[PATCH v3][next] acpi: nfit: intel: avoid multiple -Wflex-array-member-not-at-end warnings

linux-hardening.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "Gustavo A. R. Silva" <gustavoars@kernel.org>
To: Dan Williams <dan.j.williams@intel.com>,
	Vishal Verma <vishal.l.verma@intel.com>,
	Dave Jiang <dave.jiang@intel.com>,
	Ira Weiny <ira.weiny@intel.com>,
	"Rafael J. Wysocki" <rafael@kernel.org>,
	Len Brown <lenb@kernel.org>
Cc: nvdimm@lists.linux.dev, linux-acpi@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	"Gustavo A. R. Silva" <gustavoars@kernel.org>,
	linux-hardening@vger.kernel.org, Kees Cook <kees@kernel.org>
Subject: [PATCH v3][next] acpi: nfit: intel: avoid multiple -Wflex-array-member-not-at-end warnings
Date: Wed, 11 Jun 2025 13:52:41 -0600	[thread overview]
Message-ID: <aEneid7gdAZr1_kR@kspp> (raw)

-Wflex-array-member-not-at-end was introduced in GCC-14, and we are
getting ready to enable it, globally.

Refactor multiple structs that contain flexible-array members in the
middle by replacing them with unions.

These changes preserve the memory layout while effectively adjusting
it so that the flexible-array member is always treated as the last
member.

With these changes, fix a dozen instances of the following type of
warning:

drivers/acpi/nfit/intel.c:692:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]

Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
Changes in v3:
 - Use union instead of DEFINE_RAW_FLEX().

Changes in v2:
 - Use DEFINE_RAW_FLEX() instead of __struct_group().
 - Link: https://lore.kernel.org/linux-hardening/Z-QpUcxFCRByYcTA@kspp/ 

v1:
 - Link: https://lore.kernel.org/linux-hardening/Z618ILbAR8YAvTkd@kspp/

 drivers/acpi/nfit/intel.c | 132 +++++++++++++++++++++++++++++++-------
 1 file changed, 108 insertions(+), 24 deletions(-)

diff --git a/drivers/acpi/nfit/intel.c b/drivers/acpi/nfit/intel.c
index 3902759abcba..987d427ec2b6 100644
--- a/drivers/acpi/nfit/intel.c
+++ b/drivers/acpi/nfit/intel.c
@@ -55,9 +55,16 @@ static unsigned long intel_security_flags(struct nvdimm *nvdimm,
 {
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
 	unsigned long security_flags = 0;
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_get_security_state cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_get_security_state cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_GET_SECURITY_STATE,
@@ -120,9 +127,16 @@ static unsigned long intel_security_flags(struct nvdimm *nvdimm,
 static int intel_security_freeze(struct nvdimm *nvdimm)
 {
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_freeze_lock cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_freeze_lock cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_FREEZE_LOCK,
@@ -153,9 +167,16 @@ static int intel_security_change_key(struct nvdimm *nvdimm,
 	unsigned int cmd = ptype == NVDIMM_MASTER ?
 		NVDIMM_INTEL_SET_MASTER_PASSPHRASE :
 		NVDIMM_INTEL_SET_PASSPHRASE;
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_set_passphrase cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_set_passphrase cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_family = NVDIMM_FAMILY_INTEL,
@@ -195,9 +216,16 @@ static int __maybe_unused intel_security_unlock(struct nvdimm *nvdimm,
 		const struct nvdimm_key_data *key_data)
 {
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_unlock_unit cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_unlock_unit cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_UNLOCK_UNIT,
@@ -234,9 +262,16 @@ static int intel_security_disable(struct nvdimm *nvdimm,
 {
 	int rc;
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_disable_passphrase cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_disable_passphrase cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_DISABLE_PASSPHRASE,
@@ -277,9 +312,16 @@ static int __maybe_unused intel_security_erase(struct nvdimm *nvdimm,
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
 	unsigned int cmd = ptype == NVDIMM_MASTER ?
 		NVDIMM_INTEL_MASTER_SECURE_ERASE : NVDIMM_INTEL_SECURE_ERASE;
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_secure_erase cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_secure_erase cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_family = NVDIMM_FAMILY_INTEL,
@@ -318,9 +360,16 @@ static int __maybe_unused intel_security_query_overwrite(struct nvdimm *nvdimm)
 {
 	int rc;
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_query_overwrite cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_query_overwrite cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_QUERY_OVERWRITE,
@@ -354,9 +403,16 @@ static int __maybe_unused intel_security_overwrite(struct nvdimm *nvdimm,
 {
 	int rc;
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_overwrite cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_overwrite cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_OVERWRITE,
@@ -407,9 +463,16 @@ const struct nvdimm_security_ops *intel_security_ops = &__intel_security_ops;
 static int intel_bus_fwa_businfo(struct nvdimm_bus_descriptor *nd_desc,
 		struct nd_intel_bus_fw_activate_businfo *info)
 {
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_bus_fw_activate_businfo cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_bus_fw_activate_businfo cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_BUS_INTEL_FW_ACTIVATE_BUSINFO,
@@ -518,9 +581,16 @@ static enum nvdimm_fwa_capability intel_bus_fwa_capability(
 static int intel_bus_fwa_activate(struct nvdimm_bus_descriptor *nd_desc)
 {
 	struct acpi_nfit_desc *acpi_desc = to_acpi_desc(nd_desc);
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_bus_fw_activate cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_bus_fw_activate cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_BUS_INTEL_FW_ACTIVATE,
@@ -582,9 +652,16 @@ const struct nvdimm_bus_fw_ops *intel_bus_fw_ops = &__intel_bus_fw_ops;
 static int intel_fwa_dimminfo(struct nvdimm *nvdimm,
 		struct nd_intel_fw_activate_dimminfo *info)
 {
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_fw_activate_dimminfo cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_fw_activate_dimminfo cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_FW_ACTIVATE_DIMMINFO,
@@ -688,9 +765,16 @@ static int intel_fwa_arm(struct nvdimm *nvdimm, enum nvdimm_fwa_trigger arm)
 {
 	struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
 	struct acpi_nfit_desc *acpi_desc = nfit_mem->acpi_desc;
-	struct {
+	/*
+	 * This effectively creates a union between the flexible-array member
+	 * and any members after _offset_to_fam.
+	 */
+	union {
 		struct nd_cmd_pkg pkg;
-		struct nd_intel_fw_activate_arm cmd;
+		struct {
+			u8 _offset_to_fam[offsetof(struct nd_cmd_pkg, nd_payload)];
+			struct nd_intel_fw_activate_arm cmd;
+		};
 	} nd_cmd = {
 		.pkg = {
 			.nd_command = NVDIMM_INTEL_FW_ACTIVATE_ARM,
-- 
2.43.0

next             reply	other threads:[~2025-06-11 19:52 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-06-11 19:52 Gustavo A. R. Silva [this message]
2025-06-24 19:46 ` [PATCH v3][next] acpi: nfit: intel: avoid multiple -Wflex-array-member-not-at-end warnings Gustavo A. R. Silva
2025-06-25 16:56 ` Kees Cook
2025-06-25 17:31   ` Gustavo A. R. Silva
2025-06-25 20:33     ` dan.j.williams
2025-06-25 21:08       ` dan.j.williams
2025-06-25 21:43         ` Gustavo A. R. Silva
2025-06-25 22:24           ` dan.j.williams

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3902759abcb dfblob:987d427ec2b )
 OR (
bs:"[PATCH v3][next] acpi: nfit: intel: avoid multiple -Wflex-array-member-not-at-end warnings" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aEneid7gdAZr1_kR@kspp \
    --to=gustavoars@kernel.org \
    --cc=dan.j.williams@intel.com \
    --cc=dave.jiang@intel.com \
    --cc=ira.weiny@intel.com \
    --cc=kees@kernel.org \
    --cc=lenb@kernel.org \
    --cc=linux-acpi@vger.kernel.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nvdimm@lists.linux.dev \
    --cc=rafael@kernel.org \
    --cc=vishal.l.verma@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).