lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 19 May 2022 09:57:12 -0700
From:   Eric Biggers <ebiggers@...nel.org>
To:     Johan Hovold <johan@...nel.org>
Cc:     Zhang Jianhua <chris.zjh@...wei.com>, tytso@....edu,
        linux-fscrypt@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH -next v2] fs-verity: Use struct_size() helper in
 enable_verity()

On Thu, May 19, 2022 at 01:24:45PM +0200, Johan Hovold wrote:
> On Wed, May 18, 2022 at 08:17:59PM -0700, Eric Biggers wrote:
> > On Wed, May 18, 2022 at 08:06:04PM -0700, Eric Biggers wrote:
> > > On Thu, May 19, 2022 at 10:24:50AM +0800, Zhang Jianhua wrote:
> > > > Also, address the following sparse warning:
> > > > fs/verity/enable.c:205:28: warning: using sizeof on a flexible structure
> > > 
> > > How can I reproduce this warning?  I am using the latest version of sparse, and
> > > I don't see any of these warnings you're reporting.
> > > 
> > > $ sparse --version
> > > v0.6.4
> > > $ make C=2 fs/verity/
> > >   CHECK   scripts/mod/empty.c
> > >   CALL    scripts/checksyscalls.sh
> > >   CALL    scripts/atomic/check-atomics.sh
> > >   DESCEND objtool
> > >   CHECK   fs/verity/enable.c
> > >   CHECK   fs/verity/hash_algs.c
> > >   CHECK   fs/verity/init.c
> > >   CHECK   fs/verity/measure.c
> > >   CHECK   fs/verity/open.c
> > >   CHECK   fs/verity/read_metadata.c
> > >   CHECK   fs/verity/verify.c
> > >   CHECK   fs/verity/signature.c
> > > 
> > 
> > 'make C=2 CHECK="sparse -Wflexible-array-sizeof"' does the trick.  However, it
> > produces a *lot* of warnings all over the place.
> > 
> > Unless there is an effort to actually address all of these so that this warning
> > can be enabled by default, I don't see the poinnt in addressing these just for
> > the warnings sake.  The change to fsverity_ioctl_measure() is definitely just
> > for the warning's sake, so I don't really want to do that one.  The change to
> > enable_verity() is a bit less useless, so I could still take that one.
> 
> Importantly, struct_size() still relies on sizeof() so this has zero
> effect on those sparse warnings.
> 

Yeah, you're right.  In fact struct_size() generates two warnings, whereas
directly writing sizeof only generates 1!  So clearly sparse's
-Wflexible-array-sizeof warning is useless as-is.

I'm still keeping this patch, but I updated the commit message to not claim that
it addresses a sparse warning.  Now it's just:

    fs-verity: Use struct_size() helper in enable_verity()

    Follow the best practice for allocating a variable-sized structure.

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ