lsm: Add a __counted_by() annotation to lsm_ctx.ctx

The ctx in struct lsm_ctx is an array of size ctx_len, tell the compiler
about this using __counted_by() where supported to improve the ability to
detect overflow issues.

Reported-by: Aishwarya TCV <aishwarya.tcv@arm.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h
index f0386880a78ee6dcc38ce1433e48dc3431914cd7..f8aef9ade54957543d3f8008edfe833af13b54db 100644 (file)
--- a/include/uapi/linux/lsm.h
+++ b/include/uapi/linux/lsm.h
@@ -9,6 +9,7 @@
 #ifndef _UAPI_LINUX_LSM_H
 #define _UAPI_LINUX_LSM_H
 
+#include <linux/stddef.h>
 #include <linux/types.h>
 #include <linux/unistd.h>
 
@@ -36,7 +37,7 @@ struct lsm_ctx {
        __u64 flags;
        __u64 len;
        __u64 ctx_len;
-       __u8 ctx[];
+       __u8 ctx[] __counted_by(ctx_len);
 };
 
 /*