| Message ID | 20230105190507.gonna.131-kees@kernel.org |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp457737wrt;
Thu, 5 Jan 2023 11:17:12 -0800 (PST)
X-Google-Smtp-Source:
AMrXdXvME69eZoJb4n/0lUgunFGTyP+y2a+/gXPIaQ8bfIItQtuvD+pp9rd76oQITqNoSUgLFxSm
X-Received: by 2002:a17:90a:1089:b0:226:3305:b072 with SMTP id
c9-20020a17090a108900b002263305b072mr25380708pja.29.1672946232530;
Thu, 05 Jan 2023 11:17:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1672946232; cv=none;
d=google.com; s=arc-20160816;
b=yKhzp6Pu33u5hYX2TviYGhmAT0Bl19aniEQJw2AG/3xfxhJMba0Hg3PyH61zq4v5qH
pE+UlBN5gZCP6iqvAh1BVGguloGtFP3DgDf1hwPMURA8MBfZ7DiLWp/6QzyM1EraW0SF
h8nTiN1OIpqD14GsdPKcxrBp4Vepr2+F3uI/RibNj6cInzqVL0Ih0d1OKhuY4pcqa5S5
oKx6M4tEAj+NORjOjCSbvN32z39XwmasGOwTZqdGQz+JTFJtsHbNV9KKjhrch3DkJdc+
rgPoroGdwJmvrZJ4uIF7f77SOPO4Esluwc4EZR5K4OvHpMfnI3BMhv4n/Q3BfiGVy+u1
hmvQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=i2SehKkCBcqja+K3E3ORe72aONi2D9OxK5bIcUd12dM=;
b=zfrystzc31Uc41y/OzQe2/0Z9VLypASziQI2apYW+HT3ZG2bLMsPByHU/s04Js0m2u
h4tpZYpL/N0ErwPAqEjLsn3+HxOtzCluH18dEqMmVfa/HaEw/tTBrt6jKsWiLJMHSAeL
dDqetlVudeBOqxLSB0EAGnQXTROjxqVT2uT2/tXvvUHf03mhvF9/ztcZSnTNX+Ugy2eR
9tUzbUbrzwZUQ5qH+wzDvSqbdubB4tue6n1t0e0AMXxOzDE+swUD5nzWRj0iVf7jq9rc
wd5HDYNXESniDFcL+7rUzHMKiY+2J1AEIwA714n/j3Ev1686ZP61JqCpn7wLmitMO5pY
J5iw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@chromium.org header.s=google header.b="awXTcU/L";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
co12-20020a17090afe8c00b0021a0bf0330esi2531606pjb.73.2023.01.05.11.16.59;
Thu, 05 Jan 2023 11:17:12 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@chromium.org header.s=google header.b="awXTcU/L";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S235281AbjAETFV (ORCPT <rfc822;tmhikaru@gmail.com> + 99 others);
Thu, 5 Jan 2023 14:05:21 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38514 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S235284AbjAETFT (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 5 Jan 2023 14:05:19 -0500
Received: from mail-pf1-x433.google.com (mail-pf1-x433.google.com
[IPv6:2607:f8b0:4864:20::433])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 193F260843
for <linux-kernel@vger.kernel.org>;
Thu, 5 Jan 2023 11:05:18 -0800 (PST)
Received: by mail-pf1-x433.google.com with SMTP id y5so996769pfe.2
for <linux-kernel@vger.kernel.org>;
Thu, 05 Jan 2023 11:05:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=chromium.org; s=google;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:from:to:cc:subject:date:message-id:reply-to;
bh=i2SehKkCBcqja+K3E3ORe72aONi2D9OxK5bIcUd12dM=;
b=awXTcU/LbB+ePHWF7idkRiNofo7lYdnPNZubDcIq8IyKIbBx4SHToTwvZ4OV6bt62I
0xkDJgInKm6CcvC0xZdUxeT8ck4FAr2l8s6IPAmGvBk4YxUO5+6wHmOL9R0/V/STgtZi
oD53HoCVjmTchna2qMebJgQvJHDgTo/GMr8q0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=i2SehKkCBcqja+K3E3ORe72aONi2D9OxK5bIcUd12dM=;
b=r87Uz0pSgzv/YfPR7I/usmauQCfUar96nNyiAklI7w1deFQet32G6TMNUlfR9woBUn
zUnEB43m+AosuI5jRyt4BtDkFks8IiwzS8Wtd7th4m604e3IXZiYIyPcV79mAIR0A7Xi
zkF2NeOGaAVDdwEUynCg4wQAMbCxrRJhSaia3r+anzVgO6cztvyo2mbOzbv753g35CMH
dDI16KCiOkCXNg64Y78DOZKdeCIdAzNsK+YhJPlHKvs24BjC4pD/QX9vi35bwE5lO0iO
2BJKvNOc2Z4fLRIB1PfQ3GNf8B8RvuRB2NPhx3bi/fMS9q0dWmPJUqvUPunN0oSmITwq
vHGw==
X-Gm-Message-State: AFqh2kpniJdUTPURPgAcFIDQJwYCOqKSqzzu5M9aG5rh1AQZlb1Tts6n
LFSZOqPm4ibzkXdmfQOTq7CEHA==
X-Received: by 2002:a05:6a00:1747:b0:582:7d41:c8a4 with SMTP id
j7-20020a056a00174700b005827d41c8a4mr21331148pfc.15.1672945517261;
Thu, 05 Jan 2023 11:05:17 -0800 (PST)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
by smtp.gmail.com with ESMTPSA id
f193-20020a6238ca000000b0058269b74da9sm9007525pfa.95.2023.01.05.11.05.16
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 05 Jan 2023 11:05:16 -0800 (PST)
From: Kees Cook <keescook@chromium.org>
To: Jens Axboe <axboe@kernel.dk>
Cc: Kees Cook <keescook@chromium.org>,
Pavel Begunkov <asml.silence@gmail.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
stable@vger.kernel.org, io-uring@vger.kernel.org,
Dylan Yudaken <dylany@fb.com>, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: [PATCH v2] io_uring: Replace 0-length array with flexible array
Date: Thu, 5 Jan 2023 11:05:11 -0800
Message-Id: <20230105190507.gonna.131-kees@kernel.org>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=1952;
h=from:subject:message-id; bh=SWcBV/lk0yg6EOGEoIKozkewCZaGNeQRZtq6oIzzPPY=;
b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjtx9n4cZXq94FvnrGkXShFgmcog+jiuB2B/m25yUW
xThqRSiJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY7cfZwAKCRCJcvTf3G3AJokvEA
Ck4FZY8ra48dMW1t/xvAdzEHf3VLqCDOmJEJTLTkHW3PQYAo0qlzsytzi/4ZKIEcY2AkyW2nn4I/e+
nKckG2kSBcnfT6zXjVbpfr8rLmpV2zndLux7yq9fqqcZBr+EtIzmTNnprZ0RfkuvrSgyu/9hiTx4oy
6qItkMQHCUUxK/QQOyIiKVJHANzZr/FCvfG7EWVjNpCM/BjtdyBDwLfFAGgJqk7meXdJXkW4t55SUN
ROHlaYDGSEhCCBzOws2QGDshmXpPuBeVcZqAyu/8wy/44SNlAA401xOQGVrWnFzW5a1pVppnwZZXkT
RT2kw0uGFISD7lI5arKAVyYfa2go2+nLLyMnYSoQsljJ1BUnlLstXPKk5Q8wnDG7ffE9prj5mbpEXu
o4XL+eUnU92nZKLl5HF2DIhFOlU4sGo7LhHfExEzSCDEgLM/FiLEZHUpkZX5egJb/EAlmz5IjxvyQ4
3AuQKG5wnvfs0VAN55jsv+xd2VifaCOQZpwteZdimwEYRdeUl2fQEuhEunkIEEfqcAVUJFCZjOIlLt
SzXtMQPiEgRrcxuBvEhKuG2XzQa2+pYmDN7IoqEU3fJLcRYtE0SM375keiRvqL1OOhrMdad1uinIbY
qRUpSu/yGoZPGi6saEr4fpsFHuMLhrSYz5hia2CmbnnRX5py3pXE6IvZYvGg==
X-Developer-Key: i=keescook@chromium.org; a=openpgp;
fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1754152564561742603?=
X-GMAIL-MSGID: =?utf-8?q?1754211268517265751?=
|
| Series |
[v2] io_uring: Replace 0-length array with flexible array
|
|
Commit Message
Kees Cook
Jan. 5, 2023, 7:05 p.m. UTC
Zero-length arrays are deprecated[1]. Replace struct io_uring_buf_ring's
"bufs" with a flexible array member. (How is the size of this array
verified?) Detected with GCC 13, using -fstrict-flex-arrays=3:
In function 'io_ring_buffer_select',
inlined from 'io_buffer_select' at io_uring/kbuf.c:183:10:
io_uring/kbuf.c:141:23: warning: array subscript 255 is outside the bounds of an interior zero-length array 'struct io_uring_buf[0]' [-Wzero-length-bounds]
141 | buf = &br->bufs[head];
| ^~~~~~~~~~~~~~~
In file included from include/linux/io_uring.h:7,
from io_uring/kbuf.c:10:
include/uapi/linux/io_uring.h: In function 'io_buffer_select':
include/uapi/linux/io_uring.h:628:41: note: while referencing 'bufs'
628 | struct io_uring_buf bufs[0];
| ^~~~
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays
Fixes: c7fb19428d67 ("io_uring: add support for ring mapped supplied buffers")
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Pavel Begunkov <asml.silence@gmail.com>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: stable@vger.kernel.org
Cc: io-uring@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
v2: use helper since these flex arrays are in a union.
v1: https://lore.kernel.org/lkml/20230105033743.never.628-kees@kernel.org
---
include/uapi/linux/io_uring.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
On Thu, Jan 05, 2023 at 11:05:11AM -0800, Kees Cook wrote: > Zero-length arrays are deprecated[1]. Replace struct io_uring_buf_ring's > "bufs" with a flexible array member. (How is the size of this array > verified?) Detected with GCC 13, using -fstrict-flex-arrays=3: > > In function 'io_ring_buffer_select', > inlined from 'io_buffer_select' at io_uring/kbuf.c:183:10: > io_uring/kbuf.c:141:23: warning: array subscript 255 is outside the bounds of an interior zero-length array 'struct io_uring_buf[0]' [-Wzero-length-bounds] > 141 | buf = &br->bufs[head]; > | ^~~~~~~~~~~~~~~ > In file included from include/linux/io_uring.h:7, > from io_uring/kbuf.c:10: > include/uapi/linux/io_uring.h: In function 'io_buffer_select': > include/uapi/linux/io_uring.h:628:41: note: while referencing 'bufs' > 628 | struct io_uring_buf bufs[0]; > | ^~~~ > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays > > Fixes: c7fb19428d67 ("io_uring: add support for ring mapped supplied buffers") > Cc: Jens Axboe <axboe@kernel.dk> > Cc: Pavel Begunkov <asml.silence@gmail.com> > Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org> > Cc: stable@vger.kernel.org > Cc: io-uring@vger.kernel.org > Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Thanks! -- Gustavo > --- > v2: use helper since these flex arrays are in a union. > v1: https://lore.kernel.org/lkml/20230105033743.never.628-kees@kernel.org > --- > include/uapi/linux/io_uring.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h > index 2780bce62faf..434f62e0fb72 100644 > --- a/include/uapi/linux/io_uring.h > +++ b/include/uapi/linux/io_uring.h > @@ -625,7 +625,7 @@ struct io_uring_buf_ring { > __u16 resv3; > __u16 tail; > }; > - struct io_uring_buf bufs[0]; > + __DECLARE_FLEX_ARRAY(struct io_uring_buf, bufs); > }; > }; > > -- > 2.34.1 >
diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h index 2780bce62faf..434f62e0fb72 100644 --- a/include/uapi/linux/io_uring.h +++ b/include/uapi/linux/io_uring.h @@ -625,7 +625,7 @@ struct io_uring_buf_ring { __u16 resv3; __u16 tail; }; - struct io_uring_buf bufs[0]; + __DECLARE_FLEX_ARRAY(struct io_uring_buf, bufs); }; };