From: Kees Cook <kees@kernel.org>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Kees Cook <kees@kernel.org>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Andrew Lunn <andrew@lunn.ch>,
"Kory Maincent (Dent Project)" <kory.maincent@bootlin.com>,
Michael Chan <michael.chan@broadcom.com>,
Andrew Lunn <andrew+netdev@lunn.ch>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
Potnuri Bharat Teja <bharat@chelsio.com>,
Christian Benvenuti <benve@cisco.com>,
Satish Kharat <satishkh@cisco.com>,
Manish Chopra <manishc@marvell.com>,
Simon Horman <horms@kernel.org>,
Edward Cree <ecree.xilinx@gmail.com>,
Przemek Kitszel <przemyslaw.kitszel@intel.com>,
Heiner Kallweit <hkallweit1@gmail.com>,
Ahmed Zaki <ahmed.zaki@intel.com>,
Rahul Rameshbabu <rrameshbabu@nvidia.com>,
Ido Schimmel <idosch@nvidia.com>,
Maxime Chevallier <maxime.chevallier@bootlin.com>,
Takeru Hayasaka <hayatake396@gmail.com>,
Jonathan Corbet <corbet@lwn.net>,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: [PATCH 3/3] UAPI: ethtool: Avoid flex-array in struct ethtool_link_settings
Date: Fri, 15 Nov 2024 12:43:05 -0800 [thread overview]
Message-ID: <20241115204308.3821419-3-kees@kernel.org> (raw)
In-Reply-To: <20241115204115.work.686-kees@kernel.org>
struct ethtool_link_settings tends to be used as a header for other
structures that have trailing bytes[1], but has a trailing flexible array
itself. Using this overlapped with other structures leads to ambiguous
object sizing in the compiler, so we want to avoid such situations (which
have caused real bugs in the past). Detecting this can be done with
-Wflex-array-member-not-at-end, which will need to be enabled globally.
Using a tagged struct_group() to create a new ethtool_link_settings_hdr
structure isn't possible as it seems we cannot use the tagged variant of
struct_group() due to syntax issues from C++'s perspective (even within
"extern C")[2]. Instead, we can just leave the offending member defined
in UAPI and remove it from the kernel's view of the structure, as Linux
doesn't actually use this member at all. There is also no change in
size since it was already a flexible array that didn't contribute to
size returned by any use of sizeof().
Reported-by: Jakub Kicinski <kuba@kernel.org>
Closes: https://lore.kernel.org/lkml/20241109100213.262a2fa0@kernel.org/ [2]
Link: https://lore.kernel.org/lkml/0bc2809fe2a6c11dd4c8a9a10d9bd65cccdb559b.1730238285.git.gustavoars@kernel.org/ [1]
Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Andrew Lunn <andrew@lunn.ch>
Cc: "Kory Maincent (Dent Project)" <kory.maincent@bootlin.com>
---
include/uapi/linux/ethtool.h | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/include/uapi/linux/ethtool.h b/include/uapi/linux/ethtool.h
index c405ed63acfa..7e1b3820f91f 100644
--- a/include/uapi/linux/ethtool.h
+++ b/include/uapi/linux/ethtool.h
@@ -2526,12 +2526,19 @@ struct ethtool_link_settings {
__u8 master_slave_state;
__u8 rate_matching;
__u32 reserved[7];
+#ifndef __KERNEL__
+ /* Linux builds with -Wflex-array-member-not-at-end but does
+ * not use the "link_mode_masks" member. Leave it defined for
+ * userspace for now, and when userspace wants to start using
+ * -Wfamnae, we'll need a new solution.
+ */
__u32 link_mode_masks[];
/* layout of link_mode_masks fields:
* __u32 map_supported[link_mode_masks_nwords];
* __u32 map_advertising[link_mode_masks_nwords];
* __u32 map_lp_advertising[link_mode_masks_nwords];
*/
+#endif
};
/**
--
2.34.1
next prev parent reply other threads:[~2024-11-15 20:43 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-15 20:43 [PATCH 0/3] UAPI: ethtool: Avoid flex-array in struct ethtool_link_settings Kees Cook
2024-11-15 20:43 ` [PATCH 1/3] Revert "net: ethtool: Avoid thousands of -Wflex-array-member-not-at-end warnings" Kees Cook
2024-11-15 20:43 ` [PATCH 2/3] Revert "UAPI: ethtool: Use __struct_group() in struct ethtool_link_settings" Kees Cook
2024-11-15 20:43 ` Kees Cook [this message]
2024-11-15 21:50 ` [PATCH 3/3] UAPI: ethtool: Avoid flex-array in struct ethtool_link_settings Jakub Kicinski
2024-11-19 4:00 ` [PATCH 0/3] " patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241115204308.3821419-3-kees@kernel.org \
--to=kees@kernel.org \
--cc=ahmed.zaki@intel.com \
--cc=andrew+netdev@lunn.ch \
--cc=andrew@lunn.ch \
--cc=benve@cisco.com \
--cc=bharat@chelsio.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=ecree.xilinx@gmail.com \
--cc=edumazet@google.com \
--cc=gustavoars@kernel.org \
--cc=hayatake396@gmail.com \
--cc=hkallweit1@gmail.com \
--cc=horms@kernel.org \
--cc=idosch@nvidia.com \
--cc=kory.maincent@bootlin.com \
--cc=kuba@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=manishc@marvell.com \
--cc=maxime.chevallier@bootlin.com \
--cc=michael.chan@broadcom.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=przemyslaw.kitszel@intel.com \
--cc=rrameshbabu@nvidia.com \
--cc=satishkh@cisco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).