Re: [PATCH] drbd: Use struct_group() to zero algs

"Gustavo A. R. Silva" <gustavoars@xxxxxxxxxx> · Mon, 13 Dec 2021 17:28:28 -0600



On Thu, Nov 18, 2021 at 12:37:12PM -0800, Kees Cook wrote:
> In preparation for FORTIFY_SOURCE performing compile-time and run-time
> field bounds checking for memset(), avoid intentionally writing across
> neighboring fields.
> 
> Add a struct_group() for the algs so that memset() can correctly reason
> about the size.
> 
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Reviewed-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>

Thanks
--
Gustavo

> ---
>  drivers/block/drbd/drbd_main.c     | 3 ++-
>  drivers/block/drbd/drbd_protocol.h | 6 ++++--
>  drivers/block/drbd/drbd_receiver.c | 3 ++-
>  3 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c
> index 53ba2dddba6e..feac72e323bd 100644
> --- a/drivers/block/drbd/drbd_main.c
> +++ b/drivers/block/drbd/drbd_main.c
> @@ -729,7 +729,8 @@ int drbd_send_sync_param(struct drbd_peer_device *peer_device)
>  	cmd = apv >= 89 ? P_SYNC_PARAM89 : P_SYNC_PARAM;
>  
>  	/* initialize verify_alg and csums_alg */
> -	memset(p->verify_alg, 0, 2 * SHARED_SECRET_MAX);
> +	BUILD_BUG_ON(sizeof(p->algs) != 2 * SHARED_SECRET_MAX);
> +	memset(&p->algs, 0, sizeof(p->algs));
>  
>  	if (get_ldev(peer_device->device)) {
>  		dc = rcu_dereference(peer_device->device->ldev->disk_conf);
> diff --git a/drivers/block/drbd/drbd_protocol.h b/drivers/block/drbd/drbd_protocol.h
> index dea59c92ecc1..a882b65ab5d2 100644
> --- a/drivers/block/drbd/drbd_protocol.h
> +++ b/drivers/block/drbd/drbd_protocol.h
> @@ -283,8 +283,10 @@ struct p_rs_param_89 {
>  
>  struct p_rs_param_95 {
>  	u32 resync_rate;
> -	char verify_alg[SHARED_SECRET_MAX];
> -	char csums_alg[SHARED_SECRET_MAX];
> +	struct_group(algs,
> +		char verify_alg[SHARED_SECRET_MAX];
> +		char csums_alg[SHARED_SECRET_MAX];
> +	);
>  	u32 c_plan_ahead;
>  	u32 c_delay_target;
>  	u32 c_fill_target;
> diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> index 1f740e42e457..6df2539e215b 100644
> --- a/drivers/block/drbd/drbd_receiver.c
> +++ b/drivers/block/drbd/drbd_receiver.c
> @@ -3921,7 +3921,8 @@ static int receive_SyncParam(struct drbd_connection *connection, struct packet_i
>  
>  	/* initialize verify_alg and csums_alg */
>  	p = pi->data;
> -	memset(p->verify_alg, 0, 2 * SHARED_SECRET_MAX);
> +	BUILD_BUG_ON(sizeof(p->algs) != 2 * SHARED_SECRET_MAX);
> +	memset(&p->algs, 0, sizeof(p->algs));
>  
>  	err = drbd_recv_all(peer_device->connection, p, header_size);
>  	if (err)
> -- 
> 2.30.2
> 
> 
> 
>