Received: by 2002:a05:7412:cfc7:b0:fc:a2b0:25d7 with SMTP id by7csp400113rdb; Sat, 17 Feb 2024 13:58:50 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVdtXaIW5zkxsdGjNzANjDaNGLK7LSA6C/PZ3SDT1osp0UNXOtJqo0I7uP7YVtymvpfJMsag5mXZ3auHIrgjkmpnJLXokVrVZgOtvtYQA== X-Google-Smtp-Source: AGHT+IF4zFGWXiQfqhx0G4d69QyaDBZSmeJrG10Qmtm2paGWHSVQ3V9xy6D9U66ggh76wENbctQa X-Received: by 2002:a17:906:6812:b0:a3e:1c30:f686 with SMTP id k18-20020a170906681200b00a3e1c30f686mr1484252ejr.19.1708207130430; Sat, 17 Feb 2024 13:58:50 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708207130; cv=pass; d=google.com; s=arc-20160816; b=iCKedlQOm/SwUK1XiaDthZi0CBcEKtfCF87lxwAxAO4X9Uol1hAM0ZNvgQeR0HJBHJ JsqtBBUlHxerEbGqAHFLEPZDou16/YNjZJE8YT0uYB/oNq1h1+5n2Ukzm7NDdRhD6vdh CshTuK7H0hbwEpxRGIMBKJz28Kq2s8R6POO8Xrr+HARggaktyiS3v4Y9e4upDYF29b3g lq2ntrXEdIBB2gmqq+HPfSuNK9wHXoUpsITUGDqmQvm1w56/xBmWWet9FRToScoHlEco r2aB228mMrm4jBVdYabRvBUuaIqc0Kr+sEHz4TLumemaZcXd0bDsm1e6vtMQcOaBfn5I AZBA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=2udDkf3nnvuGOZcbthLGLXbiEAUsVkkHJpuyz93NVo4=; fh=RFX117b3Tm/uOPJ9HLDo/iTDxn082dd3FxcVwDG4PzM=; b=P0UL0u0CMGNHYT4YPPupHj6YIC2r9Ptp0UC1SWnawR4QA4VcRfFSkf6c2kuE2wyqh0 GBexMviv2OKRWsIzYSvB/Sdc2cP5lJrWi1AxiR6GlSEZW4RTCjxyV7g1l4oYDclUVgGq MOQNMPeCzCvcWeT2lEN3VcFL912MO4SdYOeq6/WGCiZMBvLWyt+08xHBVkS9erT7FWGr rY2IH4iuh6Ff6FoKplDDnwXU+MYeArdsB79LADWsUTqiPK8bOt+/jgpjLDagnvNCuKCA nQRPXt4kx0usXidYU5ttE8VFoWpq5ajUqesQnTMAc+WJnlGr5WQ5SpnT49CBFDRx+jYC Dx3g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=gbUFQu1W; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-70101-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-70101-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id dr18-20020a170907721200b00a3e42cc7799si469011ejc.82.2024.02.17.13.58.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 17 Feb 2024 13:58:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-70101-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=gbUFQu1W; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-70101-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-70101-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 0CE271F21E6B for ; Sat, 17 Feb 2024 21:58:50 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 419E37F7DC; Sat, 17 Feb 2024 21:58:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="gbUFQu1W" Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 055B97F7E1 for ; Sat, 17 Feb 2024 21:58:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.169 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708207122; cv=none; b=GZL2E3br+cJmDQQ0OhwL4qEm92N23YZE49mIGLvoByb5oQqtE9KWJEF38Xof2IUkP8Wq4Y110fnYayjf3sNdeEG4za1A7C47vtSRaxG2qNeJrzA1N2keqU9ZHO1iWNI8Rgivh369NOrJP2ru5d5k8HJ69OqU6iSYAlwT7nEj53E= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708207122; c=relaxed/simple; bh=ywZlTuum4wD7jSFZh6uqgulvkk0AYR4CsjB1nx0/r5M=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=HPrPxy/5u0n8ibBAw5jdM1UE3b9FXP7htwbrRbejTGWcIRoQNAC3m4cVtKkYplE4vMhcl5FFauHVRBokQAoErLrtmJBFdJkqD538Cbfr+9ELC/W0G8wWWdhTjFl7JJGerbE4yBMV4Wj7cREoCL0FvveoT2AvL7eWsmLG3TNqWRc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org; spf=pass smtp.mailfrom=chromium.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b=gbUFQu1W; arc=none smtp.client-ip=209.85.214.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1d94b222a3aso30960565ad.2 for ; Sat, 17 Feb 2024 13:58:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1708207120; x=1708811920; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=2udDkf3nnvuGOZcbthLGLXbiEAUsVkkHJpuyz93NVo4=; b=gbUFQu1WDY8HtZtoZXaVt6DQ0oKmGOplHQWSi1B6jPEvRNAvdMYofZV/iaZH69AfBM nID3LAlSGLnUX2F/VvggUP/N+XAKJgHOGBHPKtqe06ETn+rvNEA8hznIZADJqe9uHr0X RApo3QES/0QzoxTbElfbYpe1cbDtVqNoviAf0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708207120; x=1708811920; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=2udDkf3nnvuGOZcbthLGLXbiEAUsVkkHJpuyz93NVo4=; b=ufT/4xlqDfBtOj1+PPWp7knvbwIjPdJUyBOUVmlvgcGuE9T3eAt6GW6jHl1b+xeEF8 zOJeqSwn0m5wHSW5SP2Pwypt5qsl86nSxcA8TqsoFOmLT/sxft6ugQa6i2LGqss8zqmV 3CXWAN9Avvwm1jYd9wqkuIcTG9C/s5nj595rI5Cj+i9Tw/bJJobzj505IIIgCfVIX8Wj +mTlhfRbPbJWNh3TFFh91wmpdoGc3xErgeSUrL0FgHoajtG3bT87bYFHu8ctTdu/pPQm Fo8x1GRbvjGk+xzIwhBaQa9cN/0J9MbJCzKcglFmWKRQqtIHRSjaDoj060CZc4x19v/V X0Xg== X-Forwarded-Encrypted: i=1; AJvYcCUL1Q1cUajJFsBpQj+d5ozeyxEbckRhIlva8+c6vBS139AR6OYo7IXP8yMZbfABmOaZbQKtSJnT8941SOxPbssB+O2fPaUTPmiOFGOi X-Gm-Message-State: AOJu0YwqQWuvCjghfk0dWHeVb/KGVrmvLFiUB9fI5TeaXBn3OSr+EWWe bdVXIaejDDTGzy0BAe37g3Lvu37pgwb6x8bQU3WFeg1jGxtJIl1LpUYZ0xnvwA== X-Received: by 2002:a17:903:98f:b0:1db:b495:1391 with SMTP id mb15-20020a170903098f00b001dbb4951391mr5503536plb.36.1708207120363; Sat, 17 Feb 2024 13:58:40 -0800 (PST) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id mi11-20020a170902fccb00b001db608107ecsm1865857plb.167.2024.02.17.13.58.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 17 Feb 2024 13:58:39 -0800 (PST) Date: Sat, 17 Feb 2024 13:58:39 -0800 From: Kees Cook To: Alex Elder Cc: Viresh Kumar , Johan Hovold , Alex Elder , Greg Kroah-Hartman , "Gustavo A . R . Silva" , greybus-dev@lists.linaro.org, linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] greybus: Avoid fake flexible array for response data Message-ID: <202402171357.E671B5589@keescook> References: <20240216232824.work.862-kees@kernel.org> <672fafca-547e-443e-8dd8-80ccd2320767@ieee.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <672fafca-547e-443e-8dd8-80ccd2320767@ieee.org> On Sat, Feb 17, 2024 at 02:17:33PM -0600, Alex Elder wrote: > On 2/16/24 5:28 PM, Kees Cook wrote: > > FORTIFY_SOURCE has been ignoring 0-sized destinations while the kernel > > code base has been converted to flexible arrays. In order to enforce > > the 0-sized destinations (e.g. with __counted_by), the remaining 0-sized > > destinations need to be handled. Instead of converting an empty struct > > into using a flexible array, just directly use a pointer without any > > additional indirection. Remove struct gb_bootrom_get_firmware_response > > and struct gb_fw_download_fetch_firmware_response. > > The only down side I see is that it sort of disrupts a pattern > used on Greybus request handlers (and the response structure definitions). > > I think a one-line comment in place of each of these two > definitions would be helpful, something like: > /* gb_fw_download_fetch_firmware_response contains no data */ Er, maybe this should be "no other data" ? Do you want a v2 of this patch? > And then add a similar comment above the calls to > gb_operation_response_alloc(). > > Otherwise this looks good. > > Reviewed-by: Alex Elder Thanks! -- Kees Cook