Re: [PATCH] cxl/mem: Force array size of mem_commands[] to CXL_MEM_COMMAND_ID_MAX

From: Dan Williams
Date: Wed Mar 24 2021 - 15:09:09 EST


On Wed, Mar 24, 2021 at 11:43 AM Ira Weiny <ira.weiny@xxxxxxxxx> wrote:
>
> On Wed, Mar 24, 2021 at 03:16:35PM +0100, Robert Richter wrote:
> > Typically the mem_commands[] array is in sync with 'enum { CXL_CMDS }'.
> > Current code works well.
> >
> > However, the array size of mem_commands[] may not strictly be the same
> > as CXL_MEM_COMMAND_ID_MAX. E.g. if a new CXL_CMD() is added that is
> > guarded by #ifdefs, the array could be shorter. This could lead then
> > further to an out-of-bounds array access in cxl_validate_cmd_from_user().
> >
> > Fix this by forcing the array size to CXL_MEM_COMMAND_ID_MAX. This
> > also adds range checks for array items in mem_commands[] at compile
> > time.
>
> Can't we use ARRAY_SIZE?

An ARRAY_SIZE() check in cxl_validate_cmd_from_user() would work too,
but it wouldn't give the compiler protection that Robert mentions for
going the other way where mem_commands tries to add an entry that is
out of bounds relative to CXL_CMDS.