Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time via CONFIG_UBSAN_BOUNDS (for
array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).
As found with Coccinelle[1], add __counted_by for struct
exynos_muxed_weint_data. Additionally, since the element count member
must be set before accessing the annotated flexible array member, move
its initialization earlier.
Cc: Tomasz Figa <tomasz.figa@gmail.com>
Cc: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
Cc: Sylwester Nawrocki <s.nawrocki@samsung.com>
Cc: Alim Akhtar <alim.akhtar@samsung.com>
Cc: Linus Walleij <linus.walleij@linaro.org>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-samsung-soc@vger.kernel.org
Cc: linux-gpio@vger.kernel.org
Cc: linux-hardening@vger.kernel.org
Link: https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20231006201707.work.405-kees@kernel.org
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
+ muxed_banks*sizeof(struct samsung_pin_bank *), GFP_KERNEL);
if (!muxed_data)
return -ENOMEM;
+ muxed_data->nr_banks = muxed_banks;
irq_set_chained_handler_and_data(irq, exynos_irq_demux_eint16_31,
muxed_data);
muxed_data->banks[idx++] = bank;
}
- muxed_data->nr_banks = muxed_banks;
return 0;
}
*/
struct exynos_muxed_weint_data {
unsigned int nr_banks;
- struct samsung_pin_bank *banks[];
+ struct samsung_pin_bank *banks[] __counted_by(nr_banks);
};
int exynos_eint_gpio_init(struct samsung_pinctrl_drv_data *d);
projects / linux.git / commitdiff