[PATCH] lsm: Resolve compiling 'security.c' error

Paul Moore paul at paul-moore.com
Wed Jan 17 14:32:33 UTC 2024


On Tue, Jan 16, 2024 at 8:46 PM Lu Yao <yaolu at kylinos.cn> wrote:
>
> The following error log is displayed during the current compilation
>   > 'security/security.c:810:2: error: ‘memcpy’ offset 32 is
>   > out of the bounds [0, 0] [-Werror=array-bounds]'
>
> GCC version is '10.3.0 (Ubuntu 10.3.0-1ubuntu1~18.04~1)'
>
> Signed-off-by: Lu Yao <yaolu at kylinos.cn>
> ---
>  security/security.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

I'm adding the linux-hardening folks to the to To: line as this has
now come up multiple times and my best guess is that this is an issue
with the struct_size() macro, compiler annotations, or something
similar and I suspect they are the experts in that area.  My
understanding is that using the struct_size() macro is preferable to
open coding the math, as this patch does, but if we have to do
something like this to silence the warnings, that's okay with me.

So linux-hardening folks, what do you say?

> diff --git a/security/security.c b/security/security.c
> index 0144a98d3712..37168f6bee25 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -792,7 +792,7 @@ int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, size_t *uctx_len,
>         size_t nctx_len;
>         int rc = 0;
>
> -       nctx_len = ALIGN(struct_size(nctx, ctx, val_len), sizeof(void *));
> +       nctx_len = ALIGN(sizeof(struct lsm_ctx) + val_len, sizeof(void *));
>         if (nctx_len > *uctx_len) {
>                 rc = -E2BIG;
>                 goto out;
> --
> 2.25.1

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list