| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4cf727c56c4fda8d28df920214b3824c9739bc8f.camel@HansenPartnership.com> Date: Tue, 07 Oct 2025 07:59:32 -0400 From: James Bottomley <James.Bottomley@...senPartnership.com> To: "Gustavo A. R. Silva" <gustavo@...eddedor.com>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, Kashyap Desai <kashyap.desai@...adcom.com>, Sumit Saxena <sumit.saxena@...adcom.com>, Shivasharan S <shivasharan.srikanteshwara@...adcom.com>, Chandrakanth patil <chandrakanth.patil@...adcom.com>, "Martin K. Petersen" <martin.petersen@...cle.com> Cc: megaraidlinux.pdl@...adcom.com, linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH v2][next] scsi: megaraid_sas: Avoid a couple -Wflex-array-member-not-at-end warnings On Tue, 2025-10-07 at 11:43 +0100, Gustavo A. R. Silva wrote: > Hi all, > > Friendly ping: who can take this, please? After what happened with the qla2xxx driver, everyone is a bit wary of these changes, particularly when they affect structures shared with the hardware. Megaraid is a broadcom acquisition so although maintained it might take them a while to check this. However, you could help us with this: as I understand it (there is a bit of a no documentation problem here), the TRAILING_OVERLAP formalism merely gets the compiler not to warn about the situation rather than actually changing anything in the layout of the structure? In which case you should be able to demonstrate the binary produced before and after this patch is the same, which would very much reduce the risk of taking it. Regards, James
Powered by blists - more mailing lists