lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 26 Mar 2021 09:10:15 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     David Laight <David.Laight@...LAB.COM>,
        "'Gustavo A. R. Silva'" <gustavoars@...nel.org>,
        "J. Bruce Fields" <bfields@...ldses.org>,
        Chuck Lever <chuck.lever@...cle.com>
Cc:     "linux-nfs@...r.kernel.org" <linux-nfs@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>
Subject: Re: [PATCH][next] UAPI: nfsfh.h: Replace one-element array with
 flexible-array member



On 3/26/21 03:17, David Laight wrote:
> From: Gustavo A. R. Silva
>> Sent: 25 March 2021 21:12
>>
>> On 3/25/21 10:29, David Laight wrote:
>>
>>>>>
>>>>> Could you use the simpler:
>>>>>> struct nfs_fhbase_new {
>>>>>>          __u8       fb_version;
>>>>>>          __u8       fb_auth_type;
>>>>>>          __u8       fb_fsid_type;
>>>>>>          __u8       fb_fileid_type;
>>>>>>          union {
>>>>>>                 __u32      fb_auth[1];
>>>>>>                 __u32      fb_auth_flex[0];
>>>>>>          };
>>>>>> };
>>>>>
>>>>> Although I'm not certain flexible arrays are supported
>>>>> as the last element of a union.
>>>>
>>>> Nope; this is not allowed: https://godbolt.org/z/14vd4o8na
>>>
>>> Nothing an extra 'struct {__u32 fb_auth_flex[0]; }'; won't solve.
>>
>> We don't want to introduce zero-length arrays [1].
> 
> I probably meant to write [] not [0] - doesn't affect the idea.
> 
> The real problem is that the compiler is likely to start rejecting
> references to a flex array that go beyond the end of the outer
> structure.
> 
> Thinking back, isn't fb_auth[] at least one entry long?
> So it could be:
> 
> struct nfs_fhbase_new {
>          __u8       fb_version;
>          __u8       fb_auth_type;
>          __u8       fb_fsid_type;
>          __u8       fb_fileid_type;
>          __u32      fb_auth[1];
>          __u32      fb_auth_extra[];
> };

I don't think this is a great idea because, contrary to the change I'm
proposing, in this case memory regions for fb_auth and fb_auth_extra
don't actually overlap.

--
Gustavo

Powered by blists - more mailing lists