Re: [PATCH] kheaders: Use array declaration instead of char

From: Alexander Lobakin
Date: Fri Mar 03 2023 - 10:21:15 EST


From: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Thu, 2 Mar 2023 14:49:50 -0800

> Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination
> and source buffers. Defining kernel_headers_data as "char" would trip
> this check. Since these addresses are treated as byte arrays, define
> them as arrays (as done everywhere else).

Yet another array-as-one-char, I wonder how many are still here...

>
> This was seen with:
>
> $ cat /sys/kernel/kheaders.tar.xz >> /dev/null
>
> detected buffer overflow in memcpy
> kernel BUG at lib/string_helpers.c:1027!
> ...
> RIP: 0010:fortify_panic+0xf/0x20
> [...]
> Call Trace:
> <TASK>
> ikheaders_read+0x45/0x50 [kheaders]
> kernfs_fop_read_iter+0x1a4/0x2f0
> ...
>
> Reported-by: Jakub Kicinski <kuba@xxxxxxxxxx>
> Link: https://lore.kernel.org/bpf/20230302112130.6e402a98@xxxxxxxxxx/
> Tested-by: Jakub Kicinski <kuba@xxxxxxxxxx>
> Fixes: 43d8ce9d65a5 ("Provide in-kernel headers to make extending kernel easier")
> Cc: Joel Fernandes (Google) <joel@xxxxxxxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Reviewed-by: Alexander Lobakin <aleksander.lobakin@xxxxxxxxx>

> ---
> kernel/kheaders.c | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
[...]

Thanks,
Olek