Re: [PATCH v3] firmware: coreboot: Check size of table entry and split memcpy
From: Stephen Boyd
Date: Thu Jan 12 2023 - 18:25:47 EST
Quoting Kees Cook (2023-01-12 15:03:16)
> The memcpy() of the data following a coreboot_table_entry couldn't
> be evaluated by the compiler under CONFIG_FORTIFY_SOURCE. To make it
> easier to reason about, add an explicit flexible array member to struct
> coreboot_device so the entire entry can be copied at once. Additionally,
> validate the sizes before copying. Avoids this run-time false positive
> warning:
>
> memcpy: detected field-spanning write (size 168) of single field "&device->entry" at drivers/firmware/google/coreboot_table.c:103 (size 8)
>
> Reported-by: Paul Menzel <pmenzel@xxxxxxxxxxxxx>
> Link: https://lore.kernel.org/all/03ae2704-8c30-f9f0-215b-7cdf4ad35a9a@xxxxxxxxxxxxx/
> Cc: Jack Rosenthal <jrosenth@xxxxxxxxxxxx>
> Cc: Guenter Roeck <groeck@xxxxxxxxxxxx>
> Cc: Julius Werner <jwerner@xxxxxxxxxxxx>
> Cc: Brian Norris <briannorris@xxxxxxxxxxxx>
> Cc: Stephen Boyd <swboyd@xxxxxxxxxxxx>
> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Reviewed-by: Julius Werner <jwerner@xxxxxxxxxxxx>
> Reviewed-by: Guenter Roeck <groeck@xxxxxxxxxxxx>
> Link: https://lore.kernel.org/r/20230107031406.gonna.761-kees@xxxxxxxxxx
> ---
Reviewed-by: Stephen Boyd <swboyd@xxxxxxxxxxxx>