lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Aug 2022 15:43:14 -0300 From: Jason Gunthorpe <jgg@...dia.com> To: "Gustavo A. R. Silva" <gustavo@...eddedor.com> Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Kees Cook <keescook@...omium.org>, linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [GIT PULL] flexible-array transformations in UAPI for 6.0-rc1 On Thu, Aug 18, 2022 at 09:21:54AM -0500, Gustavo A. R. Silva wrote: > Hi! > > On 8/18/22 07:28, Jason Gunthorpe wrote: > > On Mon, Aug 01, 2022 at 03:31:28PM -0500, Gustavo A. R. Silva wrote: > > > The following changes since commit b13baccc3850ca8b8cccbf8ed9912dbaa0fdf7f3: > > > > > > Linux 5.19-rc2 (2022-06-12 16:11:37 -0700) > > > > > > are available in the Git repository at: > > > > > > git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git tags/flexible-array-transformations-UAPI-6.0-rc1 > > > > > > for you to fetch changes up to 94dfc73e7cf4a31da66b8843f0b9283ddd6b8381: > > > > > > treewide: uapi: Replace zero-length arrays with flexible-array members (2022-06-28 21:26:05 +0200) > > > > > > ---------------------------------------------------------------- > > > flexible-array transformations in UAPI for 6.0-rc1 > > > > > > Hi Linus, > > > > > > Please, pull the following treewide patch that replaces zero-length arrays > > > with flexible-array members in UAPI. This patch has been baking in > > > linux-next for 5 weeks now. > > > > > > -fstrict-flex-arrays=3 is coming and we need to land these changes > > > to prevent issues like these in the short future: > > > > > > ../fs/minix/dir.c:337:3: warning: 'strcpy' will always overflow; destination buffer has size 0, > > > but the source string has length 2 (including NUL byte) [-Wfortify-source] > > > strcpy(de3->name, "."); > > > ^ > > > > > > Since these are all [0] to [] changes, the risk to UAPI is nearly zero. If > > > this breaks anything, we can use a union with a new member name. > > > > This has trobuled the RDMA userspace by creating new compiler warnings.. > > > > We discussed this and I thought you agreed not to send these changes? > > Yep; and as I said in that thread, I went and removed all the changes that > were causing trouble, based on this report by 0-day: > > https://lore.kernel.org/lkml/202206241055.Eh9MKMAE-lkp@intel.com/ > > For instance, 0-day reported this warning: Yes, I took it for granted that the patch wouldn't cause more kernel warnings :) So, this is what we ended up doing in userspace: https://github.com/linux-rdma/rdma-core/pull/1207 So, maybe it is OK. Jason
Powered by blists - more mailing lists