[PATCH 41/64] net: dccp: Use memset_after() for TP zeroing

From: Kees Cook
Date: Tue Jul 27 2021 - 17:07:26 EST

Next message: Kees Cook: "[PATCH 43/64] ath11k: Use memset_after() for clearing queue descriptors"
Previous message: Kees Cook: "[PATCH 63/64] iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write"
In reply to: Kees Cook: "[PATCH 63/64] iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write"
Next in thread: Kees Cook: "[PATCH 43/64] ath11k: Use memset_after() for clearing queue descriptors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memset(), avoid intentionally writing across
neighboring fields.

Use memset_after() so memset() doesn't get confused about writing
beyond the destination member that is intended to be the starting point
of zeroing through the end of the struct.

Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
net/dccp/trace.h | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/net/dccp/trace.h b/net/dccp/trace.h
index 5062421beee9..3c2594da49fc 100644
--- a/net/dccp/trace.h
+++ b/net/dccp/trace.h
@@ -60,9 +60,7 @@ TRACE_EVENT(dccp_probe,
__entry->tx_t_ipi = hc->tx_t_ipi;
} else {
__entry->tx_s = 0;
- memset(&__entry->tx_rtt, 0, (void *)&__entry->tx_t_ipi -
- (void *)&__entry->tx_rtt +
- sizeof(__entry->tx_t_ipi));
+ memset_after(__entry, 0, tx_s);
}
),

--
2.30.2

Next message: Kees Cook: "[PATCH 43/64] ath11k: Use memset_after() for clearing queue descriptors"
Previous message: Kees Cook: "[PATCH 63/64] iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write"
In reply to: Kees Cook: "[PATCH 63/64] iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write"
Next in thread: Kees Cook: "[PATCH 43/64] ath11k: Use memset_after() for clearing queue descriptors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]