From: Kees Cook <keescook@chromium.org>
To: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: HighPoint Linux Team <linux@highpoint-tech.com>,
"James E.J. Bottomley" <jejb@linux.ibm.com>,
"Martin K. Petersen" <martin.petersen@oracle.com>,
linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH 1/2][next] scsi: hptiop: Replace one-element array with flexible-array member
Date: Fri, 23 Sep 2022 23:01:46 -0700 [thread overview]
Message-ID: <202209232240.747B2B5FCC@keescook> (raw)
In-Reply-To: <6238ccf37798e36d783f5ce5e483e6837e98be79.1663865333.git.gustavoars@kernel.org>
On Thu, Sep 22, 2022 at 11:53:23AM -0500, Gustavo A. R. Silva wrote:
> One-element arrays are deprecated, and we are replacing them with flexible
> array members instead. So, replace one-element array with flexible-array
> member in struct hpt_iop_request_scsi_command and refactor the rest of the
> code, accordingly.
>
> The following pieces of code suggest that the one element of array sg_list
> in struct hpt_iop_request_scsi_command is not taken into account when
> calculating the total size for both struct hpt_iop_request_scsi_command
> and the maximum number of elements sg_list will contain:
>
> 1047 req->header.size = cpu_to_le32(
> 1048 sizeof(struct hpt_iop_request_scsi_command)
> 1049 - sizeof(struct hpt_iopsg)
> 1050 + sg_count * sizeof(struct hpt_iopsg));
>
> 1400 req_size = sizeof(struct hpt_iop_request_scsi_command) 1401 + sizeof(struct hpt_iopsg) * (hba->max_sg_descriptors - 1);
Accidentally merge line above ("1401" should start a new line).
> So it's safe to replace the one-element array with a flexible-array
> member and update the code above, accordingly: now we don't need to
> subtract sizeof(struct hpt_iopsg) from sizeof(struct hpt_iop_request_scsi_command)
> because this is implicitly done by the flex-array transformation.
The only binary output change I see is from the line numbers changing
from the patch, as the argument to __might_sleep() is adjusted:
...
│ call d1 <hptiop_reset+0x74>
│ R_X86_64_PLT32 __x86_indirect_thunk_rax-0x4
│ - mov $0x434,%esi
│ + mov $0x433,%esi
│ mov $0x0,%rdi
│ R_X86_64_32S .rodata.str1.1
│ call e2 <hptiop_reset+0x85>
│ R_X86_64_PLT32 __might_sleep-0x4
...
So this looks good!
Reviewed-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
next prev parent reply other threads:[~2022-09-24 6:01 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-22 16:52 [PATCH 0/2][next] Replace one-element array with flexible-array member Gustavo A. R. Silva
2022-09-22 16:53 ` [PATCH 1/2][next] scsi: hptiop: " Gustavo A. R. Silva
2022-09-24 6:01 ` Kees Cook [this message]
2022-09-22 16:55 ` [PATCH 2/2][next] scsi: hptiop: Use struct_size() helper in code related to struct hpt_iop_request_scsi_command Gustavo A. R. Silva
2022-09-24 6:06 ` Kees Cook
2022-09-25 17:03 ` [PATCH 0/2][next] Replace one-element array with flexible-array member Martin K. Petersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202209232240.747B2B5FCC@keescook \
--to=keescook@chromium.org \
--cc=gustavoars@kernel.org \
--cc=jejb@linux.ibm.com \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=linux@highpoint-tech.com \
--cc=martin.petersen@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.