lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241031213208.gzr5jv2kg5eobjuo@quack3>
Date: Thu, 31 Oct 2024 22:32:08 +0100
From: Jan Kara <jack@...e.cz>
To: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Cc: Jan Kara <jack@...e.cz>, "Gustavo A. R. Silva" <gustavoars@...nel.org>,
	Theodore Ts'o <tytso@....edu>, Jan Kara <jack@...e.com>,
	linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] jbd2: Avoid dozens of
 -Wflex-array-member-not-at-end warnings

On Thu 31-10-24 09:54:36, Gustavo A. R. Silva wrote:
> On 31/10/24 06:33, Jan Kara wrote:
> > On Fri 25-10-24 13:32:58, Gustavo A. R. Silva wrote:
> > > -Wflex-array-member-not-at-end was introduced in GCC-14, and we
> > > are getting ready to enable it, globally.
> > > 
> > > Use the `DEFINE_RAW_FLEX()` helper for an on-stack definition of
> > > a flexible structure (`struct shash_desc`) where the size of the
> > > flexible-array member (`__ctx`) is known at compile-time, and
> > > refactor the rest of the code, accordingly.
> > > 
> > > So, with this, fix 77 of the following warnings:
> > > 
> > > include/linux/jbd2.h:1800:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
> > > 
> > > Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
> > > ---
> > >   include/linux/jbd2.h | 13 +++++--------
> > >   1 file changed, 5 insertions(+), 8 deletions(-)
> > > 
> > > diff --git a/include/linux/jbd2.h b/include/linux/jbd2.h
> > > index 8aef9bb6ad57..ce4560e62d3b 100644
> > > --- a/include/linux/jbd2.h
> > > +++ b/include/linux/jbd2.h
> > > @@ -1796,22 +1796,19 @@ static inline unsigned long jbd2_log_space_left(journal_t *journal)
> > >   static inline u32 jbd2_chksum(journal_t *journal, u32 crc,
> > >   			      const void *address, unsigned int length)
> > >   {
> > > -	struct {
> > > -		struct shash_desc shash;
> > > -		char ctx[JBD_MAX_CHECKSUM_SIZE];
> > > -	} desc;
> > > +	DEFINE_RAW_FLEX(struct shash_desc, desc, __ctx, 1);
> > 
> > Am I missing some magic here or the 1 above should be
> > JBD_MAX_CHECKSUM_SIZE?
> 
> This seems to be 32-bit code, and the element type of the flex-array
> member `__ctx` is `void *`. Therefore, we have:

Why do you think the code is 32-bit? It is used regardless of the
architecture...

> `sizeof(ctx) == 4` when `char ctx[JBD_MAX_CHECKSUM_SIZE];`
> 
> To maintain the same size, we tell `DEFINE_RAW_FLEX()` to allocate `1`
> element for the flex array, as in 32-bit `sizeof(void *) == 4`.

So I agree we end up allocating enough space on stack but it is pretty
subtle and if JBD_MAX_CHECKSUM_SIZE definition changes, we have a problem.
I think we need something like (JBD_MAX_CHECKSUM_SIZE + sizeof(*desc->__ctx)
- 1) / sizeof(*desc->__ctx))?

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ