From patchwork Wed Oct 16 00:27:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Gustavo A. R. Silva" X-Patchwork-Id: 836142 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7EE7221E3BE; Wed, 16 Oct 2024 00:27:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729038440; cv=none; b=AXda3WNdYv5PDeGcAk64HZ3nlc6FMTyIesACNHAmURYvf14bDdUO3C10K9OejfOMXXqJRgZ3zpN/4FC8nm5gNv7Xz8VN89H3es/Jt1BWoumRGJN7C5SfFA8U/DwXaPlgZCzer4tlSQpneBqAyUz0gj2DeBgik7o9fPEvTpYmdL8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729038440; c=relaxed/simple; bh=tb27nyjCDeyfMIeUU/H/vPrhrpUAIwTNDYMgKdWPE/k=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=n6BveyD+Bqv1iNj+myTSlS7qRkMy9QTwqeUp0pxgL5XPxNNSy6caB/371irePsBePQ9gpnEC9lrWo/Wofd93IPL9jmLPkuP7B3364vxRZNuIUfHYwfTwJhft7qztFhWr2mDMTmpSgIi0IXy7dCaOE9WR/Ag31VgFWeFlNBc7ysw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=EVnUjrir; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="EVnUjrir" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A437CC4CEC6; Wed, 16 Oct 2024 00:27:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1729038440; bh=tb27nyjCDeyfMIeUU/H/vPrhrpUAIwTNDYMgKdWPE/k=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=EVnUjrirJfI0CQ6PbgD9SsPhu0EYkLRiy6T4LvhzCGWDRwlT6ZNBIiDhA15ejC1GS CaqTLPLzonrxQV+iQPTJETIShHv6gKfo6dHHoz/CFDkAuHriwUkm3PFQCjQBYw6zKm 8oP7yjcUVwyTRarcEYaMLCt70EJmi+kMvaQzAFXjhdSOLLggBWSQgkj/ga1wDuRLc0 3gvd8h6ZNn/vQhwwuow4w1prgNmxpfIPUT+/zlPMPkXf9GQuZ12B9MoLBHjzt1l+qf h769qvKrVGqmZCMDzsgVf9Q7TQu8R5kNNDUptV1KTs7eeiBfGVAUEYRlri4rDGnL1H EEt2NmRME0thQ== Date: Tue, 15 Oct 2024 18:27:16 -0600 From: "Gustavo A. R. Silva" To: Andrew Lunn , Johannes Berg , David Ahern , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, "Gustavo A. R. Silva" , linux-hardening@vger.kernel.org, linux-wireless@vger.kernel.org, Kees Cook Subject: [PATCH 1/5][next] net: dev: Introduce struct sockaddr_legacy Message-ID: <1c12601bea3e9c18da6adc106bfcf5b7569e5dfb.1729037131.git.gustavoars@kernel.org> References: Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: We are currently working on enabling the -Wflex-array-member-not-at-end compiler option. This option has helped us detect several objects of the type `struct sockaddr` that appear in the middle of composite structures like `struct rtentry`, `struct compat_rtentry`, and others: include/uapi/linux/wireless.h:751:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:776:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:833:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:857:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:864:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/route.h:33:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/route.h:34:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/route.h:35:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/if_arp.h:118:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/if_arp.h:119:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/if_arp.h:121:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/if_arp.h:126:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/if_arp.h:127:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/net/compat.h:34:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/net/compat.h:35:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] fs/nfsd/nfsd.h:74:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] fs/nfsd/nfsd.h:75:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] In order to fix the warnings above, we introduce `struct sockaddr_legacy`. The intention is to use it to replace the type of several struct members in the middle of composite structures, currently of type `struct sockaddr`. These middle struct members are currently causing thousands of warnings because `struct sockaddr` contains a flexible-array member, introduced by commit b5f0de6df6dce ("net: dev: Convert sa_data to flexible array in struct sockaddr"). The new `struct sockaddr_legacy` doesn't include a flexible-array member, making it suitable for use as the type of middle members in composite structs that don't really require the flexible-array member in `struct sockaddr`, thus avoiding -Wflex-array-member-not-at-end warnings. Signed-off-by: Gustavo A. R. Silva Reviewed-by: Kuniyuki Iwashima --- include/linux/socket.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/include/linux/socket.h b/include/linux/socket.h index d18cc47e89bd..f370ae0e6c82 100644 --- a/include/linux/socket.h +++ b/include/linux/socket.h @@ -40,6 +40,25 @@ struct sockaddr { }; }; +/* + * This is the legacy form of `struct sockaddr`. The original `struct sockaddr` + * was modified in commit b5f0de6df6dce ("net: dev: Convert sa_data to flexible + * array in struct sockaddR") due to the fact that "One of the worst offenders + * of "fake flexible arrays" is struct sockaddr". This means that the original + * `char sa_data[14]` behaved as a flexible array at runtime, so a proper + * flexible-array member was introduced. + * + * This caused several flexible-array-in-the-middle issues: + * https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wflex-array-member-not-at-end + * + * `struct sockaddr_legacy` replaces `struct sockaddr` in all instances where + * objects of this type do not appear at the end of composite structures. + */ +struct sockaddr_legacy { + sa_family_t sa_family; /* address family, AF_xxx */ + char sa_data[14]; /* 14 bytes of protocol address */ +}; + struct linger { int l_onoff; /* Linger active */ int l_linger; /* How long to linger for */ From patchwork Wed Oct 16 00:31:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Gustavo A. R. Silva" X-Patchwork-Id: 836676 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD3CBBA42; Wed, 16 Oct 2024 00:31:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729038710; cv=none; b=k1ZiDWLfIF0tXB5zu2JI8NaJVcEkTlo9QVGZCv29KIa/oK8uBqYDhzp97qiej48WVDzQ81GM8lJmgUWgT8jzZpl+hoRJlownOYRiowVuDr5ekwlY7qYyODc7kNjl5CKdsCEdCpnQkQaxEpzwyuZBTPcg+ChlobAZPMhNH8LpuY4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729038710; c=relaxed/simple; bh=h/0LiuTcJJi5xVByk4esB4Kk1MBKkOZ8H5VO5I5yi9Y=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=BnHR4iKLl2BgzosGGmkl1YTHuaRVcWFFHM9Vimlw74vMLab1yCRrJiHKAIKpH8rQhFVoksocQRN+Hg3Hy1DCquU4jI63CPrm8PWcvXWFnMNRsstJDI3ewh4bImGaIAeJeUGcgvyIHHZPmPY43a3y2De95EgMqUOJmT0BWXoRXY4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=P5yhXm81; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="P5yhXm81" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9391AC4CEC6; Wed, 16 Oct 2024 00:31:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1729038710; bh=h/0LiuTcJJi5xVByk4esB4Kk1MBKkOZ8H5VO5I5yi9Y=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=P5yhXm81qTTez88jN3ABjVLKMZuhPgYT1WznUQP9fytzhr1WpV2EacUy2W/ntDLvF XSOE023SBjSuax5wOd+cLy31PTXWaSkDqE9ueABCxOyTUe2uoySVkpbAqyOTwLuSKw Ljj6tXz6Ut0+R/sTJhBtdN3GSe5f1poSnJhXTm1kAEay2jPRX0PSpPBEEuhet4mZXo d3ZppAXEUVAF6DEVZvSuW81Ube0ERuxUbtFfLJPwfhMn9Jqi3QVpogi/RRvNcnegxZ woQCnwII3KT91mcB+PNBOFE/M1TvstkiqEnPEhBwjPlQfn4pmhHcvzEm/XlSjQ9Yr/ 4UaGppmzvGUdw== Date: Tue, 15 Oct 2024 18:31:47 -0600 From: "Gustavo A. R. Silva" To: Johannes Berg Cc: linux-wireless@vger.kernel.org, linux-kernel@vger.kernel.org, "Gustavo A. R. Silva" , linux-hardening@vger.kernel.org, Kees Cook Subject: [PATCH 3/5][next] uapi: wireless: Avoid -Wflex-array-member-not-at-end warnings Message-ID: References: Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Address the following warnings by changing the type of the middle struct members in various composite structs, which are currently causing trouble, from `struct sockaddr` to `struct sockaddr_legacy`. Note that the latter struct doesn't contain a flexible-array member. include/uapi/linux/wireless.h:751:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:776:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:833:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:857:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] include/uapi/linux/wireless.h:864:25: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] No binary differences are present after these changes. Signed-off-by: Gustavo A. R. Silva --- include/uapi/linux/wireless.h | 50 +++++++++++++++++------------------ 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/include/uapi/linux/wireless.h b/include/uapi/linux/wireless.h index 3c2ad5fae17f..b29ab42fa2e2 100644 --- a/include/uapi/linux/wireless.h +++ b/include/uapi/linux/wireless.h @@ -748,7 +748,7 @@ struct iw_missed { * Quality range (for spy threshold) */ struct iw_thrspy { - struct sockaddr addr; /* Source address (hw/mac) */ + struct sockaddr_legacy addr; /* Source address (hw/mac) */ struct iw_quality qual; /* Quality of the link */ struct iw_quality low; /* Low threshold */ struct iw_quality high; /* High threshold */ @@ -766,15 +766,15 @@ struct iw_thrspy { * current BSS if the driver is in Managed mode and associated with an AP. */ struct iw_scan_req { - __u8 scan_type; /* IW_SCAN_TYPE_{ACTIVE,PASSIVE} */ - __u8 essid_len; - __u8 num_channels; /* num entries in channel_list; - * 0 = scan all allowed channels */ - __u8 flags; /* reserved as padding; use zero, this may - * be used in the future for adding flags - * to request different scan behavior */ - struct sockaddr bssid; /* ff:ff:ff:ff:ff:ff for broadcast BSSID or - * individual address of a specific BSS */ + __u8 scan_type; /* IW_SCAN_TYPE_{ACTIVE,PASSIVE} */ + __u8 essid_len; + __u8 num_channels; /* num entries in channel_list; + * 0 = scan all allowed channels */ + __u8 flags; /* reserved as padding; use zero, this may + * be used in the future for adding flags + * to request different scan behavior */ + struct sockaddr_legacy bssid; /* ff:ff:ff:ff:ff:ff for broadcast BSSID or + * individual address of a specific BSS */ /* * Use this ESSID if IW_SCAN_THIS_ESSID flag is used instead of using @@ -827,15 +827,15 @@ struct iw_scan_req { * debugging/testing. */ struct iw_encode_ext { - __u32 ext_flags; /* IW_ENCODE_EXT_* */ - __u8 tx_seq[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */ - __u8 rx_seq[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */ - struct sockaddr addr; /* ff:ff:ff:ff:ff:ff for broadcast/multicast - * (group) keys or unicast address for - * individual keys */ - __u16 alg; /* IW_ENCODE_ALG_* */ - __u16 key_len; - __u8 key[]; + __u32 ext_flags; /* IW_ENCODE_EXT_* */ + __u8 tx_seq[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */ + __u8 rx_seq[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */ + struct sockaddr_legacy addr; /* ff:ff:ff:ff:ff:ff for broadcast/multicast + * (group) keys or unicast address for + * individual keys */ + __u16 alg; /* IW_ENCODE_ALG_* */ + __u16 key_len; + __u8 key[]; }; /* SIOCSIWMLME data */ @@ -853,16 +853,16 @@ struct iw_mlme { #define IW_PMKID_LEN 16 struct iw_pmksa { - __u32 cmd; /* IW_PMKSA_* */ - struct sockaddr bssid; - __u8 pmkid[IW_PMKID_LEN]; + __u32 cmd; /* IW_PMKSA_* */ + struct sockaddr_legacy bssid; + __u8 pmkid[IW_PMKID_LEN]; }; /* IWEVMICHAELMICFAILURE data */ struct iw_michaelmicfailure { - __u32 flags; - struct sockaddr src_addr; - __u8 tsc[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */ + __u32 flags; + struct sockaddr_legacy src_addr; + __u8 tsc[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */ }; /* IWEVPMKIDCAND data */