Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAGXu5jK=JhBFHBGpbWF46DC3-QMruiB0qqz1z+njcK2h7jVU9w@mail.gmail.com>
Date: Thu, 8 Mar 2018 11:52:25 -0800
From: Kees Cook <keescook@...omium.org>
To: Stephen Kitt <steve@....org>
Cc: hare <hare@...e.com>, linux-scsi@...r.kernel.org, 
	Kernel Hardening <kernel-hardening@...ts.openwall.com>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] aic7xxx/aic79xx: remove VLAs

On Thu, Mar 8, 2018 at 5:22 AM, Stephen Kitt <steve@....org> wrote:
> In preparation to enabling -Wvla, remove VLAs and replace them with
> fixed-length arrays instead.
>
> The arrays fixed here, using the number of constant sections, aren't
> really VLAs, but they appear so to the compiler. Since we know at
> build-time how many critical sections there are, we might as well use
> a pre-processor-level constant instead.
>
> This was prompted by https://lkml.org/lkml/2018/3/7/621
>
> Signed-off-by: Stephen Kitt <steve@....org>
> ---
>  drivers/scsi/aic7xxx/aic79xx_core.c        | 8 ++++----
>  drivers/scsi/aic7xxx/aic79xx_seq.h_shipped | 3 +--
>  drivers/scsi/aic7xxx/aic7xxx_core.c        | 8 ++++----
>  drivers/scsi/aic7xxx/aic7xxx_seq.h_shipped | 3 +--
>  drivers/scsi/aic7xxx/aicasm/aicasm.c       | 6 ++++--
>  5 files changed, 14 insertions(+), 14 deletions(-)
>
> diff --git a/drivers/scsi/aic7xxx/aic79xx_core.c b/drivers/scsi/aic7xxx/aic79xx_core.c
> index b560f396ee99..034f4eebb160 100644
> --- a/drivers/scsi/aic7xxx/aic79xx_core.c
> +++ b/drivers/scsi/aic7xxx/aic79xx_core.c
> @@ -9338,9 +9338,9 @@ ahd_dumpseq(struct ahd_softc* ahd)
>  static void
>  ahd_loadseq(struct ahd_softc *ahd)
>  {
> -       struct  cs cs_table[num_critical_sections];
> -       u_int   begin_set[num_critical_sections];
> -       u_int   end_set[num_critical_sections];
> +       struct  cs cs_table[NUM_CRITICAL_SECTIONS];
> +       u_int   begin_set[NUM_CRITICAL_SECTIONS];
> +       u_int   end_set[NUM_CRITICAL_SECTIONS];
>         const struct patch *cur_patch;
>         u_int   cs_count;
>         u_int   cur_cs;
> @@ -9456,7 +9456,7 @@ ahd_loadseq(struct ahd_softc *ahd)
>                  * Move through the CS table until we find a CS
>                  * that might apply to this instruction.
>                  */
> -               for (; cur_cs < num_critical_sections; cur_cs++) {
> +               for (; cur_cs < NUM_CRITICAL_SECTIONS; cur_cs++) {
>                         if (critical_sections[cur_cs].end <= i) {
>                                 if (begin_set[cs_count] == TRUE
>                                  && end_set[cs_count] == FALSE) {
> diff --git a/drivers/scsi/aic7xxx/aic79xx_seq.h_shipped b/drivers/scsi/aic7xxx/aic79xx_seq.h_shipped
> index 4b51e232392f..20fb9ca9e271 100644
> --- a/drivers/scsi/aic7xxx/aic79xx_seq.h_shipped
> +++ b/drivers/scsi/aic7xxx/aic79xx_seq.h_shipped
> @@ -1186,5 +1186,4 @@ static const struct cs {
>         { 759, 763 }
>  };
>
> -static const int num_critical_sections = sizeof(critical_sections)
> -                                      / sizeof(*critical_sections);
> +#define NUM_CRITICAL_SECTIONS 14

The compiler doesn't treat "const" as a literal, hence the need to
change this. However, you can still use the sizeof (actually, this is
exactly ARRAY_SIZE()). Perhaps:

#define NUM_CRITICAL_SECTIONS ARRAY_SIZE(critical_sections)

?

Otherwise, looks great!

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.