On Thu, Sep 22, 2022 at 07:18:51AM +0300, Kalle Valo wrote: > Kees Cook <keescook@xxxxxxxxxxxx> writes: > > > In preparation for reducing the use of ksize(), explicitly track the > > size of scan_cmd allocations. This also allows for noticing if the scan > > size changes unexpectedly. Note that using ksize() was already incorrect > > here, in the sense that ksize() would not match the actual allocation > > size, which would trigger future run-time allocation bounds checking. > > (In other words, memset() may know how large scan_cmd was allocated for, > > but ksize() will return the upper bounds of the actually allocated memory, > > causing a run-time warning about an overflow.) > > > > Cc: Gregory Greenman <gregory.greenman@xxxxxxxxx> > > Cc: Kalle Valo <kvalo@xxxxxxxxxx> > > Cc: Johannes Berg <johannes.berg@xxxxxxxxx> > > Cc: linux-wireless@xxxxxxxxxxxxxxx > > Cc: netdev@xxxxxxxxxxxxxxx > > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> > > Via which tree is this iwlwifi patch going? Normally via wireless-next > or something else? This doesn't depend on the kmalloc_size_roundup() helper at all, so I would be happy for it to go via wireless-next if the patch seems reasonable. -- Kees Cook
