[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ca7be9f4-3f33-48ba-b61a-0a40ea1f17a6@embeddedor.com>
Date: Thu, 31 Oct 2024 17:31:34 -0600
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Jan Kara <jack@...e.cz>
Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org>,
Theodore Ts'o <tytso@....edu>, Jan Kara <jack@...e.com>,
linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] jbd2: Avoid dozens of
-Wflex-array-member-not-at-end warnings
On 31/10/24 15:32, Jan Kara wrote:
> On Thu 31-10-24 09:54:36, Gustavo A. R. Silva wrote:
>> On 31/10/24 06:33, Jan Kara wrote:
>>> On Fri 25-10-24 13:32:58, Gustavo A. R. Silva wrote:
>>>> -Wflex-array-member-not-at-end was introduced in GCC-14, and we
>>>> are getting ready to enable it, globally.
>>>>
>>>> Use the `DEFINE_RAW_FLEX()` helper for an on-stack definition of
>>>> a flexible structure (`struct shash_desc`) where the size of the
>>>> flexible-array member (`__ctx`) is known at compile-time, and
>>>> refactor the rest of the code, accordingly.
>>>>
>>>> So, with this, fix 77 of the following warnings:
>>>>
>>>> include/linux/jbd2.h:1800:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
>>>>
>>>> Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
>>>> ---
>>>> include/linux/jbd2.h | 13 +++++--------
>>>> 1 file changed, 5 insertions(+), 8 deletions(-)
>>>>
>>>> diff --git a/include/linux/jbd2.h b/include/linux/jbd2.h
>>>> index 8aef9bb6ad57..ce4560e62d3b 100644
>>>> --- a/include/linux/jbd2.h
>>>> +++ b/include/linux/jbd2.h
>>>> @@ -1796,22 +1796,19 @@ static inline unsigned long jbd2_log_space_left(journal_t *journal)
>>>> static inline u32 jbd2_chksum(journal_t *journal, u32 crc,
>>>> const void *address, unsigned int length)
>>>> {
>>>> - struct {
>>>> - struct shash_desc shash;
>>>> - char ctx[JBD_MAX_CHECKSUM_SIZE];
>>>> - } desc;
>>>> + DEFINE_RAW_FLEX(struct shash_desc, desc, __ctx, 1);
>>>
>>> Am I missing some magic here or the 1 above should be
>>> JBD_MAX_CHECKSUM_SIZE?
>>
>> This seems to be 32-bit code, and the element type of the flex-array
>> member `__ctx` is `void *`. Therefore, we have:
>
> Why do you think the code is 32-bit? It is used regardless of the
> architecture...
Right, sorry, I got a bit confused...
>
>> `sizeof(ctx) == 4` when `char ctx[JBD_MAX_CHECKSUM_SIZE];`
>>
>> To maintain the same size, we tell `DEFINE_RAW_FLEX()` to allocate `1`
>> element for the flex array, as in 32-bit `sizeof(void *) == 4`.
>
> So I agree we end up allocating enough space on stack but it is pretty
> subtle and if JBD_MAX_CHECKSUM_SIZE definition changes, we have a problem.
> I think we need something like (JBD_MAX_CHECKSUM_SIZE + sizeof(*desc->__ctx)
> - 1) / sizeof(*desc->__ctx))?
I see. Well, in that case it'd be something more like:
- struct {
- struct shash_desc shash;
- char ctx[JBD_MAX_CHECKSUM_SIZE];
- } desc;
+ DEFINE_RAW_FLEX(struct shash_desc, desc, __ctx,
+ (JBD_MAX_CHECKSUM_SIZE +
+ sizeof(*((struct shash_desc *)0)->__ctx)) /
+ sizeof(*((struct shash_desc *)0)->__ctx));
Notice that `desc` is created inside `DEFINE_RAW_FLEX()`
Thanks
--
Gustavo
Powered by blists - more mailing lists