From patchwork Mon Aug 15 21:35:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Gustavo A. R. Silva" X-Patchwork-Id: 12944191 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B257EC00140 for ; Tue, 16 Aug 2022 01:44:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240408AbiHPBoL (ORCPT ); Mon, 15 Aug 2022 21:44:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41506 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240447AbiHPBni (ORCPT ); Mon, 15 Aug 2022 21:43:38 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2DE581F84F6; Mon, 15 Aug 2022 14:35:27 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id C159B611D5; Mon, 15 Aug 2022 21:35:26 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BAB31C433C1; Mon, 15 Aug 2022 21:35:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1660599326; bh=WJpJzeWfA2lvPyxEHsoYw4ISY9kus0KMPLf49JB424Y=; h=Date:From:To:Cc:Subject:From; b=clL2MlL/2HrVYwVTdD9BXwzNkWLmzssDTHI9xZO5YD6OlmAKFDJvlQ7brTnbrczwg lgUqfI23njTS8GinsiwxDH1QIirKTNxfZAVLHtmbh2j8APsJRqNdoZhE4IphaOtG8z ds9sCwP8Dxi4DRPpQOszm/E+KC3uX8kCmLpu6vvrMHpoYDUOQ8NR5nr2tSB8SS200r 59SNHNoECeA7oqOB/3/8Ow2Bnea5fjnbjYpAX+arKiCMh3PH8OtfLNpSUT0PMwaJve kXqx9qvhC724/KMzW8BIw7tSRq6wddTKjQEmgPaGPDQhn1zdjWDA4meR7W+iHbrizB /1SEHGh646elg== Date: Mon, 15 Aug 2022 16:35:19 -0500 From: "Gustavo A. R. Silva" To: megaraidlinux.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Kashyap Desai , Sumit Saxena , Shivasharan S , "James E.J. Bottomley" , "Martin K. Petersen" , Kees Cook , "Gustavo A. R. Silva" , linux-hardening@vger.kernel.org Subject: [PATCH v3 0/6] Replace one-element arrays with flexible-array members Message-ID: MIME-Version: 1.0 Content-Disposition: inline Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Hi! This series aims to replace one-element arrays with flexible-array members in drivers/scsi/megaraid/ I followed the below steps in order to verify the changes don't significally impact the code (.text) section generated by the compiler, for each object file involved: 1. Prepare the build with the following settings and configurations: linux$ KBF="KBUILD_BUILD_TIMESTAMP=1970-01-01 KBUILD_BUILD_USER=user KBUILD_BUILD_HOST=host KBUILD_BUILD_VERSION=1" linux$ make $KBF allyesconfig linux$ ./scripts/config -d GCOV_KERNEL -d KCOV -d GCC_PLUGINS \ -d IKHEADERS -d KASAN -d UBSAN \ -d DEBUG_INFO_NONE \ -e DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT linux$ make $KBF olddefconfig 2. Build drivers/scsi/megaraid/ with the same settings and configurations as in Step 1, and copy the generated object files in directory before/ linux$ make -j128 $KBF drivers/scsi/megaraid/ linux$ mkdir -p before linux$ cp drivers/scsi/megaraid/*.o before/ 3. Implement all the needed changes and create the patch series. In this case, six patches. linux$ vi code.c ...do the magic :) linux$ git format-patch ...all the rest 4. Apply a patch at a time (of the previously created series) and, after applying EACH patch, build (as in Step 2) drivers/scsi/megaraid/ and copy the generated object files in directory after/ 5. Compare the code section (.text) of each before/file.o and after/file.o. I use the following bash script: compare.sh: ARGS="--disassemble --demangle --reloc --no-show-raw-insn --section=.text" for i in $(cd before && echo *.o); do echo $i diff -u <(objdump $ARGS before/$i | sed "0,/^Disassembly/d") \ <(objdump $ARGS after/$i | sed "0,/^Disassembly/d") done linux$ ./compare.sh > code_comparison.diff 6. Open the code_comparison.diff file from the example above, look for any differences that might show up and analyze them in order to determine their impact, and what (if something) should be changed or study further. The above process (code section comparison of object files) is based on this[0] blog post by Kees Cook. The compiler used to build the code was GCC-12. In this series I only found the following sorts of differences in files megaraid_sas.o and megaraid_sas_base.o: ... ...@@ -7094,24 +7094,24 @@ 6302: movq $0x0,0x1e20(%rbx) 630d: test %r15,%r15 6310: je 6316 - 6312: R_X86_64_PC32 .text.unlikely+0x3ae3 + 6312: R_X86_64_PC32 .text.unlikely+0x3ae0 6316: mov 0x0(%rip),%eax # 631c 6318: R_X86_64_PC32 event_log_level-0x4 631c: mov 0xc(%r15),%r14d 6320: lea 0x2(%rax),%edx 6323: cmp $0x6,%edx 6326: ja 632c - 6328: R_X86_64_PC32 .text.unlikely+0x3ac3 + 6328: R_X86_64_PC32 .text.unlikely+0x3ac0 632c: mov %r14d,%edx 632f: sar $0x18,%edx 6332: mov %edx,%ecx 6334: cmp %eax,%edx 6336: jge 633c - 6338: R_X86_64_PC32 .text.unlikely+0x399c + 6338: R_X86_64_PC32 .text.unlikely+0x3999 ... All of them have to do with the relocation of symbols in the .text.unlikely subsection and they don't seem to be of any actual relevance. So, we can safely ignore them. Also, notice there is an open issue in bugzilla.kernel.org [1] that's seems could be fixed by this series. :) This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines on memcpy() and help us make progress towards globally enabling -fstrict-flex-arrays [2]. Link: https://en.wikipedia.org/wiki/Flexible_array_member Link: https://www.kernel.org/doc/html/v5.10/process/deprecated.html#zero-length-and-one-element-arrays Link: https://github.com/KSPP/linux/issues/79 Link: https://github.com/KSPP/linux/issues/109 Link: https://bugzilla.kernel.org/show_bug.cgi?id=215943 [1] Link: https://reviews.llvm.org/D126864 [2] Thanks [0] https://outflux.net/blog/archives/2022/06/24/finding-binary-differences/ Changes in v3: - Split the struct_size() changes into a couple of separate patches. - Use objdump to compare the code (.text) sections of the object files before and after the changes. - Modify MR_FW_RAID_MAP_ALL and MR_DRV_RAID_MAP_ALL structures. Change suggested by Kees Cook. Changes in v2: - Revert changes in struct MR_FW_RAID_MAP_ALL. Gustavo A. R. Silva (6): scsi: megaraid_sas: Replace one-element array with flexible-array member in MR_FW_RAID_MAP scsi: megaraid_sas: Replace one-element array with flexible-array member in MR_FW_RAID_MAP_DYNAMIC scsi: megaraid_sas: Replace one-element array with flexible-array member in MR_DRV_RAID_MAP scsi: megaraid_sas: Replace one-element array with flexible-array member in MR_PD_CFG_SEQ_NUM_SYNC scsi: megaraid_sas: Use struct_size() in code related to struct MR_FW_RAID_MAP scsi: megaraid_sas: Use struct_size() in code related to struct MR_PD_CFG_SEQ_NUM_SYNC drivers/scsi/megaraid/megaraid_sas_base.c | 20 ++++++++++---------- drivers/scsi/megaraid/megaraid_sas_fp.c | 6 +++--- drivers/scsi/megaraid/megaraid_sas_fusion.c | 2 +- drivers/scsi/megaraid/megaraid_sas_fusion.h | 12 ++++++------ 4 files changed, 20 insertions(+), 20 deletions(-) Reviewed-by: Kees Cook