| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200616045155.GA2728@embeddedor>
Date: Mon, 15 Jun 2020 23:51:55 -0500
From: "Gustavo A. R. Silva" <gustavoars@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Kees Cook <keescook@...omium.org>,
Greg KH <gregkh@...uxfoundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>
Subject: [GIT PULL v2] flexible-array member conversion patches for 5.8-rc2
Hi Linus,
v2 of today's pull request. I considerably reduced the size of the changelog
text for all the patches, while at the same time, pointing people to where
they can read further details about the changes, in case they want/need to.
I also reduced the size and modified the commit message for the pull request.
It no longer contains the part about the one-element arrays.
Thanks
--
Gustavo
The following changes since commit b3a9e3b9622ae10064826dccb4f7a52bd88c7407:
Linux 5.8-rc1 (2020-06-14 12:45:04 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git tags/flex-array-conversions-5.8-rc2
for you to fetch changes up to 76fafbfffb447d2a5a95d5a9486b0217c00f9785:
w1: Replace zero-length array with flexible-array (2020-06-15 23:08:32 -0500)
----------------------------------------------------------------
flexible-array member conversion patches for 5.8-rc2
Hi Linus,
Please, pull the following patches that replace zero-length arrays with
flexible-array members.
Notice that all of these patches have been baking in linux-next for
two development cycles now.
There is a regular need in the kernel to provide a way to declare having a
dynamically sized set of trailing elements in a structure. Kernel code should
always use “flexible array members”[1] for these cases. The older style of
one-element or zero-length arrays should no longer be used[2].
C99 introduced “flexible array members”, which lacks a numeric size for the
array declaration entirely:
struct something {
size_t count;
struct foo items[];
};
This is the way the kernel expects dynamically sized trailing elements to be
declared. It allows the compiler to generate errors when the flexible array
does not occur last in the structure, which helps to prevent some kind of
undefined behavior[3] bugs from being inadvertently introduced to the codebase.
It also allows the compiler to correctly analyze array sizes (via sizeof(),
CONFIG_FORTIFY_SOURCE, and CONFIG_UBSAN_BOUNDS). For instance, there is no
mechanism that warns us that the following application of the sizeof() operator
to a zero-length array always results in zero:
struct something {
size_t count;
struct foo items[0];
};
struct something *instance;
instance = kmalloc(struct_size(instance, items, count), GFP_KERNEL);
instance->count = count;
size = sizeof(instance->items) * instance->count;
memcpy(instance->items, source, size);
At the last line of code above, size turns out to be zero, when one might have
thought it represents the total size in bytes of the dynamic memory recently
allocated for the trailing array items. Here are a couple examples of this
issue[4][5]. Instead, flexible array members have incomplete type, and so the
sizeof() operator may not be applied[6], so any misuse of such operators will
be immediately noticed at build time.
The cleanest and least error-prone way to implement this is through the use of
a flexible array member:
struct something {
size_t count;
struct foo items[];
};
struct something *instance;
instance = kmalloc(struct_size(instance, items, count), GFP_KERNEL);
instance->count = count;
size = sizeof(instance->items[0]) * instance->count;
memcpy(instance->items, source, size);
Thanks
--
Gustavo
[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] https://github.com/KSPP/linux/issues/21
[3] https://git.kernel.org/linus/76497732932f15e7323dc805e8ea8dc11bb587cf
[4] https://git.kernel.org/linus/f2cd32a443da694ac4e28fbf4ac6f9d5cc63a539
[5] https://git.kernel.org/linus/ab91c2a89f86be2898cee208d492816ec238b2cf
[6] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
----------------------------------------------------------------
Gustavo A. R. Silva (41):
firmware: dmi-sysfs: Replace zero-length array with flexible-array member
firmware: google: memconsole: Replace zero-length array with flexible-array member
firmware: google: vpd: Replace zero-length array with flexible-array member
aio: Replace zero-length array with flexible-array
ARM: tegra: Replace zero-length array with flexible-array
dmaengine: Replace zero-length array with flexible-array
can: peak_canfd: Replace zero-length array with flexible-array
can: Replace zero-length array with flexible-array
crypto: Replace zero-length array with flexible-array
drbd: Replace zero-length array with flexible-array
drm/edid: Replace zero-length array with flexible-array
cb710: Replace zero-length array with flexible-array
firewire: ohci: Replace zero-length array with flexible-array
FS-Cache: Replace zero-length array with flexible-array
ia64: kernel: unwind_i.h: Replace zero-length array with flexible-array
samples: mei: Replace zero-length array with flexible-array
ibft: Replace zero-length array with flexible-array
jffs2: Replace zero-length array with flexible-array
KVM: Replace zero-length array with flexible-array
kexec: Replace zero-length array with flexible-array
keys: encrypted-type: Replace zero-length array with flexible-array
kprobes: Replace zero-length array with flexible-array
libata: Replace zero-length array with flexible-array
tools/testing/nvdimm: Replace zero-length array with flexible-array
block: Replace zero-length array with flexible-array
oprofile: Replace zero-length array with flexible-array
firmware: pcdp: Replace zero-length array with flexible-array
media: pwc: Replace zero-length array with flexible-array
rapidio: Replace zero-length array with flexible-array
RxRPC: Replace zero-length array with flexible-array
phy: samsung: Replace zero-length array with flexible-array
sctp: Replace zero-length array with flexible-array
ima: Replace zero-length array with flexible-array
ASoC: SOF: Replace zero-length array with flexible-array
Squashfs: Replace zero-length array with flexible-array
stm class: Replace zero-length array with flexible-array
dmaengine: tegra-apb: Replace zero-length array with flexible-array
tifm: Replace zero-length array with flexible-array
soc: ti: Replace zero-length array with flexible-array
tracing/probe: Replace zero-length array with flexible-array
w1: Replace zero-length array with flexible-array
arch/ia64/kernel/unwind_i.h | 2 +-
block/partitions/ldm.h | 2 +-
drivers/amba/tegra-ahb.c | 2 +-
drivers/block/drbd/drbd_int.h | 2 +-
drivers/block/drbd/drbd_protocol.h | 8 +++---
drivers/crypto/chelsio/chcr_crypto.h | 8 +++---
drivers/dma/milbeaut-hdmac.c | 2 +-
drivers/dma/milbeaut-xdmac.c | 2 +-
drivers/dma/moxart-dma.c | 2 +-
drivers/dma/tegra20-apb-dma.c | 2 +-
drivers/dma/ti/edma.c | 2 +-
drivers/dma/ti/k3-udma.c | 2 +-
drivers/dma/timb_dma.c | 2 +-
drivers/firewire/core-cdev.c | 2 +-
drivers/firewire/core-transaction.c | 2 +-
drivers/firewire/core.h | 2 +-
drivers/firewire/nosy.c | 2 +-
drivers/firewire/ohci.c | 2 +-
drivers/firmware/dmi-sysfs.c | 2 +-
drivers/firmware/google/memconsole-coreboot.c | 2 +-
drivers/firmware/google/vpd.c | 2 +-
drivers/firmware/iscsi_ibft.c | 2 +-
drivers/firmware/pcdp.h | 2 +-
drivers/hwtracing/stm/policy.c | 2 +-
drivers/hwtracing/stm/stm.h | 4 +--
drivers/media/usb/pwc/pwc.h | 2 +-
drivers/net/can/peak_canfd/peak_pciefd_main.c | 4 +--
drivers/oprofile/cpu_buffer.h | 2 +-
drivers/phy/samsung/phy-samsung-usb2.h | 2 +-
drivers/rapidio/rio-scan.c | 2 +-
drivers/soc/ti/knav_qmss.h | 2 +-
drivers/w1/w1_netlink.h | 4 +--
fs/aio.c | 2 +-
fs/jffs2/nodelist.h | 2 +-
fs/jffs2/summary.h | 4 +--
fs/squashfs/squashfs_fs.h | 16 ++++++------
include/drm/drm_displayid.h | 2 +-
include/keys/encrypted-type.h | 2 +-
include/keys/rxrpc-type.h | 4 +--
include/linux/can/skb.h | 2 +-
include/linux/cb710.h | 2 +-
include/linux/dmaengine.h | 4 +--
include/linux/fscache-cache.h | 2 +-
include/linux/kexec.h | 2 +-
include/linux/kprobes.h | 2 +-
include/linux/kvm_host.h | 2 +-
include/linux/libata.h | 2 +-
include/linux/sctp.h | 36 +++++++++++++--------------
include/linux/tifm.h | 2 +-
kernel/trace/trace_probe.h | 2 +-
samples/mei/mei-amt-version.c | 2 +-
security/integrity/integrity.h | 4 +--
sound/soc/sof/probe.h | 8 +++---
tools/testing/nvdimm/test/nfit_test.h | 6 ++---
54 files changed, 96 insertions(+), 96 deletions(-)
Powered by blists - more mailing lists