crypto: chacha20poly1305 - Annotate struct chachapoly_ctx with __counted_by()

Add the __counted_by compiler attribute to the flexible array member
salt to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.

Reviewed-by: Kees Cook <kees@kernel.org>
Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/chacha20poly1305.c b/crypto/chacha20poly1305.c
index 9e4651330852b51415bf43700d56d831fb2c8725..d740849f1c1915028b7db82ad07f921415db565b 100644 (file)
--- a/crypto/chacha20poly1305.c
+++ b/crypto/chacha20poly1305.c
@@ -27,7 +27,7 @@ struct chachapoly_ctx {
        struct crypto_ahash *poly;
        /* key bytes we use for the ChaCha20 IV */
        unsigned int saltlen;
-       u8 salt[];
+       u8 salt[] __counted_by(saltlen);
 };
 
 struct poly_req {