-gpc-dma.c
index 33b101001100..5e3d5f5d1e20 100644
--- a/drivers/dma/tegra186-gpc-dma.c
+++ b/drivers/dma/tegra186-gpc-dma.c
@@ -221,7 +221,7 @@ struct tegra_dma_desc {
unsigned int sg_count;
struct virt_dma_desc vd;
struct tegra_dma_channel *tdc;
- struct tegra_dma_sg_req sg_req[];
+ struct tegra_dma_sg_req sg_req[] __counted_by(sg_count);
};
/*