From: Zhenyu Wang <zhenyuw@linux.intel.com>
To: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
Cc: intel-gvt-dev@lists.freedesktop.org,
intel-gfx@lists.freedesktop.org, linux-kernel@vger.kernel.org,
dri-devel@lists.freedesktop.org, Daniel Vetter <daniel@ffwll.ch>,
Rodrigo Vivi <rodrigo.vivi@intel.com>,
David Airlie <airlied@gmail.com>,
linux-hardening@vger.kernel.org
Subject: Re: [Intel-gfx] [PATCH] [next] i915/gvt: Replace one-element array with flexible-array member
Date: Tue, 20 Dec 2022 16:29:50 +0800 [thread overview]
Message-ID: <20221220082950.GF30028@zhen-hp.sh.intel.com> (raw)
In-Reply-To: <Y6Eu2604cqtryP4g@mail.google.com>
[-- Attachment #1: Type: text/plain, Size: 3876 bytes --]
On 2022.12.20 16:41:15 +1300, Paulo Miguel Almeida wrote:
> One-element arrays are deprecated, and we are replacing them with
> flexible array members instead. So, replace one-element array with
> flexible-array member in struct gvt_firmware_header and refactor the
> rest of the code accordingly.
>
> Additionally, previous implementation was allocating 8 bytes more than
> required to represent firmware_header + cfg_space data + mmio data.
>
> This helps with the ongoing efforts to tighten the FORTIFY_SOURCE
> routines on memcpy() and help us make progress towards globally
> enabling -fstrict-flex-arrays=3 [1].
>
> Link: https://github.com/KSPP/linux/issues/79
> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1]
> Signed-off-by: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
> ---
> To make reviewing this patch easier, I'm pasting before/after struct
> sizes.
>
> pahole -C gvt_firmware_header before/drivers/gpu/drm/i915/gvt/firmware.o
> struct gvt_firmware_header {
> u64 magic; /* 0 8 */
> u32 crc32; /* 8 4 */
> u32 version; /* 12 4 */
> u64 cfg_space_size; /* 16 8 */
> u64 cfg_space_offset; /* 24 8 */
> u64 mmio_size; /* 32 8 */
> u64 mmio_offset; /* 40 8 */
> unsigned char data[1]; /* 48 1 */
>
> /* size: 56, cachelines: 1, members: 8 */
> /* padding: 7 */
> /* last cacheline: 56 bytes */
> };
>
> pahole -C gvt_firmware_header after/drivers/gpu/drm/i915/gvt/firmware.o
> struct gvt_firmware_header {
> u64 magic; /* 0 8 */
> u32 crc32; /* 8 4 */
> u32 version; /* 12 4 */
> u64 cfg_space_size; /* 16 8 */
> u64 cfg_space_offset; /* 24 8 */
> u64 mmio_size; /* 32 8 */
> u64 mmio_offset; /* 40 8 */
> unsigned char data[]; /* 48 0 */
>
> /* size: 48, cachelines: 1, members: 8 */
> /* last cacheline: 48 bytes */
> };
>
> As you can see the additional byte of the fake-flexible array (data[1])
> forced the compiler to pad the struct but those bytes aren't actually used
> as first & last bytes (of both cfg_space and mmio) are controlled by the
> <>_size and <>_offset members present in the gvt_firmware_header struct.
> ---
> drivers/gpu/drm/i915/gvt/firmware.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/i915/gvt/firmware.c b/drivers/gpu/drm/i915/gvt/firmware.c
> index a683c22d5b64..dce93738e98a 100644
> --- a/drivers/gpu/drm/i915/gvt/firmware.c
> +++ b/drivers/gpu/drm/i915/gvt/firmware.c
> @@ -45,7 +45,7 @@ struct gvt_firmware_header {
> u64 cfg_space_offset; /* offset in the file */
> u64 mmio_size;
> u64 mmio_offset; /* offset in the file */
> - unsigned char data[1];
> + unsigned char data[];
> };
>
> #define dev_to_drm_minor(d) dev_get_drvdata((d))
> @@ -77,7 +77,7 @@ static int expose_firmware_sysfs(struct intel_gvt *gvt)
> unsigned long size, crc32_start;
> int ret;
>
> - size = sizeof(*h) + info->mmio_size + info->cfg_space_size;
> + size = offsetof(struct gvt_firmware_header, data) + info->mmio_size + info->cfg_space_size;
> firmware = vzalloc(size);
> if (!firmware)
> return -ENOMEM;
> --
Looks good to me.
Reviewed-by: Zhenyu Wang <zhenyuw@linux.intel.com>
Thanks!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Zhenyu Wang <zhenyuw@linux.intel.com>
To: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
Cc: Zhi Wang <zhi.a.wang@intel.com>,
Jani Nikula <jani.nikula@linux.intel.com>,
Joonas Lahtinen <joonas.lahtinen@linux.intel.com>,
Rodrigo Vivi <rodrigo.vivi@intel.com>,
Tvrtko Ursulin <tvrtko.ursulin@linux.intel.com>,
David Airlie <airlied@gmail.com>, Daniel Vetter <daniel@ffwll.ch>,
intel-gvt-dev@lists.freedesktop.org,
intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH] [next] i915/gvt: Replace one-element array with flexible-array member
Date: Tue, 20 Dec 2022 16:29:50 +0800 [thread overview]
Message-ID: <20221220082950.GF30028@zhen-hp.sh.intel.com> (raw)
In-Reply-To: <Y6Eu2604cqtryP4g@mail.google.com>
[-- Attachment #1: Type: text/plain, Size: 3876 bytes --]
On 2022.12.20 16:41:15 +1300, Paulo Miguel Almeida wrote:
> One-element arrays are deprecated, and we are replacing them with
> flexible array members instead. So, replace one-element array with
> flexible-array member in struct gvt_firmware_header and refactor the
> rest of the code accordingly.
>
> Additionally, previous implementation was allocating 8 bytes more than
> required to represent firmware_header + cfg_space data + mmio data.
>
> This helps with the ongoing efforts to tighten the FORTIFY_SOURCE
> routines on memcpy() and help us make progress towards globally
> enabling -fstrict-flex-arrays=3 [1].
>
> Link: https://github.com/KSPP/linux/issues/79
> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1]
> Signed-off-by: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
> ---
> To make reviewing this patch easier, I'm pasting before/after struct
> sizes.
>
> pahole -C gvt_firmware_header before/drivers/gpu/drm/i915/gvt/firmware.o
> struct gvt_firmware_header {
> u64 magic; /* 0 8 */
> u32 crc32; /* 8 4 */
> u32 version; /* 12 4 */
> u64 cfg_space_size; /* 16 8 */
> u64 cfg_space_offset; /* 24 8 */
> u64 mmio_size; /* 32 8 */
> u64 mmio_offset; /* 40 8 */
> unsigned char data[1]; /* 48 1 */
>
> /* size: 56, cachelines: 1, members: 8 */
> /* padding: 7 */
> /* last cacheline: 56 bytes */
> };
>
> pahole -C gvt_firmware_header after/drivers/gpu/drm/i915/gvt/firmware.o
> struct gvt_firmware_header {
> u64 magic; /* 0 8 */
> u32 crc32; /* 8 4 */
> u32 version; /* 12 4 */
> u64 cfg_space_size; /* 16 8 */
> u64 cfg_space_offset; /* 24 8 */
> u64 mmio_size; /* 32 8 */
> u64 mmio_offset; /* 40 8 */
> unsigned char data[]; /* 48 0 */
>
> /* size: 48, cachelines: 1, members: 8 */
> /* last cacheline: 48 bytes */
> };
>
> As you can see the additional byte of the fake-flexible array (data[1])
> forced the compiler to pad the struct but those bytes aren't actually used
> as first & last bytes (of both cfg_space and mmio) are controlled by the
> <>_size and <>_offset members present in the gvt_firmware_header struct.
> ---
> drivers/gpu/drm/i915/gvt/firmware.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/i915/gvt/firmware.c b/drivers/gpu/drm/i915/gvt/firmware.c
> index a683c22d5b64..dce93738e98a 100644
> --- a/drivers/gpu/drm/i915/gvt/firmware.c
> +++ b/drivers/gpu/drm/i915/gvt/firmware.c
> @@ -45,7 +45,7 @@ struct gvt_firmware_header {
> u64 cfg_space_offset; /* offset in the file */
> u64 mmio_size;
> u64 mmio_offset; /* offset in the file */
> - unsigned char data[1];
> + unsigned char data[];
> };
>
> #define dev_to_drm_minor(d) dev_get_drvdata((d))
> @@ -77,7 +77,7 @@ static int expose_firmware_sysfs(struct intel_gvt *gvt)
> unsigned long size, crc32_start;
> int ret;
>
> - size = sizeof(*h) + info->mmio_size + info->cfg_space_size;
> + size = offsetof(struct gvt_firmware_header, data) + info->mmio_size + info->cfg_space_size;
> firmware = vzalloc(size);
> if (!firmware)
> return -ENOMEM;
> --
Looks good to me.
Reviewed-by: Zhenyu Wang <zhenyuw@linux.intel.com>
Thanks!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Zhenyu Wang <zhenyuw@linux.intel.com>
To: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
Cc: Tvrtko Ursulin <tvrtko.ursulin@linux.intel.com>,
intel-gvt-dev@lists.freedesktop.org,
intel-gfx@lists.freedesktop.org, linux-kernel@vger.kernel.org,
dri-devel@lists.freedesktop.org,
Rodrigo Vivi <rodrigo.vivi@intel.com>,
Zhi Wang <zhi.a.wang@intel.com>,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH] [next] i915/gvt: Replace one-element array with flexible-array member
Date: Tue, 20 Dec 2022 16:29:50 +0800 [thread overview]
Message-ID: <20221220082950.GF30028@zhen-hp.sh.intel.com> (raw)
In-Reply-To: <Y6Eu2604cqtryP4g@mail.google.com>
[-- Attachment #1: Type: text/plain, Size: 3876 bytes --]
On 2022.12.20 16:41:15 +1300, Paulo Miguel Almeida wrote:
> One-element arrays are deprecated, and we are replacing them with
> flexible array members instead. So, replace one-element array with
> flexible-array member in struct gvt_firmware_header and refactor the
> rest of the code accordingly.
>
> Additionally, previous implementation was allocating 8 bytes more than
> required to represent firmware_header + cfg_space data + mmio data.
>
> This helps with the ongoing efforts to tighten the FORTIFY_SOURCE
> routines on memcpy() and help us make progress towards globally
> enabling -fstrict-flex-arrays=3 [1].
>
> Link: https://github.com/KSPP/linux/issues/79
> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1]
> Signed-off-by: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
> ---
> To make reviewing this patch easier, I'm pasting before/after struct
> sizes.
>
> pahole -C gvt_firmware_header before/drivers/gpu/drm/i915/gvt/firmware.o
> struct gvt_firmware_header {
> u64 magic; /* 0 8 */
> u32 crc32; /* 8 4 */
> u32 version; /* 12 4 */
> u64 cfg_space_size; /* 16 8 */
> u64 cfg_space_offset; /* 24 8 */
> u64 mmio_size; /* 32 8 */
> u64 mmio_offset; /* 40 8 */
> unsigned char data[1]; /* 48 1 */
>
> /* size: 56, cachelines: 1, members: 8 */
> /* padding: 7 */
> /* last cacheline: 56 bytes */
> };
>
> pahole -C gvt_firmware_header after/drivers/gpu/drm/i915/gvt/firmware.o
> struct gvt_firmware_header {
> u64 magic; /* 0 8 */
> u32 crc32; /* 8 4 */
> u32 version; /* 12 4 */
> u64 cfg_space_size; /* 16 8 */
> u64 cfg_space_offset; /* 24 8 */
> u64 mmio_size; /* 32 8 */
> u64 mmio_offset; /* 40 8 */
> unsigned char data[]; /* 48 0 */
>
> /* size: 48, cachelines: 1, members: 8 */
> /* last cacheline: 48 bytes */
> };
>
> As you can see the additional byte of the fake-flexible array (data[1])
> forced the compiler to pad the struct but those bytes aren't actually used
> as first & last bytes (of both cfg_space and mmio) are controlled by the
> <>_size and <>_offset members present in the gvt_firmware_header struct.
> ---
> drivers/gpu/drm/i915/gvt/firmware.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/i915/gvt/firmware.c b/drivers/gpu/drm/i915/gvt/firmware.c
> index a683c22d5b64..dce93738e98a 100644
> --- a/drivers/gpu/drm/i915/gvt/firmware.c
> +++ b/drivers/gpu/drm/i915/gvt/firmware.c
> @@ -45,7 +45,7 @@ struct gvt_firmware_header {
> u64 cfg_space_offset; /* offset in the file */
> u64 mmio_size;
> u64 mmio_offset; /* offset in the file */
> - unsigned char data[1];
> + unsigned char data[];
> };
>
> #define dev_to_drm_minor(d) dev_get_drvdata((d))
> @@ -77,7 +77,7 @@ static int expose_firmware_sysfs(struct intel_gvt *gvt)
> unsigned long size, crc32_start;
> int ret;
>
> - size = sizeof(*h) + info->mmio_size + info->cfg_space_size;
> + size = offsetof(struct gvt_firmware_header, data) + info->mmio_size + info->cfg_space_size;
> firmware = vzalloc(size);
> if (!firmware)
> return -ENOMEM;
> --
Looks good to me.
Reviewed-by: Zhenyu Wang <zhenyuw@linux.intel.com>
Thanks!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
next prev parent reply other threads:[~2022-12-20 8:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-20 3:41 [Intel-gfx] [PATCH] [next] i915/gvt: Replace one-element array with flexible-array member Paulo Miguel Almeida
2022-12-20 3:41 ` Paulo Miguel Almeida
2022-12-20 3:41 ` Paulo Miguel Almeida
2022-12-20 8:29 ` Zhenyu Wang [this message]
2022-12-20 8:29 ` Zhenyu Wang
2022-12-20 8:29 ` Zhenyu Wang
2022-12-22 12:17 ` [Intel-gfx] ✓ Fi.CI.BAT: success for " Patchwork
2022-12-22 17:32 ` [Intel-gfx] ✓ Fi.CI.IGT: " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221220082950.GF30028@zhen-hp.sh.intel.com \
--to=zhenyuw@linux.intel.com \
--cc=airlied@gmail.com \
--cc=daniel@ffwll.ch \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
--cc=intel-gvt-dev@lists.freedesktop.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paulo.miguel.almeida.rodenas@gmail.com \
--cc=rodrigo.vivi@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.