On Mon, Aug 05, 2024 at 07:52:38PM +0200, Thorsten Blum wrote:
> Add the __counted_by compiler attribute to the flexible array member
> salt to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
> CONFIG_FORTIFY_SOURCE.
>
> Use struct_size_t() instead of manually calculating the struct's size.
>
> Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxxx>
> ---
> crypto/chacha20poly1305.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/crypto/chacha20poly1305.c b/crypto/chacha20poly1305.c
> index 9e4651330852..b37f59a8280a 100644
> --- a/crypto/chacha20poly1305.c
> +++ b/crypto/chacha20poly1305.c
> @@ -27,7 +27,7 @@ struct chachapoly_ctx {
> struct crypto_ahash *poly;
> /* key bytes we use for the ChaCha20 IV */
> unsigned int saltlen;
> - u8 salt[];
> + u8 salt[] __counted_by(saltlen);
> };
AFAICT, all the allocations of struct chachapoly_ctx set "saltlen" before
using "salt".
Reviewed-by: Kees Cook <kees@xxxxxxxxxx>
>
> struct poly_req {
> @@ -611,8 +611,8 @@ static int chachapoly_create(struct crypto_template *tmpl, struct rtattr **tb,
> poly->base.cra_priority) / 2;
> inst->alg.base.cra_blocksize = 1;
> inst->alg.base.cra_alignmask = chacha->base.cra_alignmask;
> - inst->alg.base.cra_ctxsize = sizeof(struct chachapoly_ctx) +
> - ctx->saltlen;
> + inst->alg.base.cra_ctxsize = struct_size_t(struct chachapoly_ctx, salt,
> + ctx->saltlen);
> inst->alg.ivsize = ivsize;
> inst->alg.chunksize = chacha->chunksize;
> inst->alg.maxauthsize = POLY1305_DIGEST_SIZE;
My instinct is to use struct_size_t() as little as possible (compared
to normal struct_size), since I prefer to use it where a thing is being
allocated. (In this case, it's "far away".) So given Eric already thinks
this part should be dropped, I would agree: leave this as is.
--
Kees Cook
