From patchwork Mon Mar 4 17:52:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Gustavo A. R. Silva" X-Patchwork-Id: 209667 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:fa17:b0:10a:f01:a869 with SMTP id ju23csp1581432dyc; Mon, 4 Mar 2024 09:53:15 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCX89o3akG+wwnJFT5InSVqQneoVsfoFOjvA0CLKPBPbgsnbQ2nSIK+4EET8froZz6l21Ey7IP/FsF0Fxx9Whv0/rXR0ig== X-Google-Smtp-Source: AGHT+IHLigiThzApMksgBVefAlGa1eTzmAQG8DKKXeh0JY7oNTE7iObTkamFMHnWUbPjedyT5mgp X-Received: by 2002:a05:6a21:191:b0:19e:99ce:72d4 with SMTP id le17-20020a056a21019100b0019e99ce72d4mr1617095pzb.23.1709574794882; Mon, 04 Mar 2024 09:53:14 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709574794; cv=pass; d=google.com; s=arc-20160816; b=b6AbTODKxf9qiVBC7JsrI5O17OvuEepw2UHgwo9avUFCoY1NOLcA/rP+kA77Rbuo1q cDpu7alP/oL7r6XYwS/PottSI69m2pZzi6dxB4I5ZuRjLm9HwlfSysO1q4zoK44o1TmI m6IpuMCM1XY9P5DaVSdoWCu3S31DxCqiWdOuJFTrALgHY2zZ3eYtKKsr+WDT/YlDf79e n09jcIZYJ5Ud8B76HtLTdUNTNGq2G8z1huk1sEOgVYZOHeGxTrjCFhLaNq9CHMryZTZ0 hxqwGxseSzgndNJWO/R0swanDtxa9MpBoWMqbCfgF5cQs3ENXQpMm/5ApXURUljwQtSe 7UOw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-disposition:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:message-id:subject:cc:to:from:date :dkim-signature; bh=0R+kWivAU79dsS8yDdhClJH9RAnFXAHB54M8oZYIgb0=; fh=GD8pVeZl/fEQjjWwwYFyUkXHN30YXIaOVlkPlmBTlR8=; b=gzXEX2X3atOK0NkDDcKkmTqNMaZHixlZdlGYNo6jDcgQpl6RVabKIRWek4XK9Pt1WO VRetsBZQDOoXL2xxqb6ZZkDY5Zok7etM+oAPQMc3q0IJVB7xAL4QWIH779fWyTJ7qBk8 iHzMPAJHXwiTaBjF9VDjkJT2rcGr4Ozv8Rb9lFLPLE8WB9FW5YD2vtFdLqFMC4iuOg0p YAEJkw/vqRmMBG3HzTZ4bycT36N9UJUiFWXMfGYYuFkTVLtY5Ry8nsWUft57a0N3OV32 w7dMzE6mME6YJ61QcGUhr4cU5cEIK368aM1cN9FWCuyPAaWzuMyQXSKJhusZnWBvWQRx 4pxw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MwSz79wi; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-91033-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-91033-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id a33-20020a634d21000000b005dc95ff00bdsi8538861pgb.834.2024.03.04.09.53.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 09:53:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-91033-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MwSz79wi; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-91033-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-91033-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id D319C286BEF for ; Mon, 4 Mar 2024 17:52:52 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 153286214A; Mon, 4 Mar 2024 17:52:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="MwSz79wi" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C88E61667; Mon, 4 Mar 2024 17:52:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709574751; cv=none; b=X0r4qQ+8vjM//JOPNDMqu9ztvVHn4bqvLI4CSPv6v76HOfblJ3z1r7JUAnl0+nZ5816VKzVYc+35Prh1FoiM/RZD6erLgVi65e0Iqi7j77usOHkoySZRVJUCcsos/KwsIMT8VpArqvBRMX1DGFMpuRo4Q7ZWLVT8LDJDPF4zD74= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709574751; c=relaxed/simple; bh=UYhFNofQiUlCRrzj2ZJ2vUFqhXp3QdMaGCKf9f95yCw=; h=Date:From:To:Cc:Subject:Message-ID:MIME-Version:Content-Type: Content-Disposition; b=ZeGn/C0m3k5h5smaLrhWgFJr8VgPpvrZuGm9rBsNSfCQsXeN7pv6nBEnM1h2hS2HgVw5Fvs9L54ZEjudax5ZCarQgS66QLL5U2acvPKOmOsT+w3VZ/VHz0hmSJCLp/sAwaQRzGEUuE1Nv3bKXZWvbsjZ86UY6eeiskXnkkDsqws= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=MwSz79wi; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 42620C433F1; Mon, 4 Mar 2024 17:52:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1709574750; bh=UYhFNofQiUlCRrzj2ZJ2vUFqhXp3QdMaGCKf9f95yCw=; h=Date:From:To:Cc:Subject:From; b=MwSz79wihL0p83/0WV3iT2e7eYJerJ/U1DjsdbF7ACWks/iTY6Z+mxQ8MBxkXf+KD V5vV1JIvqyJpTdbFa0ptyLgaa1CFMlxn7+ufbWqiDI27vlb3zKN0FvPxBWuzlC7BpS kYNLctbDrM2DRXW+OguKtrbLjJZ6oiJCk4PKwfkyzIN6e/tM50f66PD1Zy/uvt0Acc 9FOwyAlRISF1fcO6Y6CbLU5eY3falWEZGdvZoae0npZHEHBtqj2yoNdy8we7hb7v0/ kS861inagNw2CqGornwW09YBj95s1gvXwx/elL6jx32hj2IBONAxeu6V2otOhyxEsu QZooQfosHmjVw== Date: Mon, 4 Mar 2024 11:52:26 -0600 From: "Gustavo A. R. Silva" To: Mimi Zohar , Roberto Sassu , Dmitry Kasatkin , Eric Snowberg , Paul Moore , James Morris , "Serge E. Hallyn" Cc: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, "Gustavo A. R. Silva" , linux-hardening@vger.kernel.org, Kees Cook Subject: [PATCH][next] integrity: Avoid -Wflex-array-member-not-at-end warnings Message-ID: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792619100152164168 X-GMAIL-MSGID: 1792619100152164168 -Wflex-array-member-not-at-end is coming in GCC-14, and we are getting ready to enable it globally. There is currently an object (`hdr)` in `struct ima_max_digest_data` that contains a flexible structure (`struct ima_digest_data`): struct ima_max_digest_data { struct ima_digest_data hdr; u8 digest[HASH_MAX_DIGESTSIZE]; } __packed; So, in order to avoid ending up with a flexible-array member in the middle of another struct, we use the `struct_group_tagged()` helper to separate the flexible array from the rest of the members in the flexible structure: struct ima_digest_data { struct_group_tagged(ima_digest_data_hdr, hdr, ... the rest of the members ); u8 digest[]; } __packed; With the change described above, we can now declare an object of the type of the tagged struct, without embedding the flexible array in the middle of another struct: struct ima_max_digest_data { struct ima_digest_data_hdr hdr; u8 digest[HASH_MAX_DIGESTSIZE]; } __packed; We also use `container_of()` whenever we need to retrieve a pointer to the flexible structure. So, with these changes, fix the following warnings: security/integrity/evm/evm.h:45:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] security/integrity/evm/evm.h:45:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] security/integrity/evm/evm.h:45:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva --- security/integrity/ima/ima_api.c | 6 ++++-- security/integrity/ima/ima_appraise.c | 4 +++- security/integrity/ima/ima_init.c | 6 ++++-- security/integrity/ima/ima_main.c | 6 ++++-- security/integrity/ima/ima_template_lib.c | 10 ++++++---- security/integrity/integrity.h | 4 +++- 6 files changed, 24 insertions(+), 12 deletions(-) diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index b37d043d5748..c7c8d1bffb17 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -247,6 +247,8 @@ int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, struct inode *real_inode = d_real_inode(file_dentry(file)); const char *filename = file->f_path.dentry->d_name.name; struct ima_max_digest_data hash; + struct ima_digest_data *hash_hdr = container_of(&hash.hdr, + struct ima_digest_data, hdr); struct kstat stat; int result = 0; int length; @@ -286,9 +288,9 @@ int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, result = -ENODATA; } } else if (buf) { - result = ima_calc_buffer_hash(buf, size, &hash.hdr); + result = ima_calc_buffer_hash(buf, size, hash_hdr); } else { - result = ima_calc_file_hash(file, &hash.hdr); + result = ima_calc_file_hash(file, hash_hdr); } if (result && result != -EBADF && result != -EINVAL) diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index 3497741caea9..656c709b974f 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -378,7 +378,9 @@ static int xattr_verify(enum ima_hooks func, struct ima_iint_cache *iint, } rc = calc_file_id_hash(IMA_VERITY_DIGSIG, iint->ima_hash->algo, - iint->ima_hash->digest, &hash.hdr); + iint->ima_hash->digest, + container_of(&hash.hdr, + struct ima_digest_data, hdr)); if (rc) { *cause = "sigv3-hashing-error"; *status = INTEGRITY_FAIL; diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index 393f5c7912d5..4e208239a40e 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -48,12 +48,14 @@ static int __init ima_add_boot_aggregate(void) struct ima_event_data event_data = { .iint = iint, .filename = boot_aggregate_name }; struct ima_max_digest_data hash; + struct ima_digest_data *hash_hdr = container_of(&hash.hdr, + struct ima_digest_data, hdr); int result = -ENOMEM; int violation = 0; memset(iint, 0, sizeof(*iint)); memset(&hash, 0, sizeof(hash)); - iint->ima_hash = &hash.hdr; + iint->ima_hash = hash_hdr; iint->ima_hash->algo = ima_hash_algo; iint->ima_hash->length = hash_digest_size[ima_hash_algo]; @@ -70,7 +72,7 @@ static int __init ima_add_boot_aggregate(void) * is not found. */ if (ima_tpm_chip) { - result = ima_calc_boot_aggregate(&hash.hdr); + result = ima_calc_boot_aggregate(hash_hdr); if (result < 0) { audit_cause = "hashing_error"; goto err_out; diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index c84e8c55333d..0d3a7c864fd4 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -941,6 +941,8 @@ int process_buffer_measurement(struct mnt_idmap *idmap, .buf_len = size}; struct ima_template_desc *template; struct ima_max_digest_data hash; + struct ima_digest_data *hash_hdr = container_of(&hash.hdr, + struct ima_digest_data, hdr); char digest_hash[IMA_MAX_DIGEST_SIZE]; int digest_hash_len = hash_digest_size[ima_hash_algo]; int violation = 0; @@ -979,7 +981,7 @@ int process_buffer_measurement(struct mnt_idmap *idmap, if (!pcr) pcr = CONFIG_IMA_MEASURE_PCR_IDX; - iint.ima_hash = &hash.hdr; + iint.ima_hash = hash_hdr; iint.ima_hash->algo = ima_hash_algo; iint.ima_hash->length = hash_digest_size[ima_hash_algo]; @@ -990,7 +992,7 @@ int process_buffer_measurement(struct mnt_idmap *idmap, } if (buf_hash) { - memcpy(digest_hash, hash.hdr.digest, digest_hash_len); + memcpy(digest_hash, hash_hdr->digest, digest_hash_len); ret = ima_calc_buffer_hash(digest_hash, digest_hash_len, iint.ima_hash); diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c index 6cd0add524cd..74198d7619da 100644 --- a/security/integrity/ima/ima_template_lib.c +++ b/security/integrity/ima/ima_template_lib.c @@ -339,6 +339,8 @@ int ima_eventdigest_init(struct ima_event_data *event_data, struct ima_field_data *field_data) { struct ima_max_digest_data hash; + struct ima_digest_data *hash_hdr = container_of(&hash.hdr, + struct ima_digest_data, hdr); u8 *cur_digest = NULL; u32 cur_digestsize = 0; struct inode *inode; @@ -358,7 +360,7 @@ int ima_eventdigest_init(struct ima_event_data *event_data, if ((const char *)event_data->filename == boot_aggregate_name) { if (ima_tpm_chip) { hash.hdr.algo = HASH_ALGO_SHA1; - result = ima_calc_boot_aggregate(&hash.hdr); + result = ima_calc_boot_aggregate(hash_hdr); /* algo can change depending on available PCR banks */ if (!result && hash.hdr.algo != HASH_ALGO_SHA1) @@ -368,7 +370,7 @@ int ima_eventdigest_init(struct ima_event_data *event_data, memset(&hash, 0, sizeof(hash)); } - cur_digest = hash.hdr.digest; + cur_digest = hash_hdr->digest; cur_digestsize = hash_digest_size[HASH_ALGO_SHA1]; goto out; } @@ -379,14 +381,14 @@ int ima_eventdigest_init(struct ima_event_data *event_data, inode = file_inode(event_data->file); hash.hdr.algo = ima_template_hash_algo_allowed(ima_hash_algo) ? ima_hash_algo : HASH_ALGO_SHA1; - result = ima_calc_file_hash(event_data->file, &hash.hdr); + result = ima_calc_file_hash(event_data->file, hash_hdr); if (result) { integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode, event_data->filename, "collect_data", "failed", result, 0); return result; } - cur_digest = hash.hdr.digest; + cur_digest = hash_hdr->digest; cur_digestsize = hash.hdr.length; out: return ima_eventdigest_init_common(cur_digest, cur_digestsize, diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 50d6f798e613..fc1952da02ea 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -44,6 +44,7 @@ struct evm_xattr { #define IMA_MAX_DIGEST_SIZE HASH_MAX_DIGESTSIZE struct ima_digest_data { + struct_group_tagged(ima_digest_data_hdr, hdr, u8 algo; u8 length; union { @@ -57,6 +58,7 @@ struct ima_digest_data { } ng; u8 data[2]; } xattr; + ); u8 digest[]; } __packed; @@ -65,7 +67,7 @@ struct ima_digest_data { * with the maximum hash size, define ima_max_digest_data struct. */ struct ima_max_digest_data { - struct ima_digest_data hdr; + struct ima_digest_data_hdr hdr; u8 digest[HASH_MAX_DIGESTSIZE]; } __packed;