Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-04 04:06:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

scsi: 3w-sas: Replace 1-element arrays with flexible array members

Browse Source 
One-element arrays (and multi-element arrays being treated as dynamically
sized) are deprecated[1] and are being replaced with flexible array members
in support of the ongoing efforts to tighten the FORTIFY_SOURCE routines on
memcpy(), correctly instrument array indexing with UBSAN_BOUNDS, and to
globally enable -fstrict-flex-arrays=3.

Replace one-element arrays with flexible-array member in TW_Ioctl_Buf_Apache
and TW_Param_Apache, adjusting the explicit sizing calculations at the
same time.

This results in no differences in binary output.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays

Cc: Adam Radford <aradford@gmail.com>
Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20230105004757.never.017-kees@kernel.org
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This commit is contained in:
Kees Cook 2023-01-04 16:48:01 -08:00 committed by Martin K. Petersen
parent dae0bb3e1a
commit 45b379f20b
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
drivers/scsi/3w-sas.c
View File

@ -690,7 +690,7 @@ static void twl_load_sgl(TW_Device_Extension *tw_dev, TW_Command_Full *full_comm
newcommand->request_id__lunl = newcommand->request_id__lunl =
cpu_to_le16(TW_REQ_LUN_IN(TW_LUN_OUT(newcommand->request_id__lunl), request_id)); cpu_to_le16(TW_REQ_LUN_IN(TW_LUN_OUT(newcommand->request_id__lunl), request_id));
if (length) { if (length) {
newcommand->sg_list[0].address = TW_CPU_TO_SGL(dma_handle + sizeof(TW_Ioctl_Buf_Apache) - 1); newcommand->sg_list[0].address = TW_CPU_TO_SGL(dma_handle + sizeof(TW_Ioctl_Buf_Apache));
newcommand->sg_list[0].length = TW_CPU_TO_SGL(length); newcommand->sg_list[0].length = TW_CPU_TO_SGL(length);
} }
newcommand->sgl_entries__lunh = newcommand->sgl_entries__lunh =
@ -702,7 +702,7 @@ static void twl_load_sgl(TW_Device_Extension *tw_dev, TW_Command_Full *full_comm
if (TW_SGL_OUT(oldcommand->opcode__sgloffset)) { if (TW_SGL_OUT(oldcommand->opcode__sgloffset)) {
/* Load the sg list */ /* Load the sg list */
sgl = (TW_SG_Entry_ISO *)((u32 *)oldcommand+oldcommand->size - (sizeof(TW_SG_Entry_ISO)/4) + pae + (sizeof(dma_addr_t) > 4 ? 1 : 0)); sgl = (TW_SG_Entry_ISO *)((u32 *)oldcommand+oldcommand->size - (sizeof(TW_SG_Entry_ISO)/4) + pae + (sizeof(dma_addr_t) > 4 ? 1 : 0));
sgl->address = TW_CPU_TO_SGL(dma_handle + sizeof(TW_Ioctl_Buf_Apache) - 1); sgl->address = TW_CPU_TO_SGL(dma_handle + sizeof(TW_Ioctl_Buf_Apache));
sgl->length = TW_CPU_TO_SGL(length); sgl->length = TW_CPU_TO_SGL(length);
oldcommand->size += pae; oldcommand->size += pae;
oldcommand->size += sizeof(dma_addr_t) > 4 ? 1 : 0; oldcommand->size += sizeof(dma_addr_t) > 4 ? 1 : 0;
@ -748,7 +748,7 @@ static long twl_chrdev_ioctl(struct file *file, unsigned int cmd, unsigned long
data_buffer_length_adjusted = (driver_command.buffer_length + 511) & ~511; data_buffer_length_adjusted = (driver_command.buffer_length + 511) & ~511;
/* Now allocate ioctl buf memory */ /* Now allocate ioctl buf memory */
cpu_addr = dma_alloc_coherent(&tw_dev->tw_pci_dev->dev, data_buffer_length_adjusted+sizeof(TW_Ioctl_Buf_Apache) - 1, &dma_handle, GFP_KERNEL); cpu_addr = dma_alloc_coherent(&tw_dev->tw_pci_dev->dev, data_buffer_length_adjusted + sizeof(TW_Ioctl_Buf_Apache), &dma_handle, GFP_KERNEL);
if (!cpu_addr) { if (!cpu_addr) {
retval = -ENOMEM; retval = -ENOMEM;
goto out2; goto out2;
@ -757,7 +757,7 @@ static long twl_chrdev_ioctl(struct file *file, unsigned int cmd, unsigned long
tw_ioctl = (TW_Ioctl_Buf_Apache *)cpu_addr; tw_ioctl = (TW_Ioctl_Buf_Apache *)cpu_addr;
/* Now copy down the entire ioctl */ /* Now copy down the entire ioctl */
if (copy_from_user(tw_ioctl, argp, driver_command.buffer_length + sizeof(TW_Ioctl_Buf_Apache) - 1)) if (copy_from_user(tw_ioctl, argp, driver_command.buffer_length + sizeof(TW_Ioctl_Buf_Apache)))
goto out3; goto out3;
/* See which ioctl we are doing */ /* See which ioctl we are doing */
@ -815,11 +815,11 @@ static long twl_chrdev_ioctl(struct file *file, unsigned int cmd, unsigned long
} }
/* Now copy the entire response to userspace */ /* Now copy the entire response to userspace */
if (copy_to_user(argp, tw_ioctl, sizeof(TW_Ioctl_Buf_Apache) + driver_command.buffer_length - 1) == 0) if (copy_to_user(argp, tw_ioctl, sizeof(TW_Ioctl_Buf_Apache) + driver_command.buffer_length) == 0)
retval = 0; retval = 0;
out3: out3:
/* Now free ioctl buf memory */ /* Now free ioctl buf memory */
dma_free_coherent(&tw_dev->tw_pci_dev->dev, data_buffer_length_adjusted+sizeof(TW_Ioctl_Buf_Apache) - 1, cpu_addr, dma_handle); dma_free_coherent(&tw_dev->tw_pci_dev->dev, data_buffer_length_adjusted + sizeof(TW_Ioctl_Buf_Apache), cpu_addr, dma_handle);
out2: out2:
mutex_unlock(&tw_dev->ioctl_lock); mutex_unlock(&tw_dev->ioctl_lock);
out: out:

4
drivers/scsi/3w-sas.h
View File

@ -335,7 +335,7 @@ typedef struct TAG_TW_Ioctl_Apache {
TW_Ioctl_Driver_Command driver_command; TW_Ioctl_Driver_Command driver_command;
char padding[488]; char padding[488];
TW_Command_Full firmware_command; TW_Command_Full firmware_command;
char data_buffer[1]; char data_buffer[];
} TW_Ioctl_Buf_Apache; } TW_Ioctl_Buf_Apache;
/* GetParam descriptor */ /* GetParam descriptor */
@ -344,7 +344,7 @@ typedef struct {
unsigned short parameter_id; unsigned short parameter_id;
unsigned short parameter_size_bytes; unsigned short parameter_size_bytes;
unsigned short actual_parameter_size_bytes; unsigned short actual_parameter_size_bytes;
unsigned char data[1]; unsigned char data[];
} TW_Param_Apache; } TW_Param_Apache;
/* Compatibility information structure */ /* Compatibility information structure */