| Message ID | 20230531004929.you.436-kees@kernel.org (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [v4] checkpatch: Check for 0-length and 1-element arrays | expand |
On Tue, 2023-05-30 at 17:49 -0700, Kees Cook wrote: > Fake flexible arrays have been deprecated since last millennium. Proper > C99 flexible arrays must be used throughout the kernel so > CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array > bounds checking. > > Cc: Andy Whitcroft <apw@canonical.com> > Cc: Joe Perches <joe@perches.com> > Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> > Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> > Cc: Gustavo A. R. Silva <gustavoars@kernel.org> > Signed-off-by: Kees Cook <keescook@chromium.org> > Link: https://lore.kernel.org/r/20230517204530.never.151-kees@kernel.org > --- > v4: > - combine errors (joe) > - switch to kerndoc url (joe) > - add __packed for struct matching (joe) > v3: https://lore.kernel.org/r/20230527020929.give.261-kees@kernel.org > v2: https://lore.kernel.org/lkml/20230526173921.gonna.349-kees@kernel.org > v1: https://lore.kernel.org/lkml/20230517204530.never.151-kees@kernel.org > --- > scripts/checkpatch.pl | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl > index 30b0b4fdb3bf..64d21b6aa6df 100755 > --- a/scripts/checkpatch.pl > +++ b/scripts/checkpatch.pl > @@ -7430,6 +7430,16 @@ sub process { > } > } > > +# check for array definition/declarations that should use flexible arrays instead > + if ($sline =~ /^[\+ ]\s*}\s*;\s*$/ && > + $prevline =~ /^\+\s*(?:\}(?:\s*__packed\s*)?|$Type)\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) { __packed could be used when a struct is defined and so needs to also be added to $sline. if ($sline =~ /^[\+ ]\s*}\s*(?:__packed\s*)?;\s*$/ && e.g.: struct foo { int a; int b[0]; } __packed; > + if (ERROR("FLEXIBLE_ARRAY", > + "Use C99 flexible arrays - see https://docs.kernel.org/process/deprecated.html#zero-length-and-one-element-arrays\n" . $hereprev) && > + $1 == '0' && $fix) { > + $fixed[$fixlinenr - 1] =~ s/\[\s*0\s*\]/[]/; > + } > + } > + > # nested likely/unlikely calls > if ($line =~ /\b(?:(?:un)?likely)\s*\(\s*!?\s*(IS_ERR(?:_OR_NULL|_VALUE)?|WARN)/) { > WARN("LIKELY_MISUSE",
On Wed, May 31, 2023 at 10:50:58AM -0700, Joe Perches wrote: > On Tue, 2023-05-30 at 17:49 -0700, Kees Cook wrote: > > Fake flexible arrays have been deprecated since last millennium. Proper > > C99 flexible arrays must be used throughout the kernel so > > CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array > > bounds checking. > > > > Cc: Andy Whitcroft <apw@canonical.com> > > Cc: Joe Perches <joe@perches.com> > > Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> > > Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> > > Cc: Gustavo A. R. Silva <gustavoars@kernel.org> > > Signed-off-by: Kees Cook <keescook@chromium.org> > > Link: https://lore.kernel.org/r/20230517204530.never.151-kees@kernel.org > > --- > > v4: > > - combine errors (joe) > > - switch to kerndoc url (joe) > > - add __packed for struct matching (joe) > > v3: https://lore.kernel.org/r/20230527020929.give.261-kees@kernel.org > > v2: https://lore.kernel.org/lkml/20230526173921.gonna.349-kees@kernel.org > > v1: https://lore.kernel.org/lkml/20230517204530.never.151-kees@kernel.org > > --- > > scripts/checkpatch.pl | 10 ++++++++++ > > 1 file changed, 10 insertions(+) > > > > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl > > index 30b0b4fdb3bf..64d21b6aa6df 100755 > > --- a/scripts/checkpatch.pl > > +++ b/scripts/checkpatch.pl > > @@ -7430,6 +7430,16 @@ sub process { > > } > > } > > > > +# check for array definition/declarations that should use flexible arrays instead > > + if ($sline =~ /^[\+ ]\s*}\s*;\s*$/ && > > + $prevline =~ /^\+\s*(?:\}(?:\s*__packed\s*)?|$Type)\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) { > > __packed could be used when a struct is defined and so > needs to also be added to $sline. Agh. Yes, thank you. v5 on the way...
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 30b0b4fdb3bf..64d21b6aa6df 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -7430,6 +7430,16 @@ sub process { } } +# check for array definition/declarations that should use flexible arrays instead + if ($sline =~ /^[\+ ]\s*}\s*;\s*$/ && + $prevline =~ /^\+\s*(?:\}(?:\s*__packed\s*)?|$Type)\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) { + if (ERROR("FLEXIBLE_ARRAY", + "Use C99 flexible arrays - see https://docs.kernel.org/process/deprecated.html#zero-length-and-one-element-arrays\n" . $hereprev) && + $1 == '0' && $fix) { + $fixed[$fixlinenr - 1] =~ s/\[\s*0\s*\]/[]/; + } + } + # nested likely/unlikely calls if ($line =~ /\b(?:(?:un)?likely)\s*\(\s*!?\s*(IS_ERR(?:_OR_NULL|_VALUE)?|WARN)/) { WARN("LIKELY_MISUSE",
Fake flexible arrays have been deprecated since last millennium. Proper C99 flexible arrays must be used throughout the kernel so CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array bounds checking. Cc: Andy Whitcroft <apw@canonical.com> Cc: Joe Perches <joe@perches.com> Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> Cc: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230517204530.never.151-kees@kernel.org --- v4: - combine errors (joe) - switch to kerndoc url (joe) - add __packed for struct matching (joe) v3: https://lore.kernel.org/r/20230527020929.give.261-kees@kernel.org v2: https://lore.kernel.org/lkml/20230526173921.gonna.349-kees@kernel.org v1: https://lore.kernel.org/lkml/20230517204530.never.151-kees@kernel.org --- scripts/checkpatch.pl | 10 ++++++++++ 1 file changed, 10 insertions(+)