Re: [v2] wifi: iwlwifi: Track scan_cmd allocation size explicitly

[Kalle Valo]

Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> In preparation for reducing the use of ksize(), explicitly track the
> size of scan_cmd allocations. This also allows for noticing if the scan
> size changes unexpectedly. Note that using ksize() was already incorrect
> here, in the sense that ksize() would not match the actual allocation
> size, which would trigger future run-time allocation bounds checking.
> (In other words, memset() may know how large scan_cmd was allocated for,
> but ksize() will return the upper bounds of the actually allocated memory,
> causing a run-time warning about an overflow.)
> 
> Cc: Gregory Greenman <gregory.greenman@xxxxxxxxx>
> Cc: Kalle Valo <kvalo@xxxxxxxxxx>
> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> Cc: Eric Dumazet <edumazet@xxxxxxxxxx>
> Cc: Jakub Kicinski <kuba@xxxxxxxxxx>
> Cc: Paolo Abeni <pabeni@xxxxxxxxxx>
> Cc: Luca Coelho <luciano.coelho@xxxxxxxxx>
> Cc: Johannes Berg <johannes.berg@xxxxxxxxx>
> Cc: Emmanuel Grumbach <emmanuel.grumbach@xxxxxxxxx>
> Cc: Miri Korenblit <miriam.rachel.korenblit@xxxxxxxxx>
> Cc: Ilan Peer <ilan.peer@xxxxxxxxx>
> Cc: linux-wireless@xxxxxxxxxxxxxxx
> Cc: netdev@xxxxxxxxxxxxxxx
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Patch applied to wireless-next.git, thanks.

72c08d9f4c72 wifi: iwlwifi: Track scan_cmd allocation size explicitly

-- 
https://patchwork.kernel.org/project/linux-wireless/patch/20220923220853.3302056-1-keescook@xxxxxxxxxxxx/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches