lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d8e63b8a-7a2c-46dc-a15c-9399044a23ee@embeddedor.com>
Date: Mon, 7 Apr 2025 13:57:48 -0600
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Kees Cook <kees@...nel.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc: Lyude Paul <lyude@...hat.com>, Danilo Krummrich <dakr@...nel.org>,
 David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>,
 dri-devel@...ts.freedesktop.org, nouveau@...ts.freedesktop.org,
 linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] drm/nouveau: chan: Avoid
 -Wflex-array-member-not-at-end warnings



On 07/04/25 13:50, Kees Cook wrote:
> On Thu, Apr 03, 2025 at 10:45:18AM -0600, Gustavo A. R. Silva wrote:
>> -Wflex-array-member-not-at-end was introduced in GCC-14, and we are
>> getting ready to enable it, globally.
>>
>> Use the `DEFINE_RAW_FLEX()` helper for a few on-stack definitions
>> of a flexible structure where the size of the flexible-array member
>> is known at compile-time, and refactor the rest of the code,
>> accordingly.
>>
>> So, with these changes, fix the following warnings:
>>
>> drivers/gpu/drm/nouveau/nouveau_chan.c:274:37: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
>> drivers/gpu/drm/nouveau/nouveau_chan.c:371:46: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
>> drivers/gpu/drm/nouveau/nouveau_chan.c:524:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
>>
>> Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
>> ---
>>   drivers/gpu/drm/nouveau/nouveau_chan.c | 115 ++++++++++++-------------
>>   1 file changed, 56 insertions(+), 59 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/nouveau/nouveau_chan.c b/drivers/gpu/drm/nouveau/nouveau_chan.c
>> index cd659b9fd1d9..a7e70517b7cd 100644
>> --- a/drivers/gpu/drm/nouveau/nouveau_chan.c
>> +++ b/drivers/gpu/drm/nouveau/nouveau_chan.c
>> @@ -270,10 +270,7 @@ nouveau_channel_ctor(struct nouveau_cli *cli, bool priv, u64 runm,
>>   		{    NV03_CHANNEL_DMA     , 0 },
>>   		{}
>>   	};
>> -	struct {
>> -		struct nvif_chan_v0 chan;
>> -		char name[TASK_COMM_LEN+16];
>> -	} args;
>> +	DEFINE_RAW_FLEX(struct nvif_chan_v0, args, name, TASK_COMM_LEN + 16);
>>   	struct nvif_device *device = &cli->device;
>>   	struct nouveau_channel *chan;
>>   	const u64 plength = 0x10000;
>> @@ -298,28 +295,28 @@ nouveau_channel_ctor(struct nouveau_cli *cli, bool priv, u64 runm,
>>   		return ret;
>>   
>>   	/* create channel object */
>> -	args.chan.version = 0;
>> -	args.chan.namelen = sizeof(args.name);
>> -	args.chan.runlist = __ffs64(runm);
>> -	args.chan.runq = 0;
>> -	args.chan.priv = priv;
>> -	args.chan.devm = BIT(0);
>> +	args->version = 0;
>> +	args->namelen = __struct_size(args) - sizeof(*args);
> 
> Does __struct_size(args->name) work here (and later)?

Why not?

I mean, this should be equivalent to `TASK_COMM_LEN+16`, I could
use the latter if people prefer it (see my comments below).

> 
>> +	args->runlist = __ffs64(runm);
>> +	args->runq = 0;
>> +	args->priv = priv;
>> +	args->devm = BIT(0);
>>   	if (hosts[cid].oclass < NV50_CHANNEL_GPFIFO) {
>> -		args.chan.vmm = 0;
>> -		args.chan.ctxdma = nvif_handle(&chan->push.ctxdma);
>> -		args.chan.offset = chan->push.addr;
>> -		args.chan.length = 0;
>> +		args->vmm = 0;
>> +		args->ctxdma = nvif_handle(&chan->push.ctxdma);
>> +		args->offset = chan->push.addr;
>> +		args->length = 0;
>>   	} else {
>> -		args.chan.vmm = nvif_handle(&chan->vmm->vmm.object);
>> +		args->vmm = nvif_handle(&chan->vmm->vmm.object);
>>   		if (hosts[cid].oclass < FERMI_CHANNEL_GPFIFO)
>> -			args.chan.ctxdma = nvif_handle(&chan->push.ctxdma);
>> +			args->ctxdma = nvif_handle(&chan->push.ctxdma);
>>   		else
>> -			args.chan.ctxdma = 0;
>> -		args.chan.offset = ioffset + chan->push.addr;
>> -		args.chan.length = ilength;
>> +			args->ctxdma = 0;
>> +		args->offset = ioffset + chan->push.addr;
>> +		args->length = ilength;
>>   	}
>> -	args.chan.huserd = 0;
>> -	args.chan.ouserd = 0;
>> +	args->huserd = 0;
>> +	args->ouserd = 0;
>>   
>>   	/* allocate userd */
>>   	if (hosts[cid].oclass >= VOLTA_CHANNEL_GPFIFO_A) {
>> @@ -329,27 +326,28 @@ nouveau_channel_ctor(struct nouveau_cli *cli, bool priv, u64 runm,
>>   		if (ret)
>>   			return ret;
>>   
>> -		args.chan.huserd = nvif_handle(&chan->mem_userd.object);
>> -		args.chan.ouserd = 0;
>> +		args->huserd = nvif_handle(&chan->mem_userd.object);
>> +		args->ouserd = 0;
>>   
>>   		chan->userd = &chan->mem_userd.object;
>>   	} else {
>>   		chan->userd = &chan->user;
>>   	}
>>   
>> -	snprintf(args.name, sizeof(args.name), "%s[%d]", current->comm, task_pid_nr(current));
>> +	snprintf(args->name, __struct_size(args) - sizeof(*args), "%s[%d]",
>> +		 current->comm, task_pid_nr(current));
>>   
>>   	ret = nvif_object_ctor(&device->object, "abi16ChanUser", 0, hosts[cid].oclass,
>> -			       &args, sizeof(args), &chan->user);
>> +			       args, __struct_size(args), &chan->user);
>>   	if (ret) {
>>   		nouveau_channel_del(pchan);
>>   		return ret;
>>   	}
>>   
>> -	chan->runlist = args.chan.runlist;
>> -	chan->chid = args.chan.chid;
>> -	chan->inst = args.chan.inst;
>> -	chan->token = args.chan.token;
>> +	chan->runlist = args->runlist;
>> +	chan->chid = args->chid;
>> +	chan->inst = args->inst;
>> +	chan->token = args->token;
>>   	return 0;
>>   }
>>   
>> @@ -367,17 +365,17 @@ nouveau_channel_init(struct nouveau_channel *chan, u32 vram, u32 gart)
>>   		return ret;
>>   
>>   	if (chan->user.oclass >= FERMI_CHANNEL_GPFIFO) {
>> -		struct {
>> -			struct nvif_event_v0 base;
>> -			struct nvif_chan_event_v0 host;
>> -		} args;
>> +		DEFINE_RAW_FLEX(struct nvif_event_v0, args, data,
>> +				sizeof(struct nvif_chan_event_v0));
>> +		struct nvif_chan_event_v0 *host =
>> +				(struct nvif_chan_event_v0 *)args->data;
>>   
>> -		args.host.version = 0;
>> -		args.host.type = NVIF_CHAN_EVENT_V0_KILLED;
>> +		host->version = 0;
>> +		host->type = NVIF_CHAN_EVENT_V0_KILLED;
>>   
>>   		ret = nvif_event_ctor(&chan->user, "abi16ChanKilled", chan->chid,
>>   				      nouveau_channel_killed, false,
>> -				      &args.base, sizeof(args), &chan->kill);
>> +				      args, __struct_size(args), &chan->kill);
>>   		if (ret == 0)
>>   			ret = nvif_event_allow(&chan->kill);
>>   		if (ret) {
>> @@ -520,46 +518,45 @@ nouveau_channels_fini(struct nouveau_drm *drm)
>>   int
>>   nouveau_channels_init(struct nouveau_drm *drm)
>>   {
>> -	struct {
>> -		struct nv_device_info_v1 m;
>> -		struct {
>> -			struct nv_device_info_v1_data channels;
>> -			struct nv_device_info_v1_data runlists;
>> -		} v;
>> -	} args = {
>> -		.m.version = 1,
>> -		.m.count = sizeof(args.v) / sizeof(args.v.channels),
> 
> sizeof(args.v) == sizeof(struct nv_device_info_v1_data) * 2
> 
> and sizeof(args.v.channels) == sizeof(struct nv_device_info_v1_data).
> 
> Isn't this just "2"? i.e. isn't struct nv_device_info_v1::count the
> counted_by for struct nv_device_info_v1::data?

Yes, it's just `2`. However, I didn't want to explicitly use the magic
number, in case people don't like it, as in other similar patches (in
other subsystems).

But, yeah, it's `2`. :)

Thanks
--
Gustavo

> 
>> -		.v.channels.mthd = NV_DEVICE_HOST_CHANNELS,
>> -		.v.runlists.mthd = NV_DEVICE_HOST_RUNLISTS,
>> -	};
>> +	DEFINE_RAW_FLEX(struct nv_device_info_v1, args, data, 2);
>> +	struct nv_device_info_v1_data *channels = &args->data[0];
>> +	struct nv_device_info_v1_data *runlists = &args->data[1];
>>   	struct nvif_object *device = &drm->client.device.object;
>>   	int ret, i;
>>   
>> -	ret = nvif_object_mthd(device, NV_DEVICE_V0_INFO, &args, sizeof(args));
>> +	args->version = 1;
>> +	args->count = (__struct_size(args) - sizeof(*args)) /
>> +		      sizeof(*args->data);
>> +	channels->mthd = NV_DEVICE_HOST_CHANNELS;
>> +	runlists->mthd = NV_DEVICE_HOST_RUNLISTS;
>> +
>> +	ret = nvif_object_mthd(device, NV_DEVICE_V0_INFO, args,
>> +			       __struct_size(args));
>>   	if (ret ||
>> -	    args.v.runlists.mthd == NV_DEVICE_INFO_INVALID || !args.v.runlists.data ||
>> -	    args.v.channels.mthd == NV_DEVICE_INFO_INVALID)
>> +	    runlists->mthd == NV_DEVICE_INFO_INVALID || !runlists->data ||
>> +	    channels->mthd == NV_DEVICE_INFO_INVALID)
>>   		return -ENODEV;
>>   
>> -	drm->chan_nr = drm->chan_total = args.v.channels.data;
>> -	drm->runl_nr = fls64(args.v.runlists.data);
>> +	drm->chan_nr = drm->chan_total = channels->data;
>> +	drm->runl_nr = fls64(runlists->data);
>>   	drm->runl = kcalloc(drm->runl_nr, sizeof(*drm->runl), GFP_KERNEL);
>>   	if (!drm->runl)
>>   		return -ENOMEM;
>>   
>>   	if (drm->chan_nr == 0) {
>>   		for (i = 0; i < drm->runl_nr; i++) {
>> -			if (!(args.v.runlists.data & BIT(i)))
>> +			if (!(runlists->data & BIT(i)))
>>   				continue;
>>   
>> -			args.v.channels.mthd = NV_DEVICE_HOST_RUNLIST_CHANNELS;
>> -			args.v.channels.data = i;
>> +			channels->mthd = NV_DEVICE_HOST_RUNLIST_CHANNELS;
>> +			channels->data = i;
>>   
>> -			ret = nvif_object_mthd(device, NV_DEVICE_V0_INFO, &args, sizeof(args));
>> -			if (ret || args.v.channels.mthd == NV_DEVICE_INFO_INVALID)
>> +			ret = nvif_object_mthd(device, NV_DEVICE_V0_INFO, args,
>> +					       __struct_size(args));
>> +			if (ret || channels->mthd == NV_DEVICE_INFO_INVALID)
>>   				return -ENODEV;
>>   
>> -			drm->runl[i].chan_nr = args.v.channels.data;
>> +			drm->runl[i].chan_nr = channels->data;
>>   			drm->runl[i].chan_id_base = drm->chan_total;
>>   			drm->runl[i].context_base = dma_fence_context_alloc(drm->runl[i].chan_nr);
>>   
> 
> Otherwise looks good.
> 
> -Kees
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ