[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <cc312432-bc9b-4dea-8f99-9c2ebf0d47a7@embeddedor.com>
Date: Fri, 1 Nov 2024 14:46:56 -0600
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Jan Kara <jack@...e.cz>
Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org>,
Theodore Ts'o <tytso@....edu>, Jan Kara <jack@...e.com>,
linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] jbd2: Avoid dozens of
-Wflex-array-member-not-at-end warnings
On 01/11/24 04:15, Jan Kara wrote:
> On Thu 31-10-24 17:31:34, Gustavo A. R. Silva wrote:
>> On 31/10/24 15:32, Jan Kara wrote:
>>>
>>>> `sizeof(ctx) == 4` when `char ctx[JBD_MAX_CHECKSUM_SIZE];`
>>>>
>>>> To maintain the same size, we tell `DEFINE_RAW_FLEX()` to allocate `1`
>>>> element for the flex array, as in 32-bit `sizeof(void *) == 4`.
>>>
>>> So I agree we end up allocating enough space on stack but it is pretty
>>> subtle and if JBD_MAX_CHECKSUM_SIZE definition changes, we have a problem.
>>> I think we need something like (JBD_MAX_CHECKSUM_SIZE + sizeof(*desc->__ctx)
>>> - 1) / sizeof(*desc->__ctx))?
>>
>> I see. Well, in that case it'd be something more like:
>>
>> - struct {
>> - struct shash_desc shash;
>> - char ctx[JBD_MAX_CHECKSUM_SIZE];
>> - } desc;
>> + DEFINE_RAW_FLEX(struct shash_desc, desc, __ctx,
>> + (JBD_MAX_CHECKSUM_SIZE +
>> + sizeof(*((struct shash_desc *)0)->__ctx)) /
>> + sizeof(*((struct shash_desc *)0)->__ctx));
>>
>> Notice that `desc` is created inside `DEFINE_RAW_FLEX()`
> Right. Thanks for fixing this. The cleanest option then probably is:
>
> DEFINE_RAW_FLEX(struct shash_desc, desc, __ctx,
> DIV_ROUND_UP(JBD_MAX_CHECKSUM_SIZE,
> sizeof(*((struct shash_desc *)0)->__ctx)))
OK. There you go v2:
https://lore.kernel.org/linux-hardening/ZyU94w0IALVhc9Jy@kspp/
Thanks a lot for the feedback. :)
--
Gustavo
Powered by blists - more mailing lists