forked from torvalds/linux
-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace one-element arrays with flexible-array members #79
Labels
Comments
GustavoARSilva
added
compiler
Needs compiler support
[Refactor] 1-element array
Conversion away from one-element array
labels
Jun 3, 2020
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 14, 2020
There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. For this particular case, it is important to notice that the cachelines change from 7 to 6 after the flexible-array conversion: $ pahole -C 'fifo' drivers/misc/hpilo.o struct fifo { u64 nrents; /* 0 8 */ u64 imask; /* 8 8 */ u64 merge; /* 16 8 */ u64 reset; /* 24 8 */ u8 pad_0[96]; /* 32 96 */ /* --- cacheline 2 boundary (128 bytes) --- */ u64 head; /* 128 8 */ u8 pad_1[120]; /* 136 120 */ /* --- cacheline 4 boundary (256 bytes) --- */ u64 tail; /* 256 8 */ u8 pad_2[120]; /* 264 120 */ /* --- cacheline 6 boundary (384 bytes) --- */ u64 fifobar[1]; /* 384 8 */ /* size: 392, cachelines: 7, members: 10 */ /* last cacheline: 8 bytes */ }; $ pahole -C 'fifo' drivers/misc/hpilo.o struct fifo { u64 nrents; /* 0 8 */ u64 imask; /* 8 8 */ u64 merge; /* 16 8 */ u64 reset; /* 24 8 */ u8 pad_0[96]; /* 32 96 */ /* --- cacheline 2 boundary (128 bytes) --- */ u64 head; /* 128 8 */ u8 pad_1[120]; /* 136 120 */ /* --- cacheline 4 boundary (256 bytes) --- */ u64 tail; /* 256 8 */ u8 pad_2[120]; /* 264 120 */ /* --- cacheline 6 boundary (384 bytes) --- */ u64 fifobar[]; /* 384 0 */ /* size: 384, cachelines: 6, members: 10 */ }; Lastly, remove unnecessary parentheses in fifo_sz() and fix the following checkpatch.pl warning for the whole fifo structure: WARNING: please, no spaces at the start of a line [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] KSPP#79 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/kernel-ci/hpilo-20200714.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 14, 2020
There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases or, as in this particular case, replace the one-element array with a simple value type u8 reserved once this is just a placeholder for alignment. The older style of one-element or zero-length arrays should no longer be used[2]. Also, while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the variable type is changed but the corresponding sizeof that is passed as argument is not. [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] KSPP#79 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 14, 2020
There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. For this particular case, it is important to notice that the cachelines change from 7 to 6 after the flexible-array conversion: $ pahole -C 'fifo' drivers/misc/hpilo.o struct fifo { u64 nrents; /* 0 8 */ u64 imask; /* 8 8 */ u64 merge; /* 16 8 */ u64 reset; /* 24 8 */ u8 pad_0[96]; /* 32 96 */ /* --- cacheline 2 boundary (128 bytes) --- */ u64 head; /* 128 8 */ u8 pad_1[120]; /* 136 120 */ /* --- cacheline 4 boundary (256 bytes) --- */ u64 tail; /* 256 8 */ u8 pad_2[120]; /* 264 120 */ /* --- cacheline 6 boundary (384 bytes) --- */ u64 fifobar[1]; /* 384 8 */ /* size: 392, cachelines: 7, members: 10 */ /* last cacheline: 8 bytes */ }; $ pahole -C 'fifo' drivers/misc/hpilo.o struct fifo { u64 nrents; /* 0 8 */ u64 imask; /* 8 8 */ u64 merge; /* 16 8 */ u64 reset; /* 24 8 */ u8 pad_0[96]; /* 32 96 */ /* --- cacheline 2 boundary (128 bytes) --- */ u64 head; /* 128 8 */ u8 pad_1[120]; /* 136 120 */ /* --- cacheline 4 boundary (256 bytes) --- */ u64 tail; /* 256 8 */ u8 pad_2[120]; /* 264 120 */ /* --- cacheline 6 boundary (384 bytes) --- */ u64 fifobar[]; /* 384 0 */ /* size: 384, cachelines: 6, members: 10 */ }; Lastly, remove unnecessary parentheses in fifo_sz() and fix the following checkpatch.pl warning for the whole fifo structure: WARNING: please, no spaces at the start of a line [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] KSPP#79 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/kernel-ci/hpilo-20200714.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20200714154449.GA26153@embeddedor Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 14, 2020
One-element arrays are being deprecated[1]. Replace the one-element arrays with a simple value type u8 reserved, once this is just a placeholder for alignment. Also, while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the variable type is changed but the corresponding sizeof that is passed as argument is not. [1] KSPP#79 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 15, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type 'u8 reserved'[2], once this is just a placeholder for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/wil6210-20200715.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 16, 2020
One-element arrays are being deprecated[1]. Replace the one-element arrays with simple value types 'char reserved_char' and 'compat_int_t reserved'[2], once it seems these are just placeholders for alignment. Also, while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the variable type is changed but the corresponding sizeof that is passed as argument is not. Lastly, fix the checkpatch.pl warnings below: ERROR: code indent should use tabs where possible + char reserved_char;$ WARNING: please, no spaces at the start of a line + char reserved_char;$ ERROR: code indent should use tabs where possible + compat_int_t reserved;$ WARNING: please, no spaces at the start of a line + compat_int_t reserved;$ [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/tty-20200716.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 17, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type 'u8 reserved'[2], once it seems this is just a placeholder for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/skylake-20200717.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 20, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type 'u8 reserved'[2], once it seems this is just a placeholder for alignment. [1] KSPP#79 [2] KSPP#86 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Tested-by: kernel test robot <lkp@intel.com> Reviewed-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/skylake-20200717.md Link: https://lore.kernel.org/r/20200717215500.GA13910@embeddedor Signed-off-by: Mark Brown <broonie@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 22, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type 'u32 reserved2'[2], once it seems this is just a placeholder for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/tg3-20200718.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 22, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type 'u8 rsvd'[2], once it seems this is just a placeholder for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/bfi-20200718.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 22, 2020
One-element arrays are being deprecated[1]. Replace the one-element arrays with simple value types 'char reserved_char' and 'compat_int_t reserved'[2], once it seems these are just placeholders for alignment. Also, while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the variable type is changed but the corresponding sizeof that is passed as argument is not. Lastly, fix the checkpatch.pl warnings below: ERROR: code indent should use tabs where possible + char reserved_char;$ WARNING: please, no spaces at the start of a line + char reserved_char;$ ERROR: code indent should use tabs where possible + compat_int_t reserved;$ WARNING: please, no spaces at the start of a line + compat_int_t reserved;$ [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/tty-20200716.md Acked-by: Jiri Slaby <jirislaby@kernel.org> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 22, 2020
There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Also, make use of the array_size() helper instead of the open-coded version in memcpy(). These sorts of multiplication factors need to be wrapped in array_size(). And while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the pointer variable type is changed but the corresponding sizeof that is passed as argument is not. [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] KSPP#79 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 22, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type '__le32 reserved1'[2], once it seems this is just a placeholder for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/qed_hsi-20200718.md Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 23, 2020
There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Also, make use of the array_size() helper instead of the open-coded version in memcpy(). These sorts of multiplication factors need to be wrapped in array_size(). And while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the pointer variable type is changed but the corresponding sizeof that is passed as argument is not. [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] KSPP#79 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20200722181534.GA31357@embeddedor Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 23, 2020
One-element arrays are being deprecated[1]. Replace the one-element arrays with a simple value type u8 reserved, once this is just a placeholder for alignment. Also, while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the variable type is changed but the corresponding sizeof that is passed as argument is not. [1] KSPP#79 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20200714214516.GA1040@embeddedor Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 23, 2020
Replace the single element arrays with a simple value type u8 reserved, even thought is is not used for dynamically sized trailing elements it confuses the effort of replacing one-element arrays with flexible arrays for that purpose. Link: KSPP#79 Cc: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Jul 23, 2020
One-element arrays are being deprecated[1]. Replace the one-element arrays with simple value types 'char reserved_char' and 'compat_int_t reserved'[2], once it seems these are just placeholders for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/tty-20200716.md Acked-by: Jiri Slaby <jirislaby@kernel.org> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
ruscur
pushed a commit
to ruscur/linux
that referenced
this issue
Jul 30, 2020
One-element arrays are being deprecated[1]. Replace the one-element arrays with simple value types 'char reserved_char' and 'compat_int_t reserved'[2], once it seems these are just placeholders for alignment. [1] KSPP#79 [2] KSPP#86 Tested-by: kernel test robot <lkp@intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/tty-20200716.md Acked-by: Jiri Slaby <jirislaby@kernel.org> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Link: https://lore.kernel.org/r/f49bf0e27eaac396c96d21392c8c284f9f5ef52a.1595543280.git.gustavoars@kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
kitakar5525
pushed a commit
to kitakar5525/linux-kernel
that referenced
this issue
Sep 16, 2020
One-element arrays are being deprecated[1]. Replace the one-element array with a simple value type 'u8 reserved'[2], once it seems this is just a placeholder for alignment. [1] KSPP/linux#79 [2] KSPP/linux#86 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Tested-by: kernel test robot <lkp@intel.com> Reviewed-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com> Link: https://github.com/GustavoARSilva/linux-hardening/blob/master/cii/0-day/skylake-20200717.md Link: https://lore.kernel.org/r/20200717215500.GA13910@embeddedor Signed-off-by: Mark Brown <broonie@kernel.org> (cherry picked from commit 23f8d96) BUG=b:162008784 TEST=Test audio on volteer. Signed-off-by: Mike Mason <michael.w.mason@intel.corp-partner.google.com>
sudipm-mukherjee
pushed a commit
to sudipm-mukherjee/linux-test
that referenced
this issue
Feb 2, 2021
… icmsg_negotiate There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct icmsg_negotiate, instead of a one-element array. Also, this helps the ongoing efforts to enable -Warray-bounds and fix the following warnings: drivers/hv/channel_mgmt.c:315:23: warning: array subscript 1 is above array bounds of ‘struct ic_version[1]’ [-Warray-bounds] drivers/hv/channel_mgmt.c:316:23: warning: array subscript 1 is above array bounds of ‘struct ic_version[1]’ [-Warray-bounds] [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP/linux#79 Link: KSPP/linux#109 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Michael Kelley <mikelley@microsoft.com> Link: https://lore.kernel.org/r/20210201174334.GA171933@embeddedor Signed-off-by: Wei Liu <wei.liu@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Feb 2, 2021
…t _MPI2_CONFIG_PAGE_IO_UNIT_3 There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct _MPI2_CONFIG_PAGE_IO_UNIT_3, instead of a one-element array, and use the struct_size() helper to calculate the size for the allocation. Also, this helps with the ongoing efforts to enable -Warray-bounds and fix the following warning: drivers/scsi/mpt3sas/mpt3sas_ctl.c:3193:63: warning: array subscript 24 is above array bounds of ‘U16[1]’ {aka ‘short unsigned int[1]’} [-Warray-bounds] [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP#79 Link: KSPP#109 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Feb 3, 2021
…t _MPI2_CONFIG_PAGE_IO_UNIT_3 There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct _MPI2_CONFIG_PAGE_IO_UNIT_3, instead of a one-element array, and use the struct_size() helper to calculate the size for the allocation. Also, this helps the ongoing efforts to enable -Warray-bounds and fix the following warnings: drivers/scsi/mpt3sas/mpt3sas_ctl.c:3193:63: warning: array subscript 24 is above array bounds of ‘U16[1]’ {aka ‘short unsigned int[1]’} [-Warray-bounds] [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP#79 Link: KSPP#109 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
ColinIanKing
pushed a commit
to ColinIanKing/linux-next
that referenced
this issue
Feb 8, 2021
… icmsg_negotiate There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct icmsg_negotiate, instead of a one-element array. Also, this helps the ongoing efforts to enable -Warray-bounds and fix the following warnings: drivers/hv/channel_mgmt.c:315:23: warning: array subscript 1 is above array bounds of ‘struct ic_version[1]’ [-Warray-bounds] drivers/hv/channel_mgmt.c:316:23: warning: array subscript 1 is above array bounds of ‘struct ic_version[1]’ [-Warray-bounds] [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP/linux#79 Link: KSPP/linux#109 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Michael Kelley <mikelley@microsoft.com> Link: https://lore.kernel.org/r/20210201174334.GA171933@embeddedor Signed-off-by: Wei Liu <wei.liu@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Feb 10, 2021
…ISLANDS_SMC_SWSTATE There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct SISLANDS_SMC_SWSTATE, instead of a one-element array, and use the struct_size() helper to calculate the size for the allocation. Also, this helps with the ongoing efforts to enable -Warray-bounds and fix the following warnings: drivers/gpu/drm/amd/amdgpu/../pm/powerplay/si_dpm.c:2448:20: warning: array subscript 1 is above array bounds of ‘SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’ {aka ‘struct SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’} [-Warray-bounds] drivers/gpu/drm/amd/amdgpu/../pm/powerplay/si_dpm.c:2449:20: warning: array subscript 1 is above array bounds of ‘SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’ {aka ‘struct SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’} [-Warray-bounds] drivers/gpu/drm/amd/amdgpu/../pm/powerplay/si_dpm.c:2450:20: warning: array subscript 1 is above array bounds of ‘SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’ {aka ‘struct SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’} [-Warray-bounds] drivers/gpu/drm/amd/amdgpu/../pm/powerplay/si_dpm.c:2451:20: warning: array subscript 1 is above array bounds of ‘SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’ {aka ‘struct SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’} [-Warray-bounds] drivers/gpu/drm/amd/amdgpu/../pm/powerplay/si_dpm.c:2452:20: warning: array subscript 1 is above array bounds of ‘SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’ {aka ‘struct SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’} [-Warray-bounds] drivers/gpu/drm/amd/amdgpu/../pm/powerplay/si_dpm.c:5570:20: warning: array subscript 1 is above array bounds of ‘SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’ {aka ‘struct SISLANDS_SMC_HW_PERFORMANCE_LEVEL[1]’} [-Warray-bounds] [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP#79 Link: KSPP#109 Build-tested-by: kernel test robot <lkp@intel.com> Link: https://lore.kernel.org/lkml/6023be58.sk66L%2FV4vuSJI5mI%25lkp@intel.com/ Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Feb 10, 2021
…ber in struct ndis_80211_var_ie There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct ndis_80211_var_ie, instead of a one-element array. Also, this helps with the ongoing efforts to enable -Warray-bounds and fix the following warnings: CC [M] drivers/staging/rtl8723bs/core/rtw_wlan_util.o In file included from ./drivers/staging/rtl8723bs/include/drv_types.h:20, from drivers/staging/rtl8723bs/core/rtw_wlan_util.c:9: drivers/staging/rtl8723bs/core/rtw_wlan_util.c: In function ‘HT_caps_handler’: ./drivers/staging/rtl8723bs/include/basic_types.h:108:11: warning: array subscript 1 is above array bounds of ‘u8[1]’ {aka ‘unsigned char[1]’} [-Warray-bounds] 108 | (EF1BYTE(*((u8 *)(__pstart)))) | ^ ./drivers/staging/rtl8723bs/include/basic_types.h:42:8: note: in definition of macro ‘EF1BYTE’ 42 | ((u8)(_val)) | ^~~~ ./drivers/staging/rtl8723bs/include/basic_types.h:127:4: note: in expansion of macro ‘LE_P1BYTE_TO_HOST_1BYTE’ 127 | (LE_P1BYTE_TO_HOST_1BYTE(__pstart) >> (__bitoffset)) & \ | ^~~~~~~~~~~~~~~~~~~~~~~ ./drivers/staging/rtl8723bs/include/rtw_ht.h:97:55: note: in expansion of macro ‘LE_BITS_TO_1BYTE’ 97 | #define GET_HT_CAPABILITY_ELE_RX_STBC(_pEleStart) LE_BITS_TO_1BYTE((_pEleStart)+1, 0, 2) | ^~~~~~~~~~~~~~~~ drivers/staging/rtl8723bs/core/rtw_wlan_util.c:1104:58: note: in expansion of macro ‘GET_HT_CAPABILITY_ELE_RX_STBC’ 1104 | if (TEST_FLAG(phtpriv->stbc_cap, STBC_HT_ENABLE_TX) && GET_HT_CAPABILITY_ELE_RX_STBC(pIE->data)) { | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/staging/rtl8723bs/core/rtw_wlan_util.c:1051:75: warning: array subscript 2 is above array bounds of ‘u8[1]’ {aka ‘unsigned char[1]’} [-Warray-bounds] 1051 | if ((pmlmeinfo->HT_caps.u.HT_cap_element.AMPDU_para & 0x3) > (pIE->data[i] & 0x3)) | ~~~~~~~~~^~~ drivers/staging/rtl8723bs/core/rtw_wlan_util.c: In function ‘check_assoc_AP’: drivers/staging/rtl8723bs/core/rtw_wlan_util.c:1606:19: warning: array subscript 4 is above array bounds of ‘u8[1]’ {aka ‘unsigned char[1]’} [-Warray-bounds] 1606 | if (pIE->data[4] == 1) | ~~~~~~~~~^~~ drivers/staging/rtl8723bs/core/rtw_wlan_util.c:1609:20: warning: array subscript 5 is above array bounds of ‘u8[1]’ {aka ‘unsigned char[1]’} [-Warray-bounds] 1609 | if (pIE->data[5] & RT_HT_CAP_USE_92SE) | ~~~~~~~~~^~~ drivers/staging/rtl8723bs/core/rtw_wlan_util.c:1613:19: warning: array subscript 5 is above array bounds of ‘u8[1]’ {aka ‘unsigned char[1]’} [-Warray-bounds] 1613 | if (pIE->data[5] & RT_HT_CAP_USE_SOFTAP) | ~~~~~~~~~^~~ drivers/staging/rtl8723bs/core/rtw_wlan_util.c:1617:20: warning: array subscript 6 is above array bounds of ‘u8[1]’ {aka ‘unsigned char[1]’} [-Warray-bounds] 1617 | if (pIE->data[6] & RT_HT_CAP_USE_JAGUAR_BCUT) { | ~~~~~~~~~^~~ [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP#79 Link: KSPP#109 Build-tested-by: kernel test robot <lkp@intel.com> Link: https://lore.kernel.org/lkml/602434b8.jc5DoXJ0bmHoxgIL%25lkp@intel.com/ Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this issue
Feb 10, 2021
…ay member There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Use flexible-array member in struct hfi_sys_set_property_pkt instead of one-element array. Also, this helps with the ongoing efforts to enable -Warray-bounds and fix the following warnings: drivers/media/platform/qcom/venus/hfi_cmds.c: In function ‘pkt_sys_coverage_config’: drivers/media/platform/qcom/venus/hfi_cmds.c:57:11: warning: array subscript 1 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] 57 | pkt->data[1] = mode; | ~~~~~~~~~^~~ [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP#79 Link: KSPP#109 Build-tested-by: kernel test robot <lkp@intel.com> Link: https://lore.kernel.org/lkml/602416da.iZqae7Dbk7nyl6OY%25lkp@intel.com/ Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
smfrench
pushed a commit
to smfrench/smb3-kernel
that referenced
this issue
Aug 17, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs filesystem_attribute_info and filesystem_device_info. There are no binary differences after this conversion. Link: KSPP/linux#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this issue
Aug 17, 2024
Replace the deprecated one-element array with a modern flexible-array member in the struct nfs4_flexfile_layoutreturn_args. Adjust the struct size accordingly. There are no binary differences after this conversion. Link: KSPP#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
smfrench
pushed a commit
to smfrench/smb3-kernel
that referenced
this issue
Aug 18, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs filesystem_attribute_info and filesystem_device_info. There are no binary differences after this conversion. Link: KSPP/linux#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
namjaejeon
pushed a commit
to smfrench/smb3-kernel
that referenced
this issue
Aug 18, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs filesystem_attribute_info and filesystem_device_info. There are no binary differences after this conversion. Link: KSPP/linux#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
smfrench
pushed a commit
to smfrench/smb3-kernel
that referenced
this issue
Aug 18, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs filesystem_attribute_info and filesystem_device_info. There are no binary differences after this conversion. Link: KSPP/linux#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this issue
Aug 18, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs copychunk_ioctl_req and smb2_ea_info_req. There are no binary differences after this conversion. Link: KSPP#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
steev
pushed a commit
to steev/linux
that referenced
this issue
Aug 18, 2024
…e 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: KSPP#79 [1] Signed-off-by: Kees Cook <kees@kernel.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Acked-by: Vikash Garodia <quic_vgarodia@quicinc.com> Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org
robertosassu
pushed a commit
to robertosassu/linux
that referenced
this issue
Aug 18, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs copychunk_ioctl_req and smb2_ea_info_req. There are no binary differences after this conversion. Link: KSPP#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
smfrench
pushed a commit
to smfrench/smb3-kernel
that referenced
this issue
Aug 18, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs filesystem_attribute_info and filesystem_device_info. There are no binary differences after this conversion. Link: KSPP/linux#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
wcedla
pushed a commit
to wcedla/kernel_xiaomi_sm8250_immens1ty_mod
that referenced
this issue
Aug 20, 2024
There is a regular need in the kernel to provide a way to declare having a dynamically sized set of trailing elements in a structure. Kernel code should always use “flexible array members”[1] for these cases. The older style of one-element or zero-length arrays should no longer be used[2]. Refactor the code according to the use of a flexible-array member in struct f2fs_checkpoint, instead of a one-element arrays. Notice that a temporary pointer to void '*tmp_ptr' was used in order to fix the following errors when using a flexible array instead of a one element array in struct f2fs_checkpoint: CC [M] fs/f2fs/dir.o In file included from fs/f2fs/dir.c:13: fs/f2fs/f2fs.h: In function ‘__bitmap_ptr’: fs/f2fs/f2fs.h:2227:40: error: invalid use of flexible array member 2227 | return &ckpt->sit_nat_version_bitmap + offset + sizeof(__le32); | ^ fs/f2fs/f2fs.h:2227:49: error: invalid use of flexible array member 2227 | return &ckpt->sit_nat_version_bitmap + offset + sizeof(__le32); | ^ fs/f2fs/f2fs.h:2238:40: error: invalid use of flexible array member 2238 | return &ckpt->sit_nat_version_bitmap + offset; | ^ make[2]: *** [scripts/Makefile.build:287: fs/f2fs/dir.o] Error 1 make[1]: *** [scripts/Makefile.build:530: fs/f2fs] Error 2 make: *** [Makefile:1819: fs] Error 2 [1] https://en.wikipedia.org/wiki/Flexible_array_member [2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays Link: KSPP/linux#79 Build-tested-by: kernel test robot <lkp@intel.com> Link: https://lore.kernel.org/lkml/603647e4.DeEFbl4eqljuwAUe%25lkp@intel.com/ Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Chao Yu <yuchao0@huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
steev
pushed a commit
to steev/linux
that referenced
this issue
Aug 20, 2024
…e 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: KSPP#79 [1] Signed-off-by: Kees Cook <kees@kernel.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Acked-by: Vikash Garodia <quic_vgarodia@quicinc.com> Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org
steev
pushed a commit
to steev/linux
that referenced
this issue
Aug 20, 2024
…e 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: KSPP#79 [1] Signed-off-by: Kees Cook <kees@kernel.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Acked-by: Vikash Garodia <quic_vgarodia@quicinc.com> Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this issue
Aug 20, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs copychunk_ioctl_req and smb2_ea_info_req. There are no binary differences after this conversion. Link: KSPP#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
delphix-devops-bot
pushed a commit
to delphix/linux-kernel-azure
that referenced
this issue
Aug 22, 2024
BugLink: https://bugs.launchpad.net/bugs/2036450 One-element arrays are deprecated, and we are replacing them with flexible array members instead. So, replace one-element arrays with flexible-array member in structs negotiate_req and extended_response, and refactor the rest of the code, accordingly. Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible array member EncryptionKey in union u. This new helper allows for flexible-array members in unions. Change pointer notation to proper array notation in a call to memcpy() where flexible-array member DialectsArray is being used as destination argument. Important to mention is that doing a build before/after this patch results in no binary output differences. This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays=3 [1]. Link: KSPP/linux#79 Link: KSPP/linux#229 Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1] Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> (cherry picked from commit 943deb6066538aeb5417eae5fdc222defdcb9949) Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
All known 1-element arrays that are actually being used as flexible arrays have been refactored in the kernel. If new instances appear, we can open individual bugs to track them. |
Woo hoo!!! Excellent work, @GustavoARSilva! |
Thank you! :) This has been a team effort. Without @kees's mentorship and patches this wouldn't have been possible. |
srcres258
pushed a commit
to srcres258/linux-doc
that referenced
this issue
Aug 23, 2024
… flexible array Replace the deprecated[1] use of a 1-element array in struct vmmdev_hgcm_pagelist with a modern flexible array. As this is UAPI, we cannot trivially change the size of the struct, so use a union to retain the old first element's size, but switch "pages" to a flexible array. No binary differences are present after this conversion. Link: KSPP/linux#79 [1] Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20240710231555.work.406-kees@kernel.org Signed-off-by: Kees Cook <kees@kernel.org>
srcres258
pushed a commit
to srcres258/linux-doc
that referenced
this issue
Aug 23, 2024
…e 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: KSPP/linux#79 [1] Reviewed-by: Vikash Garodia <quic_vgarodia@quicinc.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Dikshita Agarwal <quic_dikshita@quicinc.com> Reviewed-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Acked-by: Vikash Garodia <quic_vgarodia@quicinc.com> Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org Signed-off-by: Kees Cook <kees@kernel.org>
steev
pushed a commit
to steev/linux
that referenced
this issue
Aug 26, 2024
…e 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: KSPP#79 [1] Signed-off-by: Kees Cook <kees@kernel.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Acked-by: Vikash Garodia <quic_vgarodia@quicinc.com> Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this issue
Aug 27, 2024
Replace the deprecated one-element array with a modern flexible-array member in the struct affs_root_head. Add a comment that most struct members are not used, but kept as documentation. Link: KSPP#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
eiffel-fl
pushed a commit
to eiffel-fl/linux-azure
that referenced
this issue
Aug 30, 2024
BugLink: https://bugs.launchpad.net/bugs/2036450 One-element arrays are deprecated, and we are replacing them with flexible array members instead. So, replace one-element arrays with flexible-array member in structs negotiate_req and extended_response, and refactor the rest of the code, accordingly. Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible array member EncryptionKey in union u. This new helper allows for flexible-array members in unions. Change pointer notation to proper array notation in a call to memcpy() where flexible-array member DialectsArray is being used as destination argument. Important to mention is that doing a build before/after this patch results in no binary output differences. This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays=3 [1]. Link: KSPP/linux#79 Link: KSPP/linux#229 Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1] Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> (cherry picked from commit 943deb6) Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
eiffel-fl
pushed a commit
to eiffel-fl/linux-azure
that referenced
this issue
Aug 30, 2024
BugLink: https://bugs.launchpad.net/bugs/2036450 One-element arrays are deprecated, and we are replacing them with flexible array members instead. So, replace one-element arrays with flexible-array member in structs negotiate_req and extended_response, and refactor the rest of the code, accordingly. Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible array member EncryptionKey in union u. This new helper allows for flexible-array members in unions. Change pointer notation to proper array notation in a call to memcpy() where flexible-array member DialectsArray is being used as destination argument. Important to mention is that doing a build before/after this patch results in no binary output differences. This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays=3 [1]. Link: KSPP/linux#79 Link: KSPP/linux#229 Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1] Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> (cherry picked from commit 943deb6) Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
eiffel-fl
pushed a commit
to eiffel-fl/linux-azure
that referenced
this issue
Aug 30, 2024
BugLink: https://bugs.launchpad.net/bugs/2036450 One-element arrays are deprecated, and we are replacing them with flexible array members instead. So, replace one-element arrays with flexible-array member in structs negotiate_req and extended_response, and refactor the rest of the code, accordingly. Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible array member EncryptionKey in union u. This new helper allows for flexible-array members in unions. Change pointer notation to proper array notation in a call to memcpy() where flexible-array member DialectsArray is being used as destination argument. Important to mention is that doing a build before/after this patch results in no binary output differences. This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays=3 [1]. Link: KSPP/linux#79 Link: KSPP/linux#229 Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1] Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> (cherry picked from commit 943deb6) Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
eiffel-fl
pushed a commit
to eiffel-fl/linux-azure
that referenced
this issue
Aug 30, 2024
BugLink: https://bugs.launchpad.net/bugs/2036450 One-element arrays are deprecated, and we are replacing them with flexible array members instead. So, replace one-element arrays with flexible-array member in structs negotiate_req and extended_response, and refactor the rest of the code, accordingly. Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible array member EncryptionKey in union u. This new helper allows for flexible-array members in unions. Change pointer notation to proper array notation in a call to memcpy() where flexible-array member DialectsArray is being used as destination argument. Important to mention is that doing a build before/after this patch results in no binary output differences. This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays=3 [1]. Link: KSPP/linux#79 Link: KSPP/linux#229 Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1] Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> (cherry picked from commit 943deb6) Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
eiffel-fl
pushed a commit
to eiffel-fl/linux-azure
that referenced
this issue
Aug 30, 2024
BugLink: https://bugs.launchpad.net/bugs/2036450 One-element arrays are deprecated, and we are replacing them with flexible array members instead. So, replace one-element arrays with flexible-array member in structs negotiate_req and extended_response, and refactor the rest of the code, accordingly. Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible array member EncryptionKey in union u. This new helper allows for flexible-array members in unions. Change pointer notation to proper array notation in a call to memcpy() where flexible-array member DialectsArray is being used as destination argument. Important to mention is that doing a build before/after this patch results in no binary output differences. This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays=3 [1]. Link: KSPP/linux#79 Link: KSPP/linux#229 Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1] Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> (cherry picked from commit 943deb6) Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
steev
pushed a commit
to steev/linux
that referenced
this issue
Sep 2, 2024
…e 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: KSPP#79 [1] Signed-off-by: Kees Cook <kees@kernel.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Acked-by: Vikash Garodia <quic_vgarodia@quicinc.com> Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org
zhuyj
pushed a commit
to zhuyj/linux
that referenced
this issue
Sep 3, 2024
Replace the deprecated one-element arrays with flexible-array members in the structs filesystem_attribute_info and filesystem_device_info. There are no binary differences after this conversion. Link: KSPP/linux#79 Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
List of open issues
There is a regular need in the kernel to provide a way to declare having a
dynamically sized set of trailing elements in a structure. Kernel code should
always use “flexible array members” for these cases. The older style of
one-element or zero-length arrays should no longer be used.
In older C code, dynamically sized trailing elements were done by specifying
a one-element array at the end of a structure:
This led to fragile size calculations via sizeof() (which would need to remove
the size of the single trailing element to get a correct size of the “header”).
A GNU C extension was introduced to allow for zero-length arrays, to avoid
these kinds of size problems:
But this led to other problems, and didn’t solve some problems shared by both
styles, like not being able to detect when such an array is accidentally being
used not at the end of a structure (which could happen directly, or when
such a struct was in unions, structs of structs, etc).
C99 introduced “flexible array members”, which lacks a numeric size for the
array declaration entirely:
This is the way the kernel expects dynamically sized trailing elements to be
declared. It allows the compiler to generate errors when the flexible array
does not occur last in the structure, which helps to prevent some kind of
undefined behavior bugs from being inadvertently introduced to the codebase.
It also allows the compiler to correctly analyze array sizes (via sizeof(),
CONFIG_FORTIFY_SOURCE, and CONFIG_UBSAN_BOUNDS). For instance, there is no
mechanism that warns us that the following application of the sizeof() operator
to a zero-length array always results in zero:
At the last line of code above, size turns out to be zero, when one might have
thought it represents the total size in bytes of the dynamic memory recently
allocated for the trailing array items. Here are a couple examples of this
issue: link 1, link 2. Instead, flexible array members have incomplete type, and so the
sizeof() operator may not be applied, so any misuse of such operators will
be immediately noticed at build time.
With respect to one-element arrays, one has to be acutely aware that such
arrays occupy at least as much space as a single object of the type, hence they
contribute to the size of the enclosing structure. This is prone to error every
time people want to calculate the total size of dynamic memory to allocate for
a structure containing an array of this kind as a member:
In the example above, we had to remember to calculate count - 1 when using the
struct_size() helper, otherwise we would have –unintentionally– allocated memory
for one too many items objects. The cleanest and least error-prone way to
implement this is through the use of a flexible array member, instead:
Latest version of this document: https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays
The text was updated successfully, but these errors were encountered: