mptcp: Use struct_group() to avoid cross-field memset()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memcpy(), memmove(), and memset(), avoid
intentionally writing across neighboring fields.

Use struct_group() to capture the fields to be reset, so that memset()
can be appropriately bounds-checked by the compiler.

Cc: Matthieu Baerts <matthieu.baerts@tessares.net>
Cc: mptcp@lists.linux.dev
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Link: https://lore.kernel.org/r/20220121073935.1154263-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

authored by

Kees Cook and committed by

Jakub Kicinski 4 years ago 63ec72bd 2c13c05c

+3 -3

1 changed file

expand all

net

mptcp

protocol.h

+3 -3

net/mptcp/protocol.h

··· 408 408 struct mptcp_subflow_context { 409 409 struct list_head node;/* conn_list of subflows */ 410 410 411 - char reset_start[0]; 411 + struct_group(reset, 412 412 413 413 unsigned long avg_pacing_rate; /* protected by msk socket lock */ 414 414 u64 local_key; ··· 458 458 459 459 long delegated_status; 460 460 461 - char reset_end[0]; 461 + ); 462 462 463 463 struct list_head delegated_node; /* link into delegated_action, protected by local BH */ 464 464 ··· 494 494 static inline void 495 495 mptcp_subflow_ctx_reset(struct mptcp_subflow_context *subflow) 496 496 { 497 - memset(subflow->reset_start, 0, subflow->reset_end - subflow->reset_start); 497 + memset(&subflow->reset, 0, sizeof(subflow->reset)); 498 498 subflow->request_mptcp = 1; 499 499 } 500 500