lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 28 Oct 2023 12:32:57 -0700
From:   James Seo <james@...iv.tech>
To:     Kees Cook <keescook@...omium.org>
Cc:     "Martin K. Petersen" <martin.petersen@...cle.com>,
        Borislav Petkov <bp@...en8.de>,
        Ranjan Kumar <ranjan.kumar@...adcom.com>,
        Sathya Prakash <sathya.prakash@...adcom.com>,
        Sreekanth Reddy <sreekanth.reddy@...adcom.com>,
        Suganath Prabu Subramani 
        <suganath-prabu.subramani@...adcom.com>,
        "James E.J. Bottomley" <jejb@...ux.ibm.com>,
        "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        MPT-FusionLinux.pdl@...adcom.com, linux-scsi@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 00/12] scsi: mpt3sas: Use flexible arrays and do a few
 cleanups

On Tue, Oct 10, 2023 at 05:49:38PM -0700, Kees Cook wrote:
> On Thu, Aug 24, 2023 at 11:00:57PM -0400, Martin K. Petersen wrote:
>> 
>>> Commit df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3") has
>>> resulted in the only arrays that UBSAN_BOUNDS considers unbounded
>>> being trailing arrays declared with [] as the last member of a struct.
>>> Unbounded trailing arrays declared with [1] are common in mpt3sas,
>>> which is causing spurious warnings to appear in some situations, e.g.
>>> when more than one physical disk is connected:
>> 
>> Broadcom: Please review/test. Thanks!
> 
> Another thread ping. Is anyone at broadcom around? I'd really like to
> see this series (or some form of it) land to avoid all these runtime
> warnings...
> 
> -- 
> Kees Cook

Looks like this series was accepted for -rc1. Thanks!

One last thread ping for the Broadcom folks, just in case.

-James Seo

Powered by blists - more mailing lists