* [PATCH] crypto: Replace zero-length array with flexible-array member
@ 2020-02-24 16:21 Gustavo A. R. Silva
2020-02-25 13:44 ` Horia Geanta
2020-03-06 1:48 ` Herbert Xu
0 siblings, 2 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2020-02-24 16:21 UTC (permalink / raw)
To: Horia Geantă,
Aymen Sghaier, Herbert Xu, David S. Miller, Atul Gupta,
Matthias Brugger, Breno Leitão, Nayna Jain,
Paulo Flabiano Smorigo, Benjamin Herrenschmidt, Paul Mackerras,
Michael Ellerman
Cc: linux-crypto, linux-kernel, linux-arm-kernel, linux-mediatek,
linuxppc-dev, Gustavo A. R. Silva
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
drivers/crypto/caam/caamalg.c | 2 +-
drivers/crypto/caam/caamalg_qi.c | 4 ++--
drivers/crypto/caam/caamalg_qi2.h | 6 +++---
drivers/crypto/caam/caamhash.c | 2 +-
drivers/crypto/cavium/nitrox/nitrox_main.c | 2 +-
drivers/crypto/chelsio/chcr_core.h | 2 +-
drivers/crypto/mediatek/mtk-sha.c | 2 +-
drivers/crypto/nx/nx.h | 2 +-
drivers/crypto/omap-sham.c | 4 ++--
include/crypto/if_alg.h | 2 +-
10 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 03797f9b1050..b7bb7c30adeb 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -909,7 +909,7 @@ struct skcipher_edesc {
bool bklog;
dma_addr_t sec4_sg_dma;
struct sec4_sg_entry *sec4_sg;
- u32 hw_desc[0];
+ u32 hw_desc[];
};
static void caam_unmap(struct device *dev, struct scatterlist *src,
diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c
index 4a29e0ef9d63..27e36bdf6163 100644
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -783,7 +783,7 @@ struct aead_edesc {
unsigned int assoclen;
dma_addr_t assoclen_dma;
struct caam_drv_req drv_req;
- struct qm_sg_entry sgt[0];
+ struct qm_sg_entry sgt[];
};
/*
@@ -803,7 +803,7 @@ struct skcipher_edesc {
int qm_sg_bytes;
dma_addr_t qm_sg_dma;
struct caam_drv_req drv_req;
- struct qm_sg_entry sgt[0];
+ struct qm_sg_entry sgt[];
};
static struct caam_drv_ctx *get_drv_ctx(struct caam_ctx *ctx,
diff --git a/drivers/crypto/caam/caamalg_qi2.h b/drivers/crypto/caam/caamalg_qi2.h
index 706736776b47..f29cb7bd7dd3 100644
--- a/drivers/crypto/caam/caamalg_qi2.h
+++ b/drivers/crypto/caam/caamalg_qi2.h
@@ -114,7 +114,7 @@ struct aead_edesc {
dma_addr_t qm_sg_dma;
unsigned int assoclen;
dma_addr_t assoclen_dma;
- struct dpaa2_sg_entry sgt[0];
+ struct dpaa2_sg_entry sgt[];
};
/*
@@ -132,7 +132,7 @@ struct skcipher_edesc {
dma_addr_t iv_dma;
int qm_sg_bytes;
dma_addr_t qm_sg_dma;
- struct dpaa2_sg_entry sgt[0];
+ struct dpaa2_sg_entry sgt[];
};
/*
@@ -146,7 +146,7 @@ struct ahash_edesc {
dma_addr_t qm_sg_dma;
int src_nents;
int qm_sg_bytes;
- struct dpaa2_sg_entry sgt[0];
+ struct dpaa2_sg_entry sgt[];
};
/**
diff --git a/drivers/crypto/caam/caamhash.c b/drivers/crypto/caam/caamhash.c
index 2fe852853d40..943bc0296267 100644
--- a/drivers/crypto/caam/caamhash.c
+++ b/drivers/crypto/caam/caamhash.c
@@ -536,7 +536,7 @@ struct ahash_edesc {
int sec4_sg_bytes;
bool bklog;
u32 hw_desc[DESC_JOB_IO_LEN_MAX / sizeof(u32)] ____cacheline_aligned;
- struct sec4_sg_entry sec4_sg[0];
+ struct sec4_sg_entry sec4_sg[];
};
static inline void ahash_unmap(struct device *dev,
diff --git a/drivers/crypto/cavium/nitrox/nitrox_main.c b/drivers/crypto/cavium/nitrox/nitrox_main.c
index c4632d84c9a1..e91be9b8b083 100644
--- a/drivers/crypto/cavium/nitrox/nitrox_main.c
+++ b/drivers/crypto/cavium/nitrox/nitrox_main.c
@@ -71,7 +71,7 @@ struct ucode {
char version[VERSION_LEN - 1];
__be32 code_size;
u8 raz[12];
- u64 code[0];
+ u64 code[];
};
/**
diff --git a/drivers/crypto/chelsio/chcr_core.h b/drivers/crypto/chelsio/chcr_core.h
index b41ef1abfe74..e480096754b5 100644
--- a/drivers/crypto/chelsio/chcr_core.h
+++ b/drivers/crypto/chelsio/chcr_core.h
@@ -68,7 +68,7 @@ struct _key_ctx {
__be32 ctx_hdr;
u8 salt[MAX_SALT];
__be64 iv_to_auth;
- unsigned char key[0];
+ unsigned char key[];
};
#define KEYCTX_TX_WR_IV_S 55
diff --git a/drivers/crypto/mediatek/mtk-sha.c b/drivers/crypto/mediatek/mtk-sha.c
index 9e9f48bb7f85..bd6309e57ab8 100644
--- a/drivers/crypto/mediatek/mtk-sha.c
+++ b/drivers/crypto/mediatek/mtk-sha.c
@@ -107,7 +107,7 @@ struct mtk_sha_ctx {
u8 id;
u8 buf[SHA_BUF_SIZE] __aligned(sizeof(u32));
- struct mtk_sha_hmac_ctx base[0];
+ struct mtk_sha_hmac_ctx base[];
};
struct mtk_sha_drv {
diff --git a/drivers/crypto/nx/nx.h b/drivers/crypto/nx/nx.h
index 91c54289124a..c6233173c612 100644
--- a/drivers/crypto/nx/nx.h
+++ b/drivers/crypto/nx/nx.h
@@ -37,7 +37,7 @@ struct max_sync_cop {
u32 fc;
u32 mode;
u32 triplets;
- struct msc_triplet trip[0];
+ struct msc_triplet trip[];
} __packed;
struct alg_props {
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index 4f915a4ef5b0..e4072cd38585 100644
--- a/drivers/crypto/omap-sham.c
+++ b/drivers/crypto/omap-sham.c
@@ -159,7 +159,7 @@ struct omap_sham_reqctx {
int sg_len;
unsigned int total; /* total request */
- u8 buffer[0] OMAP_ALIGNED;
+ u8 buffer[] OMAP_ALIGNED;
};
struct omap_sham_hmac_ctx {
@@ -176,7 +176,7 @@ struct omap_sham_ctx {
/* fallback stuff */
struct crypto_shash *fallback;
- struct omap_sham_hmac_ctx base[0];
+ struct omap_sham_hmac_ctx base[];
};
#define OMAP_SHAM_QUEUE_LENGTH 10
diff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h
index 24cfa96f98ea..56527c85d122 100644
--- a/include/crypto/if_alg.h
+++ b/include/crypto/if_alg.h
@@ -66,7 +66,7 @@ struct af_alg_sgl {
struct af_alg_tsgl {
struct list_head list;
unsigned int cur; /* Last processed SG entry */
- struct scatterlist sg[0]; /* Array of SGs forming the SGL */
+ struct scatterlist sg[]; /* Array of SGs forming the SGL */
};
#define MAX_SGL_ENTS ((4096 - sizeof(struct af_alg_tsgl)) / \
--
2.25.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: Replace zero-length array with flexible-array member
2020-02-24 16:21 [PATCH] crypto: Replace zero-length array with flexible-array member Gustavo A. R. Silva
@ 2020-02-25 13:44 ` Horia Geanta
2020-02-25 14:00 ` Gustavo A. R. Silva
2020-03-06 1:48 ` Herbert Xu
1 sibling, 1 reply; 4+ messages in thread
From: Horia Geanta @ 2020-02-25 13:44 UTC (permalink / raw)
To: Gustavo A. R. Silva, Aymen Sghaier, Herbert Xu, David S. Miller,
Atul Gupta, Matthias Brugger, Breno Leitão, Nayna Jain,
Paulo Flabiano Smorigo, Benjamin Herrenschmidt, Paul Mackerras,
Michael Ellerman
Cc: linux-crypto, linux-kernel, linux-arm-kernel, linux-mediatek,
linuxppc-dev
On 2/24/2020 6:18 PM, Gustavo A. R. Silva wrote:
> The current codebase makes use of the zero-length array language
> extension to the C90 standard, but the preferred mechanism to declare
> variable-length types such as these ones is a flexible array member[1][2],
> introduced in C99:
>
> struct foo {
> int stuff;
> struct boo array[];
> };
>
> By making use of the mechanism above, we will get a compiler warning
> in case the flexible array does not occur last in the structure, which
> will help us prevent some kind of undefined behavior bugs from being
> inadvertently introduced[3] to the codebase from now on.
>
> Also, notice that, dynamic memory allocations won't be affected by
> this change:
>
> "Flexible array members have incomplete type, and so the sizeof operator
> may not be applied. As a quirk of the original implementation of
> zero-length arrays, sizeof evaluates to zero."[1]
>
> This issue was found with the help of Coccinelle.
>
> [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
> [2] https://github.com/KSPP/linux/issues/21
> [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
>
> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
for caam driver:
> drivers/crypto/caam/caamalg.c | 2 +-
> drivers/crypto/caam/caamalg_qi.c | 4 ++--
> drivers/crypto/caam/caamalg_qi2.h | 6 +++---
> drivers/crypto/caam/caamhash.c | 2 +-
Thanks,
Horia
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: Replace zero-length array with flexible-array member
2020-02-25 13:44 ` Horia Geanta
@ 2020-02-25 14:00 ` Gustavo A. R. Silva
0 siblings, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2020-02-25 14:00 UTC (permalink / raw)
To: Horia Geanta, Aymen Sghaier, Herbert Xu, David S. Miller,
Atul Gupta, Matthias Brugger, Breno Leitão, Nayna Jain,
Paulo Flabiano Smorigo, Benjamin Herrenschmidt, Paul Mackerras,
Michael Ellerman
Cc: linux-crypto, linux-kernel, linux-arm-kernel, linux-mediatek,
linuxppc-dev
On 2/25/20 07:44, Horia Geanta wrote:
> On 2/24/2020 6:18 PM, Gustavo A. R. Silva wrote:
>> The current codebase makes use of the zero-length array language
>> extension to the C90 standard, but the preferred mechanism to declare
>> variable-length types such as these ones is a flexible array member[1][2],
>> introduced in C99:
>>
>> struct foo {
>> int stuff;
>> struct boo array[];
>> };
>>
>> By making use of the mechanism above, we will get a compiler warning
>> in case the flexible array does not occur last in the structure, which
>> will help us prevent some kind of undefined behavior bugs from being
>> inadvertently introduced[3] to the codebase from now on.
>>
>> Also, notice that, dynamic memory allocations won't be affected by
>> this change:
>>
>> "Flexible array members have incomplete type, and so the sizeof operator
>> may not be applied. As a quirk of the original implementation of
>> zero-length arrays, sizeof evaluates to zero."[1]
>>
>> This issue was found with the help of Coccinelle.
>>
>> [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
>> [2] https://github.com/KSPP/linux/issues/21
>> [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
>>
>> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
> Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
>
Thank you, Horia.
--
Gustavo
> for caam driver:
>
>> drivers/crypto/caam/caamalg.c | 2 +-
>> drivers/crypto/caam/caamalg_qi.c | 4 ++--
>> drivers/crypto/caam/caamalg_qi2.h | 6 +++---
>> drivers/crypto/caam/caamhash.c | 2 +-
>
> Thanks,
> Horia
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: Replace zero-length array with flexible-array member
2020-02-24 16:21 [PATCH] crypto: Replace zero-length array with flexible-array member Gustavo A. R. Silva
2020-02-25 13:44 ` Horia Geanta
@ 2020-03-06 1:48 ` Herbert Xu
1 sibling, 0 replies; 4+ messages in thread
From: Herbert Xu @ 2020-03-06 1:48 UTC (permalink / raw)
To: Gustavo A. R. Silva
Cc: Horia Geantă,
Aymen Sghaier, David S. Miller, Atul Gupta, Matthias Brugger,
Breno Leitão, Nayna Jain, Paulo Flabiano Smorigo,
Benjamin Herrenschmidt, Paul Mackerras, Michael Ellerman,
linux-crypto, linux-kernel, linux-arm-kernel, linux-mediatek,
linuxppc-dev
On Mon, Feb 24, 2020 at 10:21:00AM -0600, Gustavo A. R. Silva wrote:
> The current codebase makes use of the zero-length array language
> extension to the C90 standard, but the preferred mechanism to declare
> variable-length types such as these ones is a flexible array member[1][2],
> introduced in C99:
>
> struct foo {
> int stuff;
> struct boo array[];
> };
>
> By making use of the mechanism above, we will get a compiler warning
> in case the flexible array does not occur last in the structure, which
> will help us prevent some kind of undefined behavior bugs from being
> inadvertently introduced[3] to the codebase from now on.
>
> Also, notice that, dynamic memory allocations won't be affected by
> this change:
>
> "Flexible array members have incomplete type, and so the sizeof operator
> may not be applied. As a quirk of the original implementation of
> zero-length arrays, sizeof evaluates to zero."[1]
>
> This issue was found with the help of Coccinelle.
>
> [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
> [2] https://github.com/KSPP/linux/issues/21
> [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
>
> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
> ---
> drivers/crypto/caam/caamalg.c | 2 +-
> drivers/crypto/caam/caamalg_qi.c | 4 ++--
> drivers/crypto/caam/caamalg_qi2.h | 6 +++---
> drivers/crypto/caam/caamhash.c | 2 +-
> drivers/crypto/cavium/nitrox/nitrox_main.c | 2 +-
> drivers/crypto/chelsio/chcr_core.h | 2 +-
> drivers/crypto/mediatek/mtk-sha.c | 2 +-
> drivers/crypto/nx/nx.h | 2 +-
> drivers/crypto/omap-sham.c | 4 ++--
> include/crypto/if_alg.h | 2 +-
> 10 files changed, 14 insertions(+), 14 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-03-06 1:49 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-24 16:21 [PATCH] crypto: Replace zero-length array with flexible-array member Gustavo A. R. Silva
2020-02-25 13:44 ` Horia Geanta
2020-02-25 14:00 ` Gustavo A. R. Silva
2020-03-06 1:48 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).