From: Kees Cook <keescook@chromium.org>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Xin Long <lucien.xin@gmail.com>,
network dev <netdev@vger.kernel.org>,
linux-sctp@vger.kernel.org, davem@davemloft.net,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH net-next 0/6] sctp: fix a plenty of flexible-array-nested warnings
Date: Thu, 14 Dec 2023 08:55:19 -0800 [thread overview]
Message-ID: <202312140839.18D3593E9F@keescook> (raw)
In-Reply-To: <20230419181824.10119070@kernel.org>
On Wed, Apr 19, 2023 at 06:18:24PM -0700, Jakub Kicinski wrote:
> On Wed, 19 Apr 2023 11:16:27 -0400 Xin Long wrote:
> > Paolo noticed a compile warning in SCTP,
> >
> > ../net/sctp/stream_sched_fc.c: note: in included file (through ../include/net/sctp/sctp.h):
> > ../include/net/sctp/structs.h:335:41: warning: array of flexible structures
> >
> > But not only this, there are actually quite a lot of such warnings in
> > some SCTP structs. This patchset fixes most of warnings by deleting
> > these nested flexible array members.
> >
> > After this patchset, there are still some warnings left:
> >
> > # make C=2 CF="-Wflexible-array-nested" M=./net/sctp/
> > ./include/net/sctp/structs.h:1145:41: warning: nested flexible array
> > ./include/uapi/linux/sctp.h:641:34: warning: nested flexible array
> > ./include/uapi/linux/sctp.h:643:34: warning: nested flexible array
> > ./include/uapi/linux/sctp.h:644:33: warning: nested flexible array
> > ./include/uapi/linux/sctp.h:650:40: warning: nested flexible array
> > ./include/uapi/linux/sctp.h:653:39: warning: nested flexible array
> >
> > the 1st is caused by __data[] in struct ip_options, not in SCTP;
> > the others are in uapi, and we should not touch them.
> >
> > Note that instead of completely deleting it, we just leave it as a
> > comment in the struct, signalling to the reader that we do expect
> > such variable parameters over there, as Marcelo suggested.
>
> Hi Kees, is there no workaround for nested flexible arrays within
> the kernel? Any recommendations?
>
> https://lore.kernel.org/all/cover.1681917361.git.lucien.xin@gmail.com/
*thread necromancy*
Hi, I apologize for missing this thread back in April!
There's no need for a work-around: this situation isn't a problem.
Composite structures that end with a flexible array are perfectly valid
(the compiler can unambiguously reason about sizes). So none of these
patches are needed (and actually reduce the compiler's ability to reason
about object sizes). We shouldn't run sparse with -Wflexible-array-nested
as this isn't an actual problem.
The only problem that can happen like this is when a flex array
ends up in the _middle_ of a composite structure, in which
case yes, this needs to be fixed. This check is supported by
GCC 14+ with -Wflex-array-member-not-at-end. For example, see:
https://lore.kernel.org/all/1da736106d8e0806aeafa6e471a13ced490eae22.1698117815.git.gustavoars@kernel.org/
-Kees
--
Kees Cook
next prev parent reply other threads:[~2023-12-14 16:55 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-19 15:16 [PATCH net-next 0/6] sctp: fix a plenty of flexible-array-nested warnings Xin Long
2023-04-19 15:16 ` [PATCH net-next 1/6] sctp: delete the nested flexible array params Xin Long
2023-04-19 15:16 ` [PATCH net-next 2/6] sctp: delete the nested flexible array skip Xin Long
2023-04-19 15:31 ` Stephen Hemminger
2023-04-20 1:20 ` Jakub Kicinski
2023-04-19 15:16 ` [PATCH net-next 3/6] sctp: delete the nested flexible array variable Xin Long
2023-04-19 15:16 ` [PATCH net-next 4/6] sctp: delete the nested flexible array peer_init Xin Long
2023-04-19 15:16 ` [PATCH net-next 5/6] sctp: delete the nested flexible array hmac Xin Long
2023-04-19 15:16 ` [PATCH net-next 6/6] sctp: delete the nested flexible array payload Xin Long
2023-04-20 1:18 ` [PATCH net-next 0/6] sctp: fix a plenty of flexible-array-nested warnings Jakub Kicinski
2023-12-14 16:55 ` Kees Cook [this message]
2023-04-21 7:50 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202312140839.18D3593E9F@keescook \
--to=keescook@chromium.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-sctp@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=marcelo.leitner@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).