Message ID | 20230601160746.up.948-kees@kernel.org (mailing list archive) |
---|---|
State | Mainlined |
Commit | 8515e4a746fcb888fa6c320242eccf4c1d402465 |
Headers | show |
Series | [v5] checkpatch: Check for 0-length and 1-element arrays | expand |
On Thu, 2023-06-01 at 09:07 -0700, Kees Cook wrote: > Fake flexible arrays have been deprecated since last millennium. Proper > C99 flexible arrays must be used throughout the kernel so > CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array > bounds checking. > > Cc: Andy Whitcroft <apw@canonical.com> > Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> > Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> > Fixed-by: Joe Perches <joe@perches.com> > Signed-off-by: Kees Cook <keescook@chromium.org> > Acked-by: Gustavo A. R. Silva <gustavoars@kernel.org> > Link: https://lore.kernel.org/r/20230517204530.never.151-kees@kernel.org Acked-by: Joe Perches <joe@perches.com> > --- > v5: - add __packed to outer struct regex too (joe) > v4: https://lore.kernel.org/lkml/20230531004929.you.436-kees@kernel.org > v3: https://lore.kernel.org/r/20230527020929.give.261-kees@kernel.org > v2: https://lore.kernel.org/lkml/20230526173921.gonna.349-kees@kernel.org > v1: https://lore.kernel.org/lkml/20230517204530.never.151-kees@kernel.org > --- > scripts/checkpatch.pl | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl > index 30b0b4fdb3bf..7bfa4d39d17f 100755 > --- a/scripts/checkpatch.pl > +++ b/scripts/checkpatch.pl > @@ -7430,6 +7430,16 @@ sub process { > } > } > > +# check for array definition/declarations that should use flexible arrays instead > + if ($sline =~ /^[\+ ]\s*\}(?:\s*__packed)?\s*;\s*$/ && > + $prevline =~ /^\+\s*(?:\}(?:\s*__packed\s*)?|$Type)\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) { > + if (ERROR("FLEXIBLE_ARRAY", > + "Use C99 flexible arrays - see https://docs.kernel.org/process/deprecated.html#zero-length-and-one-element-arrays\n" . $hereprev) && > + $1 == '0' && $fix) { > + $fixed[$fixlinenr - 1] =~ s/\[\s*0\s*\]/[]/; > + } > + } > + > # nested likely/unlikely calls > if ($line =~ /\b(?:(?:un)?likely)\s*\(\s*!?\s*(IS_ERR(?:_OR_NULL|_VALUE)?|WARN)/) { > WARN("LIKELY_MISUSE",
On Thu, 1 Jun 2023 09:07:46 -0700 Kees Cook <keescook@chromium.org> wrote: > Fake flexible arrays have been deprecated since last millennium. Proper > C99 flexible arrays must be used throughout the kernel so > CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array > bounds checking. > > Cc: Andy Whitcroft <apw@canonical.com> > Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> > Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> > Fixed-by: Joe Perches <joe@perches.com> You didn't checkpatch your checkpatch patch! WARNING: Non-standard signature: Fixed-by: #248: Fixed-by: Joe Perches <joe@perches.com> I'll do my usual [joe@perches.com: handle __packed for srtucts]
On Thu, 2023-06-01 at 15:15 -0700, Andrew Morton wrote: > On Thu, 1 Jun 2023 09:07:46 -0700 Kees Cook <keescook@chromium.org> wrote: > > > Fake flexible arrays have been deprecated since last millennium. Proper > > C99 flexible arrays must be used throughout the kernel so > > CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array > > bounds checking. > > > > Cc: Andy Whitcroft <apw@canonical.com> > > Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> > > Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> > > Fixed-by: Joe Perches <joe@perches.com> > > You didn't checkpatch your checkpatch patch! > > WARNING: Non-standard signature: Fixed-by: > #248: > Fixed-by: Joe Perches <joe@perches.com> > > I'll do my usual > > [joe@perches.com: handle __packed for srtucts] With that spelling? Anyway, I went back and forth a few times with Kees giving suggestions and corrections before sending it on to you for more than just __packed. I didn't (and still don't) care much about anything other than the code. cheers, Joe
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 30b0b4fdb3bf..7bfa4d39d17f 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -7430,6 +7430,16 @@ sub process { } } +# check for array definition/declarations that should use flexible arrays instead + if ($sline =~ /^[\+ ]\s*\}(?:\s*__packed)?\s*;\s*$/ && + $prevline =~ /^\+\s*(?:\}(?:\s*__packed\s*)?|$Type)\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) { + if (ERROR("FLEXIBLE_ARRAY", + "Use C99 flexible arrays - see https://docs.kernel.org/process/deprecated.html#zero-length-and-one-element-arrays\n" . $hereprev) && + $1 == '0' && $fix) { + $fixed[$fixlinenr - 1] =~ s/\[\s*0\s*\]/[]/; + } + } + # nested likely/unlikely calls if ($line =~ /\b(?:(?:un)?likely)\s*\(\s*!?\s*(IS_ERR(?:_OR_NULL|_VALUE)?|WARN)/) { WARN("LIKELY_MISUSE",