kexec: Annotate struct crash_mem with __counted_by

Prepare for the coming implementation by GCC and Clang of the __counted_by attribute. Flexible array members annotated with __counted_by can have their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family functions). As found with Coccinelle[1], add __counted_by for struct crash_mem. [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci Cc: Eric Biederman <ebiederm@xmission.com> Cc: kexec@lists.infradead.org Acked-by: Baoquan He <bhe@redhat.com> Link: https://lore.kernel.org/r/20230922175224.work.712-kees@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>
author: Kees Cook <keescook@chromium.org> 2023-09-22 10:52:24 -0700
committer: Kees Cook <keescook@chromium.org> 2023-10-24 14:09:46 -0700
commit: 15fcedd43a0810a5482ef759a18ab852d012cead (patch)
tree: cab324a79a3fa78cae0be2cc140b92a1124beebc /include/linux/crash_core.h
parent: bf5abc17bc434f27e20d3702b1992d9b5e4a7239 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/crash_core.h b/include/linux/crash_core.h
index 0c06561bf5ff..08704c29fdb4 100644
--- a/include/linux/crash_core.h
+++ b/include/linux/crash_core.h
@@ -92,7 +92,7 @@ int parse_crashkernel_low(char *cmdline, unsigned long long system_ram,
 struct crash_mem {
 	unsigned int max_nr_ranges;
 	unsigned int nr_ranges;
-	struct range ranges[];
+	struct range ranges[] __counted_by(max_nr_ranges);
 };
 
 extern int crash_exclude_mem_range(struct crash_mem *mem,
author	Kees Cook <keescook@chromium.org>	2023-09-22 10:52:24 -0700
committer	Kees Cook <keescook@chromium.org>	2023-10-24 14:09:46 -0700
commit	15fcedd43a0810a5482ef759a18ab852d012cead (patch)
tree	cab324a79a3fa78cae0be2cc140b92a1124beebc /include/linux/crash_core.h
parent	bf5abc17bc434f27e20d3702b1992d9b5e4a7239 (diff)