[next] bcachefs: Replace zero-length array with flex-array member and use __counted_by
| Message ID | ZYDi1bWIKRSs2NpH@work |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-4519-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp1623929dyi;
Mon, 18 Dec 2023 16:27:04 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IF27+xMPc2eLX8V6M2g7qHuKt8Iyk3EBCQNdTDgW8OE78uZtpNg+wrTzXdr2ISx2eXjDOgC
X-Received: by 2002:a05:6e02:16c8:b0:35f:ba43:258d with SMTP id
8-20020a056e0216c800b0035fba43258dmr1128270ilx.35.1702945624009;
Mon, 18 Dec 2023 16:27:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702945623; cv=none;
d=google.com; s=arc-20160816;
b=Qu9NA+VWERqZlaJ35Xp2ngKCravyik8nvz4jJLWD1EOeQMp+cx1wKo1knZAJvEcVOh
Pv1GeMHwstIrzApgmVcN37YKDAfup6akce3dUq1dl5IPPfs8NVhKDlnZ5a4BheyDy6k+
iT46FEP2Zd8A5BqOsGFyJcARKcXIU/b0Lm9aOkcZB3MfamIqQqYVUsfQqlRG4tq/d/3J
NSko83VKfZ1JczppoifKxex39NSbVuHbZdkhvfIMFEY7A38YUuaxf2hKrKHbzpR7GdrY
IhTETolyzXX0gjIkicCGspa7h12GEt75m6qYyx6PX8keOJvONZQBVU+4c6Cx1qq1RfaD
luPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=content-disposition:mime-version:list-unsubscribe:list-subscribe
:list-id:precedence:message-id:subject:cc:to:from:date
:dkim-signature;
bh=fQ1TdXNxgmz8yaBkV5bdPj6QagiZDoAKPTJl1scpvu0=;
fh=a9DUR2BkWEeP0cACbiaI2xwcDvDVC/gt15O7/cIFKdk=;
b=k9cHPyCMF/cqoqkZA7XBbSjRn/ygOda30kAheL6oMmwTVQ403DglXYf4scZkwg4GW+
DGJiZi+OhZO8/jlq2/ca1QvWkGKz5HneNbL4M4NT7vLKkvd4dMcBx60eht/ntSfQONyz
xT6xXqmqlb/IjmIOht/2O52JyRzGa+QPLGZBHkAQEaIeryEOUf9vPm5ciAevBo58LJF9
0QVNyh+nUtzwbHth0sIG8xeUZyEjKtt48R6Reb8zzf6btPs/iSaxh5cOzC1XPD0nlwmR
2pj7nlo5NQFcSfAcXzvX6RAxCsDuDBz17JE9HA16qfReCfcCYY4uq54CpSeUX85uJZ5x
VeeQ==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=L6LPmx9k;
spf=pass (google.com: domain of
linux-kernel+bounces-4519-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.48.161 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-4519-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
by mx.google.com with ESMTPS id
k22-20020a6568d6000000b005c637e836cfsi3514413pgt.885.2023.12.18.16.27.03
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 18 Dec 2023 16:27:03 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-4519-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=L6LPmx9k;
spf=pass (google.com: domain of
linux-kernel+bounces-4519-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.48.161 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-4519-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sy.mirrors.kernel.org (Postfix) with ESMTPS id 3CC69B23E1E
for <ouuuleilei@gmail.com>; Tue, 19 Dec 2023 00:25:26 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 4A593441B;
Tue, 19 Dec 2023 00:24:59 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
header.b="L6LPmx9k"
X-Original-To: linux-kernel@vger.kernel.org
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
[10.30.226.201])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8814A1872;
Tue, 19 Dec 2023 00:24:56 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6469DC433C8;
Tue, 19 Dec 2023 00:24:55 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
s=k20201202; t=1702945496;
bh=nA9/a7919dPKMYYw5KWRsWrqeemlp+0/WOnVbITGovA=;
h=Date:From:To:Cc:Subject:From;
b=L6LPmx9kTw0B4hbMomnqLSv4v1LiFIl5o7dvjeP7kX4xsrxOf5Z8fCNAz9mSQrGjs
kxJdkvtTxNX3Jo3NgBv8olBjMLd85TbAO2dbqLgub4aihd/CPj8k7K45Oy8YW7hCFk
+oHSaN8GJlS0getphbAFGOanV3rG3cPw9Jk2Nk+5Xu45CDAM623ORXlHB/x0B7P08K
cShjKpfA8h9oPZVY3Xzq5JQ108iVu2S9oiUj0bxb/W2y0BfLogUx+cg36UAdHMtyEn
VKhXZTLM7diAFpNBDzsAjJRpumC0b8JZuqDjdBj0d0RSEv4lAmch7hH7kDg52dK0VZ
1pSPn3KZ4IbpA==
Date: Mon, 18 Dec 2023 18:24:53 -0600
From: "Gustavo A. R. Silva" <gustavoars@kernel.org>
To: Kent Overstreet <kent.overstreet@linux.dev>,
Brian Foster <bfoster@redhat.com>
Cc: linux-bcachefs@vger.kernel.org, linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
linux-hardening@vger.kernel.org
Subject: [PATCH][next] bcachefs: Replace zero-length array with flex-array
member and use __counted_by
Message-ID: <ZYDi1bWIKRSs2NpH@work>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1785667910495481950
X-GMAIL-MSGID: 1785667910495481950
|
| Series |
[next] bcachefs: Replace zero-length array with flex-array member and use __counted_by
|
|
Commit Message
Gustavo A. R. Silva
Dec. 19, 2023, 12:24 a.m. UTC
Fake flexible arrays (zero-length and one-element arrays) are
deprecated, and should be replaced by flexible-array members.
So, replace zero-length array with a flexible-array member in
`struct bch_ioctl_fsck_offline`.
Also annotate array `devs` with `__counted_by()` to prepare for the
coming implementation by GCC and Clang of the `__counted_by` attribute.
Flexible array members annotated with `__counted_by` can have their
accesses bounds-checked at run-time via `CONFIG_UBSAN_BOUNDS` (for
array indexing) and `CONFIG_FORTIFY_SOURCE` (for strcpy/memcpy-family
functions).
This fixes the following -Warray-bounds warnings:
fs/bcachefs/chardev.c: In function 'bch2_ioctl_fsck_offline':
fs/bcachefs/chardev.c:363:34: warning: array subscript 0 is outside array bounds of '__u64[0]' {aka 'long long unsigned int[]'} [-Warray-bounds=]
363 | if (copy_from_user(devs, &user_arg->devs[0], sizeof(user_arg->devs[0]) * arg.nr_devs)) {
| ^~~~~~~~~~~~~~~~~~
In file included from fs/bcachefs/chardev.c:5:
fs/bcachefs/bcachefs_ioctl.h:400:33: note: while referencing 'devs'
400 | __u64 devs[0];
This results in no differences in binary output.
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
fs/bcachefs/bcachefs_ioctl.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
On Mon, Dec 18, 2023 at 06:24:53PM -0600, Gustavo A. R. Silva wrote: > Fake flexible arrays (zero-length and one-element arrays) are > deprecated, and should be replaced by flexible-array members. > So, replace zero-length array with a flexible-array member in > `struct bch_ioctl_fsck_offline`. > > Also annotate array `devs` with `__counted_by()` to prepare for the > coming implementation by GCC and Clang of the `__counted_by` attribute. > Flexible array members annotated with `__counted_by` can have their > accesses bounds-checked at run-time via `CONFIG_UBSAN_BOUNDS` (for > array indexing) and `CONFIG_FORTIFY_SOURCE` (for strcpy/memcpy-family > functions). > > This fixes the following -Warray-bounds warnings: > fs/bcachefs/chardev.c: In function 'bch2_ioctl_fsck_offline': > fs/bcachefs/chardev.c:363:34: warning: array subscript 0 is outside array bounds of '__u64[0]' {aka 'long long unsigned int[]'} [-Warray-bounds=] > 363 | if (copy_from_user(devs, &user_arg->devs[0], sizeof(user_arg->devs[0]) * arg.nr_devs)) { > | ^~~~~~~~~~~~~~~~~~ > In file included from fs/bcachefs/chardev.c:5: > fs/bcachefs/bcachefs_ioctl.h:400:33: note: while referencing 'devs' > 400 | __u64 devs[0]; > > This results in no differences in binary output. > > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Applied
diff --git a/fs/bcachefs/bcachefs_ioctl.h b/fs/bcachefs/bcachefs_ioctl.h index 21f81b16f24e..4b8fba754b1c 100644 --- a/fs/bcachefs/bcachefs_ioctl.h +++ b/fs/bcachefs/bcachefs_ioctl.h @@ -397,7 +397,7 @@ struct bch_ioctl_fsck_offline { __u64 flags; __u64 opts; /* string */ __u64 nr_devs; - __u64 devs[0]; + __u64 devs[] __counted_by(nr_devs); }; /*