lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202209261920.3A2EA07D4@keescook>
Date:   Mon, 26 Sep 2022 19:22:30 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        Subash Abhinov Kasiviswanathan <quic_subashab@...cinc.com>,
        Sean Tranchetti <quic_stranche@...cinc.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] net: ethernet: rmnet: Replace zero-length array
 with DECLARE_FLEX_ARRAY() helper

On Mon, Sep 26, 2022 at 05:26:04PM -0700, Jakub Kicinski wrote:
> On Mon, 26 Sep 2022 15:02:48 -0700 Kees Cook wrote:
> > On Mon, Sep 26, 2022 at 04:50:03PM -0500, Gustavo A. R. Silva wrote:
> > > Zero-length arrays are deprecated and we are moving towards adopting
> > > C99 flexible-array members, instead. So, replace zero-length arrays
> > > declarations in anonymous union with the new DECLARE_FLEX_ARRAY()
> > > helper macro.
> > > 
> > > This helper allows for flexible-array members in unions.
> > > 
> > > Link: https://github.com/KSPP/linux/issues/193
> > > Link: https://github.com/KSPP/linux/issues/221
> > > Link: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
> > > Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>  
> > 
> > Reviewed-by: Kees Cook <keescook@...omium.org>
> 
> Not directly related to this patch, but I just had to look at pahole
> output for sk_buff and the struct_group() stuff makes is really painful
> to read :/ Offsets for the members are relative to the "group" and they
> are all repeated.
> 
> Is there any chance you could fix that? Before we sprinkle more pixie
> dust around, perhaps?

Unfortunately I don't see a way around it until we can make changes to
the C language spec, and that's measured in decades. :(

Perhaps we could add some kind of heuristic to pahole to "hide" one of
the internal struct_group() copies, and to hide the empty flexible-array
wrapper structs? (pahole already can't tell the difference between a
0-length array and a flexible-array.) Would that be workable?

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ