From: Kees Cook <keescook@chromium.org>
To: Marc Kleine-Budde <mkl@pengutronix.de>
Cc: linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
Ayush Sawal <ayush.sawal@chelsio.com>,
Vinay Kumar Yadav <vinay.yadav@chelsio.com>,
Rohit Maheshwari <rohitm@chelsio.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Kalle Valo <kvalo@codeaurora.org>,
Jakub Kicinski <kuba@kernel.org>,
Stanislaw Gruszka <stf_xl@wp.pl>,
Luca Coelho <luciano.coelho@intel.com>,
"James E.J. Bottomley" <jejb@linux.ibm.com>,
"Martin K. Petersen" <martin.petersen@oracle.com>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
Johannes Berg <johannes.berg@intel.com>,
Mordechay Goodstein <mordechay.goodstein@intel.com>,
Lee Jones <lee.jones@linaro.org>,
Wolfgang Grandegger <wg@grandegger.com>,
Arunachalam Santhanam <arunachalam.santhanam@in.bosch.com>,
Vincent Mailhol <mailhol.vincent@wanadoo.fr>,
Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>,
linux-crypto@vger.kernel.org, ath10k@lists.infradead.org,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-scsi@vger.kernel.org, linux-can@vger.kernel.org,
bpf@vger.kernel.org, Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Keith Packard <keithp@keithp.com>,
Dan Williams <dan.j.williams@intel.com>,
Daniel Vetter <daniel.vetter@ffwll.ch>,
clang-built-linux@googlegroups.com,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH v2 2/5] treewide: Replace open-coded flex arrays in unions
Date: Fri, 27 Aug 2021 09:08:19 -0700 [thread overview]
Message-ID: <202108270906.7C85982525@keescook> (raw)
In-Reply-To: <20210826062452.jekmoo43f4xu5jxk@pengutronix.de>
On Thu, Aug 26, 2021 at 08:24:52AM +0200, Marc Kleine-Budde wrote:
> On 25.08.2021 22:04:55, Kees Cook wrote:
> > In support of enabling -Warray-bounds and -Wzero-length-bounds and
> > correctly handling run-time memcpy() bounds checking, replace all
> > open-coded flexible arrays (i.e. 0-element arrays) in unions with the
> > flex_array() helper macro.
> >
> > This fixes warnings such as:
> >
> > fs/hpfs/anode.c: In function 'hpfs_add_sector_to_btree':
> > fs/hpfs/anode.c:209:27: warning: array subscript 0 is outside the bounds of an interior zero-length array 'struct bplus_internal_node[0]' [-Wzero-length-bounds]
> > 209 | anode->btree.u.internal[0].down = cpu_to_le32(a);
> > | ~~~~~~~~~~~~~~~~~~~~~~~^~~
> > In file included from fs/hpfs/hpfs_fn.h:26,
> > from fs/hpfs/anode.c:10:
> > fs/hpfs/hpfs.h:412:32: note: while referencing 'internal'
> > 412 | struct bplus_internal_node internal[0]; /* (internal) 2-word entries giving
> > | ^~~~~~~~
> >
> > drivers/net/can/usb/etas_es58x/es58x_fd.c: In function 'es58x_fd_tx_can_msg':
> > drivers/net/can/usb/etas_es58x/es58x_fd.c:360:35: warning: array subscript 65535 is outside the bounds of an interior zero-length array 'u8[0]' {aka 'unsigned char[]'} [-Wzero-length-bounds]
> > 360 | tx_can_msg = (typeof(tx_can_msg))&es58x_fd_urb_cmd->raw_msg[msg_len];
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > In file included from drivers/net/can/usb/etas_es58x/es58x_core.h:22,
> > from drivers/net/can/usb/etas_es58x/es58x_fd.c:17:
> > drivers/net/can/usb/etas_es58x/es58x_fd.h:231:6: note: while referencing 'raw_msg'
> > 231 | u8 raw_msg[0];
> > | ^~~~~~~
> >
> > Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
> > Cc: Arnd Bergmann <arnd@arndb.de>
> > Cc: Ayush Sawal <ayush.sawal@chelsio.com>
> > Cc: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
> > Cc: Rohit Maheshwari <rohitm@chelsio.com>
> > Cc: Herbert Xu <herbert@gondor.apana.org.au>
> > Cc: "David S. Miller" <davem@davemloft.net>
> > Cc: Kalle Valo <kvalo@codeaurora.org>
> > Cc: Jakub Kicinski <kuba@kernel.org>
> > Cc: Stanislaw Gruszka <stf_xl@wp.pl>
> > Cc: Luca Coelho <luciano.coelho@intel.com>
> > Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
> > Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
> > Cc: Alexei Starovoitov <ast@kernel.org>
> > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > Cc: Andrii Nakryiko <andrii@kernel.org>
> > Cc: Martin KaFai Lau <kafai@fb.com>
> > Cc: Song Liu <songliubraving@fb.com>
> > Cc: Yonghong Song <yhs@fb.com>
> > Cc: John Fastabend <john.fastabend@gmail.com>
> > Cc: KP Singh <kpsingh@kernel.org>
> > Cc: Johannes Berg <johannes.berg@intel.com>
> > Cc: Mordechay Goodstein <mordechay.goodstein@intel.com>
> > Cc: Lee Jones <lee.jones@linaro.org>
> > Cc: Wolfgang Grandegger <wg@grandegger.com>
> > Cc: Marc Kleine-Budde <mkl@pengutronix.de>
> > Cc: Arunachalam Santhanam <arunachalam.santhanam@in.bosch.com>
> > Cc: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
> > Cc: Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>
> > Cc: linux-crypto@vger.kernel.org
> > Cc: ath10k@lists.infradead.org
> > Cc: linux-wireless@vger.kernel.org
> > Cc: netdev@vger.kernel.org
> > Cc: linux-scsi@vger.kernel.org
> > Cc: linux-can@vger.kernel.org
> > Cc: bpf@vger.kernel.org
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> > drivers/net/can/usb/etas_es58x/es581_4.h | 2 +-
> > drivers/net/can/usb/etas_es58x/es58x_fd.h | 2 +-
>
> For the can drivers:
>
> Acked-by: Marc Kleine-Budde <mkl@pengutronix.de>
Thanks!
> BTW: Is there opportunity for conversion, too?
>
> | drivers/net/can/peak_canfd/peak_pciefd_main.c:146:32: warning: array of flexible structures
Oh, hrmpf. This isn't a sane use of flex arrays:
struct __packed pucan_rx_msg {
...
__le32 can_id;
u8 d[];
};
struct pciefd_rx_dma {
__le32 irq_status;
__le32 sys_time_low;
__le32 sys_time_high;
struct pucan_rx_msg msg[];
} __packed __aligned(4);
I think that needs to be handled separately. How are you building to get
that warning, by the way? I haven't seen that in my builds...
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Marc Kleine-Budde <mkl@pengutronix.de>
Cc: linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
Ayush Sawal <ayush.sawal@chelsio.com>,
Vinay Kumar Yadav <vinay.yadav@chelsio.com>,
Rohit Maheshwari <rohitm@chelsio.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Kalle Valo <kvalo@codeaurora.org>,
Jakub Kicinski <kuba@kernel.org>,
Stanislaw Gruszka <stf_xl@wp.pl>,
Luca Coelho <luciano.coelho@intel.com>,
"James E.J. Bottomley" <jejb@linux.ibm.com>,
"Martin K. Petersen" <martin.petersen@oracle.com>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
Johannes Berg <johannes.berg@intel.com>,
Mordechay Goodstein <mordechay.goodstein@intel.com>,
Lee Jones <lee.jones@linaro.org>,
Wolfgang Grandegger <wg@grandegger.com>,
Arunachalam Santhanam <arunachalam.santhanam@in.bosch.com>,
Vincent Mailhol <mailhol.vincent@wanadoo.fr>,
Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>,
linux-crypto@vger.kernel.org, ath10k@lists.infradead.org,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-scsi@vger.kernel.org, linux-can@vger.kernel.org,
bpf@vger.kernel.org, Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Keith Packard <keithp@keithp.com>,
Dan Williams <dan.j.williams@intel.com>,
Daniel Vetter <daniel.vetter@ffwll.ch>,
clang-built-linux@googlegroups.com,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH v2 2/5] treewide: Replace open-coded flex arrays in unions
Date: Fri, 27 Aug 2021 09:08:19 -0700 [thread overview]
Message-ID: <202108270906.7C85982525@keescook> (raw)
In-Reply-To: <20210826062452.jekmoo43f4xu5jxk@pengutronix.de>
On Thu, Aug 26, 2021 at 08:24:52AM +0200, Marc Kleine-Budde wrote:
> On 25.08.2021 22:04:55, Kees Cook wrote:
> > In support of enabling -Warray-bounds and -Wzero-length-bounds and
> > correctly handling run-time memcpy() bounds checking, replace all
> > open-coded flexible arrays (i.e. 0-element arrays) in unions with the
> > flex_array() helper macro.
> >
> > This fixes warnings such as:
> >
> > fs/hpfs/anode.c: In function 'hpfs_add_sector_to_btree':
> > fs/hpfs/anode.c:209:27: warning: array subscript 0 is outside the bounds of an interior zero-length array 'struct bplus_internal_node[0]' [-Wzero-length-bounds]
> > 209 | anode->btree.u.internal[0].down = cpu_to_le32(a);
> > | ~~~~~~~~~~~~~~~~~~~~~~~^~~
> > In file included from fs/hpfs/hpfs_fn.h:26,
> > from fs/hpfs/anode.c:10:
> > fs/hpfs/hpfs.h:412:32: note: while referencing 'internal'
> > 412 | struct bplus_internal_node internal[0]; /* (internal) 2-word entries giving
> > | ^~~~~~~~
> >
> > drivers/net/can/usb/etas_es58x/es58x_fd.c: In function 'es58x_fd_tx_can_msg':
> > drivers/net/can/usb/etas_es58x/es58x_fd.c:360:35: warning: array subscript 65535 is outside the bounds of an interior zero-length array 'u8[0]' {aka 'unsigned char[]'} [-Wzero-length-bounds]
> > 360 | tx_can_msg = (typeof(tx_can_msg))&es58x_fd_urb_cmd->raw_msg[msg_len];
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > In file included from drivers/net/can/usb/etas_es58x/es58x_core.h:22,
> > from drivers/net/can/usb/etas_es58x/es58x_fd.c:17:
> > drivers/net/can/usb/etas_es58x/es58x_fd.h:231:6: note: while referencing 'raw_msg'
> > 231 | u8 raw_msg[0];
> > | ^~~~~~~
> >
> > Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
> > Cc: Arnd Bergmann <arnd@arndb.de>
> > Cc: Ayush Sawal <ayush.sawal@chelsio.com>
> > Cc: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
> > Cc: Rohit Maheshwari <rohitm@chelsio.com>
> > Cc: Herbert Xu <herbert@gondor.apana.org.au>
> > Cc: "David S. Miller" <davem@davemloft.net>
> > Cc: Kalle Valo <kvalo@codeaurora.org>
> > Cc: Jakub Kicinski <kuba@kernel.org>
> > Cc: Stanislaw Gruszka <stf_xl@wp.pl>
> > Cc: Luca Coelho <luciano.coelho@intel.com>
> > Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
> > Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
> > Cc: Alexei Starovoitov <ast@kernel.org>
> > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > Cc: Andrii Nakryiko <andrii@kernel.org>
> > Cc: Martin KaFai Lau <kafai@fb.com>
> > Cc: Song Liu <songliubraving@fb.com>
> > Cc: Yonghong Song <yhs@fb.com>
> > Cc: John Fastabend <john.fastabend@gmail.com>
> > Cc: KP Singh <kpsingh@kernel.org>
> > Cc: Johannes Berg <johannes.berg@intel.com>
> > Cc: Mordechay Goodstein <mordechay.goodstein@intel.com>
> > Cc: Lee Jones <lee.jones@linaro.org>
> > Cc: Wolfgang Grandegger <wg@grandegger.com>
> > Cc: Marc Kleine-Budde <mkl@pengutronix.de>
> > Cc: Arunachalam Santhanam <arunachalam.santhanam@in.bosch.com>
> > Cc: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
> > Cc: Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>
> > Cc: linux-crypto@vger.kernel.org
> > Cc: ath10k@lists.infradead.org
> > Cc: linux-wireless@vger.kernel.org
> > Cc: netdev@vger.kernel.org
> > Cc: linux-scsi@vger.kernel.org
> > Cc: linux-can@vger.kernel.org
> > Cc: bpf@vger.kernel.org
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> > drivers/net/can/usb/etas_es58x/es581_4.h | 2 +-
> > drivers/net/can/usb/etas_es58x/es58x_fd.h | 2 +-
>
> For the can drivers:
>
> Acked-by: Marc Kleine-Budde <mkl@pengutronix.de>
Thanks!
> BTW: Is there opportunity for conversion, too?
>
> | drivers/net/can/peak_canfd/peak_pciefd_main.c:146:32: warning: array of flexible structures
Oh, hrmpf. This isn't a sane use of flex arrays:
struct __packed pucan_rx_msg {
...
__le32 can_id;
u8 d[];
};
struct pciefd_rx_dma {
__le32 irq_status;
__le32 sys_time_low;
__le32 sys_time_high;
struct pucan_rx_msg msg[];
} __packed __aligned(4);
I think that needs to be handled separately. How are you building to get
that warning, by the way? I haven't seen that in my builds...
--
Kees Cook
_______________________________________________
ath10k mailing list
ath10k@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/ath10k
next prev parent reply other threads:[~2021-08-27 16:08 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-26 5:04 [PATCH v2 0/5] Enable -Warray-bounds and -Wzero-length-bounds Kees Cook
2021-08-26 5:04 ` [PATCH v2 1/5] stddef: Add flexible array union helper Kees Cook
2021-08-26 5:04 ` [PATCH v2 2/5] treewide: Replace open-coded flex arrays in unions Kees Cook
2021-08-26 5:04 ` Kees Cook
2021-08-26 6:24 ` Marc Kleine-Budde
2021-08-26 6:24 ` Marc Kleine-Budde
2021-08-27 16:08 ` Kees Cook [this message]
2021-08-27 16:08 ` Kees Cook
2021-08-27 17:08 ` Marc Kleine-Budde
2021-08-27 17:08 ` Marc Kleine-Budde
2021-08-27 16:17 ` Kees Cook
2021-08-27 16:17 ` Kees Cook
2021-08-28 7:31 ` Vincent MAILHOL
2021-08-28 7:31 ` Vincent MAILHOL
2021-08-26 7:36 ` Vincent MAILHOL
2021-08-26 7:36 ` Vincent MAILHOL
2021-08-26 15:39 ` Kees Cook
2021-08-26 15:39 ` Kees Cook
2021-08-26 5:04 ` [PATCH v2 3/5] treewide: Replace 0-element memcpy() destinations with flexible arrays Kees Cook
2021-08-26 5:04 ` Kees Cook
2021-08-26 5:24 ` Keith Packard
2021-08-26 5:24 ` Keith Packard
2021-08-26 5:51 ` Kees Cook
2021-08-26 5:51 ` Kees Cook
2021-08-26 5:04 ` [PATCH v2 4/5] Makefile: Enable -Warray-bounds Kees Cook
2021-08-26 5:04 ` [PATCH v2 5/5] Makefile: Enable -Wzero-length-bounds Kees Cook
2021-08-27 9:25 ` [PATCH v2 1/5] stddef: Add flexible array union helper Vincent Mailhol
2021-08-27 15:39 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202108270906.7C85982525@keescook \
--to=keescook@chromium.org \
--cc=andrii@kernel.org \
--cc=arnd@arndb.de \
--cc=arunachalam.santhanam@in.bosch.com \
--cc=ast@kernel.org \
--cc=ath10k@lists.infradead.org \
--cc=ayush.sawal@chelsio.com \
--cc=bpf@vger.kernel.org \
--cc=clang-built-linux@googlegroups.com \
--cc=dan.j.williams@intel.com \
--cc=daniel.vetter@ffwll.ch \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=gustavoars@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=jejb@linux.ibm.com \
--cc=johannes.berg@intel.com \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=keithp@keithp.com \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=kvalo@codeaurora.org \
--cc=lee.jones@linaro.org \
--cc=linux-can@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=luciano.coelho@intel.com \
--cc=mailhol.vincent@wanadoo.fr \
--cc=martin.petersen@oracle.com \
--cc=mikulas@artax.karlin.mff.cuni.cz \
--cc=mkl@pengutronix.de \
--cc=mordechay.goodstein@intel.com \
--cc=netdev@vger.kernel.org \
--cc=rohitm@chelsio.com \
--cc=songliubraving@fb.com \
--cc=stf_xl@wp.pl \
--cc=vinay.yadav@chelsio.com \
--cc=wg@grandegger.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.