Replace UAPI one-element arrays with flexible-array members

KSPP / linux

Linux kernel source tree (Kernel Self Protection Project)

https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project

Other

84 stars 5 forks source link

Replace UAPI one-element arrays with flexible-array members #113

Closed GustavoARSilva closed 3 weeks ago

GustavoARSilva commented 3 years ago

There are currently 7 files containing one-element arrays in UAPI:

[x] include/uapi/linux/in.h commit 5854a09b49574da5a77a0f36ad7b021a2661321d
[x] include/uapi/xen/gntalloc.h https://lore.kernel.org/lkml/20240206170320.work.437-kees@kernel.org
[x] false positive include/uapi/linux/netfilter/nf_nat.h
[x] false positive include/uapi/linux/videodev2.h
[x] false positive include/uapi/linux/coff.h
[x] include/uapi/linux/isst_if.h
- these are not actually being addressed by the kernel
[x] include/uapi/scsi/fc/fc_els.h commit 94dfc73e7cf4a31da66b8843f0b9283ddd6b8381

GustavoARSilva commented 3 years ago

Apparently, the one-element arrays in include/uapi/linux/videodev2.h are merely placeholders for alignment, and are not being used as variable-length arrays:

 950 struct v4l2_requestbuffers {                                                                        
 951         __u32                   count;                                                              
 952         __u32                   type;           /* enum v4l2_buf_type */                            
 953         __u32                   memory;         /* enum v4l2_memory */                              
 954         __u32                   capabilities;                                                       
 955         __u32                   reserved[1];                                                        
 956 };

1722 struct v4l2_ext_control {                                                                           
1723         __u32 id;                                                                                   
1724         __u32 size;                                                                                 
1725         __u32 reserved2[1];                                                                         
1726         union {                                                                                     
1727                 __s32 value;                                                                        
1728                 __s64 value64;                                                                      
1729                 char __user *string;                                                                
1730                 __u8 __user *p_u8;                                                                  
1731                 __u16 __user *p_u16;                                                                
1732                 __u32 __user *p_u32;                                                                
1733                 struct v4l2_area __user *p_area;                                                    
1734                 void __user *ptr;                                                                   
1735         };                                                                                          
1736 } __attribute__ ((packed));

1738 struct v4l2_ext_controls {                                                                          
1739         union {                                                                                     
1740 #ifndef __KERNEL__                                                                                  
1741                 __u32 ctrl_class;                                                                   
1742 #endif                                                                                              
1743                 __u32 which;                                                                        
1744         };                                                                                          
1745         __u32 count;                                                                                
1746         __u32 error_idx;                                                                            
1747         __s32 request_fd;                                                                           
1748         __u32 reserved[1];                                                                          
1749         struct v4l2_ext_control *controls;                                                          
1750 };

GustavoARSilva commented 3 years ago

The following patches are currently being tested:

include/uapi/xen/gntalloc.h [patch] https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?h=testing/uapi/gntalloc&id=c3e1cfe0e4ca509f86dfd46bdcf1e41cb76194eb [build-test] https://lore.kernel.org/lkml/5f97ff5e.j2HxnldWOU8wavXB%25lkp@intel.com/

include/uapi/linux/in.h [patch] https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?h=testing/uapi/ipv4&id=fcf5365d0c33dedef4d17e545bfa45099ec6c8b7 [build-test] https://lore.kernel.org/lkml/5f99ac66.iufpyv3IjodJo6da%25lkp@intel.com/

include/uapi/linux/in.h [patch] https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?h=testing/uapi/fam1/ipv4_6&id=a841122b213f5a2106a9321e905da233c8a86390 [build-test] https://lore.kernel.org/lkml/5f9ac6cf.aWpjHOXOIbcQf8Xa%25lkp@intel.com/

include/uapi/linux/netfilter/nf_nat.h [patch] https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?h=testing/uapi/netfilter&id=91b7283a05efa53a50234852de97827317e4f98b [build-test] https://lore.kernel.org/lkml/5fa1952d.Lqwof52xsJ+%2FznoZ%25lkp@intel.com/

kees commented 3 years ago

It's non-trivial to update UAPI headers, so to eliminate one-element arrays, it's likely that anonymous unions need to be used. There are some caveats with that, though:

https://www.mail-archive.com/ovs-dev@openvswitch.org/msg48095.html

kees commented 3 weeks ago

All the UAPI 1-element arrays used as flexible arrays have been refactored.