Commit Graph

8 Commits

Author SHA1 Message Date
Kees Cook
64b6deadc9 scsi: uapi: Replace 0-length array with flexible array
Zero-length arrays are deprecated[1]. Replace struct
fc_bsg_host_vendor_reply's "vendor_rsp" 0-length array with a flexible
array. Detected with GCC 13, using -fstrict-flex-arrays=3:

drivers/scsi/qla2xxx/qla_isr.c: In function 'qla25xx_process_bidir_status_iocb.isra':
drivers/scsi/qla2xxx/qla_isr.c:3117:54: warning: array subscript 0 is outside array bounds of '__u32[0]' {aka 'unsigned int[]'} [-Warray-bounds=]
 3117 |         bsg_reply->reply_data.vendor_reply.vendor_rsp[0] = rval;
      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~
In file included from drivers/scsi/qla2xxx/qla_def.h:34,
                 from drivers/scsi/qla2xxx/qla_isr.c:6:
include/uapi/scsi/scsi_bsg_fc.h:219:15: note: while referencing 'vendor_rsp'
  219 |         __u32 vendor_rsp[0];
      |               ^~~~~~~~~~

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays

Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20230105233042.never.913-kees@kernel.org
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2023-01-13 20:25:53 -05:00
Gustavo A. R. Silva
94dfc73e7c treewide: uapi: Replace zero-length arrays with flexible-array members
There is a regular need in the kernel to provide a way to declare
having a dynamically sized set of trailing elements in a structure.
Kernel code should always use “flexible array members”[1] for these
cases. The older style of one-element or zero-length arrays should
no longer be used[2].

This code was transformed with the help of Coccinelle:
(linux-5.19-rc2$ spatch --jobs $(getconf _NPROCESSORS_ONLN) --sp-file script.cocci --include-headers --dir . > output.patch)

@@
identifier S, member, array;
type T1, T2;
@@

struct S {
  ...
  T1 member;
  T2 array[
- 0
  ];
};

-fstrict-flex-arrays=3 is coming and we need to land these changes
to prevent issues like these in the short future:

../fs/minix/dir.c:337:3: warning: 'strcpy' will always overflow; destination buffer has size 0,
but the source string has length 2 (including NUL byte) [-Wfortify-source]
		strcpy(de3->name, ".");
		^

Since these are all [0] to [] changes, the risk to UAPI is nearly zero. If
this breaks anything, we can use a union with a new member name.

[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] https://www.kernel.org/doc/html/v5.16/process/deprecated.html#zero-length-and-one-element-arrays

Link: https://github.com/KSPP/linux/issues/78
Build-tested-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/lkml/62b675ec.wKX6AOZ6cbE71vtF%25lkp@intel.com/
Acked-by: Dan Williams <dan.j.williams@intel.com> # For ndctl.h
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
2022-06-28 21:26:05 +02:00
Gustavo A. R. Silva
1e6e9d0f48 uapi: revert flexible-array conversions
These structures can get embedded in other structures in user-space
and cause all sorts of warnings and problems. So, we better don't take
any chances and keep the zero-length arrays in place for now.

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
2020-05-04 11:30:15 -05:00
Gustavo A. R. Silva
5febf6d6ae scsi: Replace zero-length array with flexible-array member
The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare variable-length
types such as these ones is a flexible array member[1][2], introduced in
C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 7649773293 ("cxgb3/l2t: Fix undefined behaviour")

Link: https://lore.kernel.org/r/20200224161406.GA21454@embeddedor
Reviewed-by: Lee Duncan <lduncan@suse.com>
Reviewed-by: Satish Kharat <satishkh@cisco.com>
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2020-03-11 23:07:56 -04:00
Masahiro Yamada
075c2b6bf6 scsi: use __u{8,16,32,64} instead of uint{8,16,32,64}_t in uapi headers
When CONFIG_UAPI_HEADER_TEST=y, exported headers are compile-tested to make
sure they can be included from user-space.

Currently, scsi_bsg_fc.h, scsi_netlink.h, and scsi_netlink_fc.h are
excluded from the test coverage. To make them join the compile-test, we
need to fix the build errors attached below.

For a case like this, we decided to use __u{8,16,32,64} variable types in
this discussion:

  https://lkml.org/lkml/2019/6/5/18

Build log:

  CC      usr/include/scsi/scsi_netlink_fc.h.s
  CC      usr/include/scsi/scsi_netlink.h.s
  CC      usr/include/scsi/scsi_bsg_fc.h.s
In file included from ./usr/include/scsi/scsi_netlink_fc.h:10:0,
                 from <command-line>:32:
./usr/include/scsi/scsi_netlink.h:29:2: error: unknown type name  uint8_t
  uint8_t version;
  ^~~~~~~
./usr/include/scsi/scsi_netlink.h:30:2: error: unknown type name  uint8_t
  uint8_t transport;
  ^~~~~~~
./usr/include/scsi/scsi_netlink.h:31:2: error: unknown type name  uint16_t
  uint16_t magic;
  ^~~~~~~~
./usr/include/scsi/scsi_netlink.h:32:2: error: unknown type name  uint16_t
  uint16_t msgtype;
  ^~~~~~~~
  CC      usr/include/rdma/vmw_pvrdma-abi.h.s
./usr/include/scsi/scsi_netlink.h:33:2: error: unknown type name  uint16_t
  uint16_t msglen;
  ^~~~~~~~
./usr/include/scsi/scsi_netlink.h:34:33: error:  uint64_t  undeclared here (not in a function); did you mean  __uint128_t ?
 } __attribute__((aligned(sizeof(uint64_t))));
                                 ^~~~~~~~
                                 __uint128_t
./usr/include/scsi/scsi_netlink.h:78:2: error: expected specifier-qualifier-list before  uint64_t
  uint64_t vendor_id;
  ^~~~~~~~
In file included from <command-line>:32:0:
./usr/include/scsi/scsi_netlink_fc.h:46:2: error: expected specifier-qualifier-list before  uint64_t
  uint64_t seconds;
  ^~~~~~~~
make[2]: *** [scripts/Makefile.build;302: usr/include/scsi/scsi_netlink_fc.h.s] Error 1
make[2]: *** Waiting for unfinished jobs....
In file included from <command-line>:32:0:
./usr/include/scsi/scsi_netlink.h:29:2: error: unknown type name  uint8_t
  uint8_t version;
  ^~~~~~~
./usr/include/scsi/scsi_netlink.h:30:2: error: unknown type name  uint8_t
  uint8_t transport;
  ^~~~~~~
./usr/include/scsi/scsi_netlink.h:31:2: error: unknown type name  uint16_t
  uint16_t magic;
  ^~~~~~~~
./usr/include/scsi/scsi_netlink.h:32:2: error: unknown type name  uint16_t
  uint16_t msgtype;
  ^~~~~~~~
./usr/include/scsi/scsi_netlink.h:33:2: error: unknown type name  uint16_t
  uint16_t msglen;
  ^~~~~~~~
./usr/include/scsi/scsi_netlink.h:34:33: error:  uint64_t  undeclared here (not in a function); did you mean  __uint128_t ?
 } __attribute__((aligned(sizeof(uint64_t))));
                                 ^~~~~~~~
                                 __uint128_t
./usr/include/scsi/scsi_netlink.h:78:2: error: expected specifier-qualifier-list before  uint64_t
  uint64_t vendor_id;
  ^~~~~~~~
make[2]: *** [scripts/Makefile.build;302: usr/include/scsi/scsi_netlink.h.s] Error 1
In file included from <command-line>:32:0:
./usr/include/scsi/scsi_bsg_fc.h:69:2: error: unknown type name  uint8_t
  uint8_t  reserved;
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:72:2: error: unknown type name  uint8_t
  uint8_t  port_id[3];
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:90:2: error: unknown type name  uint8_t
  uint8_t  reserved;
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:93:2: error: unknown type name  uint8_t
  uint8_t  port_id[3];
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:114:2: error: unknown type name  uint8_t
  uint8_t  command_code;
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:117:2: error: unknown type name  uint8_t
  uint8_t  port_id[3];
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:154:2: error: unknown type name  uint32_t
  uint32_t status;  /* See FC_CTELS_STATUS_xxx */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:158:3: error: unknown type name  uint8_t
   uint8_t action;  /* fragment_id for CT REJECT */
   ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:159:3: error: unknown type name  uint8_t
   uint8_t reason_code;
   ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:160:3: error: unknown type name  uint8_t
   uint8_t reason_explanation;
   ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:161:3: error: unknown type name  uint8_t
   uint8_t vendor_unique;
   ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:177:2: error: unknown type name  uint8_t
  uint8_t  reserved;
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:180:2: error: unknown type name  uint8_t
  uint8_t  port_id[3];
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:185:2: error: unknown type name  uint32_t
  uint32_t preamble_word0; /* revision & IN_ID */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:186:2: error: unknown type name  uint32_t
  uint32_t preamble_word1; /* GS_Type, GS_SubType, Options, Rsvd */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:187:2: error: unknown type name  uint32_t
  uint32_t preamble_word2; /* Cmd Code, Max Size */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:207:2: error: unknown type name  uint64_t
  uint64_t vendor_id;
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:210:2: error: unknown type name  uint32_t
  uint32_t vendor_cmd[0];
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:217:2: error: unknown type name  uint32_t
  uint32_t vendor_rsp[0];
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:236:2: error: unknown type name  uint8_t
  uint8_t els_code;
  ^~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:254:2: error: unknown type name  uint32_t
  uint32_t preamble_word0; /* revision & IN_ID */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:255:2: error: unknown type name  uint32_t
  uint32_t preamble_word1; /* GS_Type, GS_SubType, Options, Rsvd */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:256:2: error: unknown type name  uint32_t
  uint32_t preamble_word2; /* Cmd Code, Max Size */
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:268:2: error: unknown type name  uint32_t
  uint32_t msgcode;
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:292:2: error: unknown type name  uint32_t
  uint32_t result;
  ^~~~~~~~
./usr/include/scsi/scsi_bsg_fc.h:295:2: error: unknown type name  uint32_t
  uint32_t reply_payload_rcv_len;
  ^~~~~~~~

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2019-08-12 22:19:27 -04:00
Christoph Hellwig
b01211b9c3 scsi: scsi_transport_fc: remove duplicate GPL boilerplate text
The FC transport class uapi headers already have proper SPDX tags,
remove the duplicate boilerplate text.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2019-05-21 06:16:21 -04:00
Greg Kroah-Hartman
e2be04c7f9 License cleanup: add SPDX license identifier to uapi header files with a license
Many user space API headers have licensing information, which is either
incomplete, badly formatted or just a shorthand for referring to the
license under which the file is supposed to be.  This makes it hard for
compliance tools to determine the correct license.

Update these files with an SPDX license identifier.  The identifier was
chosen based on the license information in the file.

GPL/LGPL licensed headers get the matching GPL/LGPL SPDX license
identifier with the added 'WITH Linux-syscall-note' exception, which is
the officially assigned exception identifier for the kernel syscall
exception:

   NOTE! This copyright does *not* cover user programs that use kernel
   services by normal system calls - this is merely considered normal use
   of the kernel, and does *not* fall under the heading of "derived work".

This exception makes it possible to include GPL headers into non GPL
code, without confusing license compliance tools.

Headers which have either explicit dual licensing or are just licensed
under a non GPL license are updated with the corresponding SPDX
identifier and the GPLv2 with syscall exception identifier.  The format
is:
        ((GPL-2.0 WITH Linux-syscall-note) OR SPDX-ID-OF-OTHER-LICENSE)

SPDX license identifiers are a legally binding shorthand, which can be
used instead of the full boiler plate text.  The update does not remove
existing license information as this has to be done on a case by case
basis and the copyright holders might have to be consulted. This will
happen in a separate step.

This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.  See the previous patch in this series for the
methodology of how this patch was researched.

Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-02 11:20:11 +01:00
David Howells
ee7afd717c UAPI: (Scripted) Disintegrate include/scsi
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Michael Kerrisk <mtk.manpages@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Acked-by: Dave Jones <davej@redhat.com>
2012-12-19 16:07:23 +00:00