1. Patchew
  2. linux
  3. [PATCH 0/6] scsi: message: fusion: Replace 1-element arrays with flexible arrays
  4. View patch

[PATCH 1/6] scsi: message: fusion: struct _RAID_VOL0_SETTINGS: Replace 1-element array with flexible array

Kees Cook posted 6 patches 1 year, 5 months ago
[PATCH 1/6] scsi: message: fusion: struct _RAID_VOL0_SETTINGS: Replace 1-element array with flexible array
Posted by Kees Cook 1 year, 5 months ago 
Replace the deprecated[1] use of a 1-element array in
struct _RAID_VOL0_SETTINGS with a modern flexible array.

Additionally add __counted_by annotation since PhysDisk is only ever
accessed via a loops bounded by NumPhysDisks:

lsi/mpi_cnfg.h:    RAID_VOL0_PHYS_DISK     PhysDisk[] __counted_by(NumPhysDisks); /* 28h */
mptbase.c:	for (i = 0; i < buffer->NumPhysDisks; i++) {
mptbase.c:		    buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0)
mptsas.c:	for (i = 0; i < buffer->NumPhysDisks; i++) {
mptsas.c:		    buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0)
mptsas.c:	for (i = 0; i < buffer->NumPhysDisks; i++) {
mptsas.c:		    buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0)

No binary differences are present after this conversion.

Link: https://github.com/KSPP/linux/issues/79 [1]
Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Sathya Prakash <sathya.prakash@broadcom.com>
Cc: Sreekanth Reddy <sreekanth.reddy@broadcom.com>
Cc: Suganath Prabu Subramani <suganath-prabu.subramani@broadcom.com>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: MPT-FusionLinux.pdl@broadcom.com
Cc: linux-scsi@vger.kernel.org
Cc: linux-hardening@vger.kernel.org
---
 drivers/message/fusion/lsi/mpi_cnfg.h | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/drivers/message/fusion/lsi/mpi_cnfg.h b/drivers/message/fusion/lsi/mpi_cnfg.h
index 3770cb1cff7d..f59a741ef21c 100644
--- a/drivers/message/fusion/lsi/mpi_cnfg.h
+++ b/drivers/message/fusion/lsi/mpi_cnfg.h
@@ -2295,14 +2295,6 @@ typedef struct _RAID_VOL0_SETTINGS
 #define MPI_RAID_HOT_SPARE_POOL_6                       (0x40)
 #define MPI_RAID_HOT_SPARE_POOL_7                       (0x80)
 
-/*
- * Host code (drivers, BIOS, utilities, etc.) should leave this define set to
- * one and check Header.PageLength at runtime.
- */
-#ifndef MPI_RAID_VOL_PAGE_0_PHYSDISK_MAX
-#define MPI_RAID_VOL_PAGE_0_PHYSDISK_MAX        (1)
-#endif
-
 typedef struct _CONFIG_PAGE_RAID_VOL_0
 {
     CONFIG_PAGE_HEADER      Header;         /* 00h */
@@ -2321,7 +2313,7 @@ typedef struct _CONFIG_PAGE_RAID_VOL_0
     U8                      DataScrubRate;  /* 25h */
     U8                      ResyncRate;     /* 26h */
     U8                      InactiveStatus; /* 27h */
-    RAID_VOL0_PHYS_DISK     PhysDisk[MPI_RAID_VOL_PAGE_0_PHYSDISK_MAX];/* 28h */
+    RAID_VOL0_PHYS_DISK     PhysDisk[] __counted_by(NumPhysDisks); /* 28h */
 } CONFIG_PAGE_RAID_VOL_0, MPI_POINTER PTR_CONFIG_PAGE_RAID_VOL_0,
   RaidVolumePage0_t, MPI_POINTER pRaidVolumePage0_t;
 
-- 
2.34.1
Re: [PATCH 1/6] scsi: message: fusion: struct _RAID_VOL0_SETTINGS: Replace 1-element array with flexible array
Posted by Gustavo A. R. Silva 1 year, 5 months ago 

On 11/07/24 11:28, Kees Cook wrote:
> Replace the deprecated[1] use of a 1-element array in
> struct _RAID_VOL0_SETTINGS with a modern flexible array.
> 
> Additionally add __counted_by annotation since PhysDisk is only ever
> accessed via a loops bounded by NumPhysDisks:
> 
> lsi/mpi_cnfg.h:    RAID_VOL0_PHYS_DISK     PhysDisk[] __counted_by(NumPhysDisks); /* 28h */
> mptbase.c:	for (i = 0; i < buffer->NumPhysDisks; i++) {
> mptbase.c:		    buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0)
> mptsas.c:	for (i = 0; i < buffer->NumPhysDisks; i++) {
> mptsas.c:		    buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0)
> mptsas.c:	for (i = 0; i < buffer->NumPhysDisks; i++) {
> mptsas.c:		    buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0)
> 
> No binary differences are present after this conversion.
> 
> Link: https://github.com/KSPP/linux/issues/79 [1]
> Signed-off-by: Kees Cook <kees@kernel.org>

Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>

Thanks!
-- 
Gustavo

> ---
> Cc: Sathya Prakash <sathya.prakash@broadcom.com>
> Cc: Sreekanth Reddy <sreekanth.reddy@broadcom.com>
> Cc: Suganath Prabu Subramani <suganath-prabu.subramani@broadcom.com>
> Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
> Cc: MPT-FusionLinux.pdl@broadcom.com
> Cc: linux-scsi@vger.kernel.org
> Cc: linux-hardening@vger.kernel.org
> ---
>   drivers/message/fusion/lsi/mpi_cnfg.h | 10 +---------
>   1 file changed, 1 insertion(+), 9 deletions(-)
> 
> diff --git a/drivers/message/fusion/lsi/mpi_cnfg.h b/drivers/message/fusion/lsi/mpi_cnfg.h
> index 3770cb1cff7d..f59a741ef21c 100644
> --- a/drivers/message/fusion/lsi/mpi_cnfg.h
> +++ b/drivers/message/fusion/lsi/mpi_cnfg.h
> @@ -2295,14 +2295,6 @@ typedef struct _RAID_VOL0_SETTINGS
>   #define MPI_RAID_HOT_SPARE_POOL_6                       (0x40)
>   #define MPI_RAID_HOT_SPARE_POOL_7                       (0x80)
>   
> -/*
> - * Host code (drivers, BIOS, utilities, etc.) should leave this define set to
> - * one and check Header.PageLength at runtime.
> - */
> -#ifndef MPI_RAID_VOL_PAGE_0_PHYSDISK_MAX
> -#define MPI_RAID_VOL_PAGE_0_PHYSDISK_MAX        (1)
> -#endif
> -
>   typedef struct _CONFIG_PAGE_RAID_VOL_0
>   {
>       CONFIG_PAGE_HEADER      Header;         /* 00h */
> @@ -2321,7 +2313,7 @@ typedef struct _CONFIG_PAGE_RAID_VOL_0
>       U8                      DataScrubRate;  /* 25h */
>       U8                      ResyncRate;     /* 26h */
>       U8                      InactiveStatus; /* 27h */
> -    RAID_VOL0_PHYS_DISK     PhysDisk[MPI_RAID_VOL_PAGE_0_PHYSDISK_MAX];/* 28h */
> +    RAID_VOL0_PHYS_DISK     PhysDisk[] __counted_by(NumPhysDisks); /* 28h */
>   } CONFIG_PAGE_RAID_VOL_0, MPI_POINTER PTR_CONFIG_PAGE_RAID_VOL_0,
>     RaidVolumePage0_t, MPI_POINTER pRaidVolumePage0_t;
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.