Received: by 2002:a05:7412:f690:b0:e2:908c:2ebd with SMTP id ej16csp10721rdb; Wed, 18 Oct 2023 16:08:52 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE01x7NRLBqLbqGvFSomakEIGBWYlt9SUv7UldPRXuFX16mqWmi1aeKv4LpQ77N6fUAgMQz X-Received: by 2002:a17:903:320c:b0:1ca:8169:e847 with SMTP id s12-20020a170903320c00b001ca8169e847mr786897plh.63.1697670531706; Wed, 18 Oct 2023 16:08:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697670531; cv=none; d=google.com; s=arc-20160816; b=vDgkwdYFE71wFbkUh1KMjefXvwt+WsOTfQeo/98pvdkS1ifVavTON417pFoK3KPLMC Aub95I7k+024ojUTPeti9E68UF2YYpNWLDKze5acyFMnKI412qwQG1FNNaaUgULY+HcV IixzxPpaGHomrwQ8taLYCkyoxTOmjgzBH4F7+jCd3V9WweTpH84rHBpIjdrwnfxROld9 Pn74L6Sagg1LkUSveEETyvlaBULQgoEgD2DZcrHHbn2eJMMmrragXvP98Y2wyaartz6h gblyqe4US+ZIqHdKxgdb4qG2FLMLkLnjp917Y76vfIiE7/gzY4CuVibaQFVTnrwiK7rO q8tQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=R+6LQBPGNqtPA5naLsc4aWMbk2cbN8f3X83ZN1e7doc=; fh=wGZ5NFjxrvWCmf9jcybko96on6/NUFzjkMY7CPpuTzc=; b=vgeUIVFHEPjZhJddBDB73+gda/4hpKvQlY4+oK9PWcvniP1ym5nQ7DLuhIQEubrian IyDUqy1oKM/vGltqYie634uI27zdITnMiwfMCV/6XvUpeVGjv1a0VgstGRl8nPNeGZcC EchMPUPXLK6lTVJK/F+YOQ3wTgaVppsm6gNqSg98oe41xaPrB4Xueyv7Z4TVAcNLDvsB /ritNw9styj1i2pTHgeKg0LMG0O0xk7Bcu9kr/hI1FEi5wGUzcRzWDG4z00khgZmcttn nFAyxXB+x+C0FCmNl1WKPIQZ3YFclb/CQDf3JBTXuKfD5IXR4XOYqLq1jbPOf8FeQ964 43bQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Xq16VMB8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id 21-20020a170902c21500b001c746bca05dsi826938pll.69.2023.10.18.16.08.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 16:08:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Xq16VMB8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 893C580ECB3D; Wed, 18 Oct 2023 16:08:48 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231718AbjJRXIf (ORCPT + 99 others); Wed, 18 Oct 2023 19:08:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229694AbjJRXIe (ORCPT ); Wed, 18 Oct 2023 19:08:34 -0400 Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 25568118 for ; Wed, 18 Oct 2023 16:08:33 -0700 (PDT) Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-6b709048d8eso4069726b3a.2 for ; Wed, 18 Oct 2023 16:08:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1697670512; x=1698275312; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=R+6LQBPGNqtPA5naLsc4aWMbk2cbN8f3X83ZN1e7doc=; b=Xq16VMB8MbLQIbbytd5otyYLEV5P2YpV1m0avVRYXmb7fxOQ+y/1DjQg8EiZGn1auC BoLq16q7xV3IWV/PrLuaJnEmN/80IWjLd6d7PXrdeuBXNvCq4+q2g3vBbVAabycaAPP7 zHoJnb7bg6Xjx4OfEYnbPBZE53RHlC4ngKZB4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697670512; x=1698275312; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=R+6LQBPGNqtPA5naLsc4aWMbk2cbN8f3X83ZN1e7doc=; b=X8eKXKT7EA56MExPhDnf4vQEKpv7LlEE5jD7JOnHR8FPMoL69QzITHaSD/3EYa5zll 3k5R6ZC/OMrJuPEPmrSGw6XuM+3MnO7vjZhKqJCbVSkHEm47WzmkXahaoyLY/raWSAPS 0HusXF4qP64KmxP7C8gg0zCPe62qsEBf+K4cAg+cmqFksvwwpeTts617DBsYYIIFlEbu T+W+B7hYABiGs+TClfKrFsT0BhXLhj8h4SzHK+Lyg89Rvbr8mkWGYZcN6HtqXzHKZZZ9 84Ghu4N/awfEjw3VoXMaPz5dVNu73oVagV8+3AQf0q7IYbmKq7VV1FDmDDYEI2Y2yK0L FlxQ== X-Gm-Message-State: AOJu0YznVivMv5fEPqhsYZ1yvTP6l3jBKOo9qLRqZfcDRc01TxiZd859 /S0Qa7nFZ/3/3bJUQ3F0ztSnMA== X-Received: by 2002:a05:6a21:329d:b0:17b:43:9ba5 with SMTP id yt29-20020a056a21329d00b0017b00439ba5mr625475pzb.52.1697670512667; Wed, 18 Oct 2023 16:08:32 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id v5-20020a1709029a0500b001bbb7af4963sm471155plp.68.2023.10.18.16.08.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 16:08:32 -0700 (PDT) Date: Wed, 18 Oct 2023 16:08:31 -0700 From: Kees Cook To: Kent Overstreet Cc: Brian Foster , linux-bcachefs@vger.kernel.org, kernel test robot , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] bcachefs: Refactor bkey_i to use a flexible array Message-ID: <202310181607.2244DB9F40@keescook> References: <20231010235609.work.594-kees@kernel.org> <202310131637.D0C66BFBA@keescook> <20231018220407.b5dvm2ehibcqvhzq@moria.home.lan> <202310181534.54934E68@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202310181534.54934E68@keescook> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Wed, 18 Oct 2023 16:08:48 -0700 (PDT) On Wed, Oct 18, 2023 at 03:36:00PM -0700, Kees Cook wrote: > On Wed, Oct 18, 2023 at 06:04:07PM -0400, Kent Overstreet wrote: > > On Fri, Oct 13, 2023 at 04:44:21PM -0700, Kees Cook wrote: > > > On Fri, Oct 13, 2023 at 07:26:11AM -0400, Brian Foster wrote: > > > > Hi Kees, > > > > > > > > I'm curious if this is something that could be buried in bch_val given > > > > it's already kind of a fake structure..? If not, my only nitty comment > > > > > > I was thinking it would be best to keep the flexible array has "high" in > > > the struct as possible, as in the future more refactoring will be needed > > > to avoid having flex arrays overlap with other members in composite > > > structures. So instead of pushing into bch_val, I left it at the highest > > > level possible, bch_i, as that's the struct being used by the memcpy(). > > > > I agree with Brian here - I'd like this buried in bch_val, if possible. > > > > I also went with unsafe_memcpy() for now - that's now in my for-next > > tree. I'm not seeing any advantage of DECLARE_FLEX_ARRAY over that - > > perhaps later if we could use __counted_by that would make more sense. > > This won't help here because of the combination of -fstrict-flex-arrays=3 > and -Wstringop-overflow (the latter is in W=1 builds). The builtin memcpy > still complains about the 0-sized destination. I'll send a v3 with this > in bch_val. Actually, I've sent a v3 that totally replaces the memcpy with a direct assignment instead. No struct changes needed! -- Kees Cook