lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Aug 2022 09:21:54 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     Jason Gunthorpe <jgg@...dia.com>,
        "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Kees Cook <keescook@...omium.org>,
        linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] flexible-array transformations in UAPI for 6.0-rc1

Hi!

On 8/18/22 07:28, Jason Gunthorpe wrote:
> On Mon, Aug 01, 2022 at 03:31:28PM -0500, Gustavo A. R. Silva wrote:
>> The following changes since commit b13baccc3850ca8b8cccbf8ed9912dbaa0fdf7f3:
>>
>>    Linux 5.19-rc2 (2022-06-12 16:11:37 -0700)
>>
>> are available in the Git repository at:
>>
>>    git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git tags/flexible-array-transformations-UAPI-6.0-rc1
>>
>> for you to fetch changes up to 94dfc73e7cf4a31da66b8843f0b9283ddd6b8381:
>>
>>    treewide: uapi: Replace zero-length arrays with flexible-array members (2022-06-28 21:26:05 +0200)
>>
>> ----------------------------------------------------------------
>> flexible-array transformations in UAPI for 6.0-rc1
>>
>> Hi Linus,
>>
>> Please, pull the following treewide patch that replaces zero-length arrays
>> with flexible-array members in UAPI. This patch has been baking in
>> linux-next for 5 weeks now.
>>
>> -fstrict-flex-arrays=3 is coming and we need to land these changes
>> to prevent issues like these in the short future:
>>
>> ../fs/minix/dir.c:337:3: warning: 'strcpy' will always overflow; destination buffer has size 0,
>> but the source string has length 2 (including NUL byte) [-Wfortify-source]
>> 		strcpy(de3->name, ".");
>> 		^
>>
>> Since these are all [0] to [] changes, the risk to UAPI is nearly zero. If
>> this breaks anything, we can use a union with a new member name.
> 
> This has trobuled the RDMA userspace by creating new compiler warnings..
>
> We discussed this and I thought you agreed not to send these changes?

Yep; and as I said in that thread, I went and removed all the changes that
were causing trouble, based on this report by 0-day:

https://lore.kernel.org/lkml/202206241055.Eh9MKMAE-lkp@intel.com/

For instance, 0-day reported this warning:

 >> usr/include/rdma/ib_user_verbs.h:1091:2: warning: field '' with variable sized type 'union ib_uverbs_flow_spec_gre::(anonymous at 
usr/include/rdma/ib_user_verbs.h:1091:2)' not at the end of a struct or class is a GNU extension [-Wgnu-variable-sized-type-not-at-end]
            union {
            ^

then I went to look for the union ib_uverbs_flow_spec_gre and reverted the
change that was causing trouble in struct ib_uverbs_flow_spec_hdr:

gus@...k:~/gustavoars-linux$ git grep -nwW 'ib_uverbs_flow_spec_gre\s{'

include/uapi/rdma/ib_user_verbs.h:1090:struct ib_uverbs_flow_spec_gre {

include/uapi/rdma/ib_user_verbs.h-1091- union {

include/uapi/rdma/ib_user_verbs.h-1092-         struct ib_uverbs_flow_spec_hdr hdr;

include/uapi/rdma/ib_user_verbs.h-1093-         struct {

include/uapi/rdma/ib_user_verbs.h-1094-                 __u32 type;

include/uapi/rdma/ib_user_verbs.h-1095-                 __u16 size;

include/uapi/rdma/ib_user_verbs.h-1096-                 __u16 reserved;

include/uapi/rdma/ib_user_verbs.h-1097-         };

include/uapi/rdma/ib_user_verbs.h-1098- };

include/uapi/rdma/ib_user_verbs.h-1099- struct ib_uverbs_flow_gre_filter     val;

include/uapi/rdma/ib_user_verbs.h-1100- struct ib_uverbs_flow_gre_filter     mask;

include/uapi/rdma/ib_user_verbs.h-1101-};

gus@...k:~/gustavoars-linux$ git grep -nwW 'struct\sib_uverbs_flow_spec_hdr\s{'

include/uapi/rdma/ib_user_verbs.h:900:struct ib_uverbs_flow_spec_hdr {

include/uapi/rdma/ib_user_verbs.h-901-  __u32 type;

include/uapi/rdma/ib_user_verbs.h-902-  __u16 size;

include/uapi/rdma/ib_user_verbs.h-903-  __u16 reserved;

include/uapi/rdma/ib_user_verbs.h-904-  /* followed by flow_spec */

include/uapi/rdma/ib_user_verbs.h-905-  __aligned_u64 flow_spec_data[0];

include/uapi/rdma/ib_user_verbs.h-906-};

and the issue that you reported in:

https://lore.kernel.org/linux-rdma/20220628004052.GM23621@ziepe.ca/

was fixed at the time:

$ git grep -nwW 'struct\sib_uverbs_create_cq_resp\s{'

include/uapi/rdma/ib_user_verbs.h:429:struct ib_uverbs_create_cq_resp {

include/uapi/rdma/ib_user_verbs.h-430-  __u32 cq_handle;

include/uapi/rdma/ib_user_verbs.h-431-  __u32 cqe;

include/uapi/rdma/ib_user_verbs.h-432-  __aligned_u64 driver_data[0];

include/uapi/rdma/ib_user_verbs.h-433-};

However, it would be helpful to know all the details about the warnings
that you are seeing now, so I can take a look. :)

Thanks
--
Gustavo

> 
> https://lore.kernel.org/linux-rdma/20220628135623.GA25163@embeddedor/
> 
> Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ