Re: [PATCH] gcc-plugins: randstruct: Only warn about true flexible arrays

From: Bill Wendling <morbo@google.com>
To: Kees Cook <keescook@chromium.org>
Cc: KP Singh <kpsingh@kernel.org>,
	linux-hardening@vger.kernel.org,
	kernel test robot <lkp@intel.com>,
	"Gustavo A. R. Silva" <gustavoars@kernel.org>,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH] gcc-plugins: randstruct: Only warn about true flexible arrays
Date: Mon, 6 Nov 2023 00:47:16 -0800	[thread overview]
Message-ID: <CAGG=3QWX0Koj3xNHiRHdiYupy4bFsJ6nNWWcCJkqbu8-GnmfZA@mail.gmail.com> (raw)
In-Reply-To: <20231104204334.work.160-kees@kernel.org>

On Sat, Nov 4, 2023 at 1:43 PM Kees Cook <keescook@chromium.org> wrote:
>
> The randstruct GCC plugin tried to discover "fake" flexible arrays
> to issue warnings about them in randomized structs. In the future
> LSM overhead reduction series, it would be legal to have a randomized
> struct with a 1-element array, and this should _not_ be treated as a
> flexible array, especially since commit df8fc4e934c1 ("kbuild: Enable
> -fstrict-flex-arrays=3"). Disable the 0-sized and 1-element array
> discovery logic in the plugin, but keep the "true" flexible array check.
>
> Cc: KP Singh <kpsingh@kernel.org>
> Cc: linux-hardening@vger.kernel.org
> Reported-by: kernel test robot <lkp@intel.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202311021532.iBwuZUZ0-lkp@intel.com/
> Fixes: df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3")
> Signed-off-by: Kees Cook <keescook@chromium.org>

Reviewed-by: Bill Wendling <morbo@google.com>

> ---
>  scripts/gcc-plugins/randomize_layout_plugin.c | 10 ----------
>  1 file changed, 10 deletions(-)
>
> diff --git a/scripts/gcc-plugins/randomize_layout_plugin.c b/scripts/gcc-plugins/randomize_layout_plugin.c
> index 366395cab490..910bd21d08f4 100644
> --- a/scripts/gcc-plugins/randomize_layout_plugin.c
> +++ b/scripts/gcc-plugins/randomize_layout_plugin.c
> @@ -278,8 +278,6 @@ static bool is_flexible_array(const_tree field)
>  {
>         const_tree fieldtype;
>         const_tree typesize;
> -       const_tree elemtype;
> -       const_tree elemsize;
>
>         fieldtype = TREE_TYPE(field);
>         typesize = TYPE_SIZE(fieldtype);
> @@ -287,20 +285,12 @@ static bool is_flexible_array(const_tree field)
>         if (TREE_CODE(fieldtype) != ARRAY_TYPE)
>                 return false;
>
> -       elemtype = TREE_TYPE(fieldtype);
> -       elemsize = TYPE_SIZE(elemtype);
> -
>         /* size of type is represented in bits */
>
>         if (typesize == NULL_TREE && TYPE_DOMAIN(fieldtype) != NULL_TREE &&
>             TYPE_MAX_VALUE(TYPE_DOMAIN(fieldtype)) == NULL_TREE)
>                 return true;
>
> -       if (typesize != NULL_TREE &&
> -           (TREE_CONSTANT(typesize) && (!tree_to_uhwi(typesize) ||
> -            tree_to_uhwi(typesize) == tree_to_uhwi(elemsize))))
> -               return true;
> -
>         return false;
>  }
>
> --
> 2.34.1
>
>