drivers/mux/core.c | 7 +++---- include/linux/mux/driver.h | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-)
Convert mux_control_ops to a flexible array member at the end of the
mux_chip struct and add the __counted_by() compiler attribute to
improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.
Use struct_size() to calculate the number of bytes to allocate for a new
mux chip and to remove the following Coccinelle/coccicheck warning:
WARNING: Use struct_size
Use size_add() to safely add any extra bytes.
No functional changes intended.
Link: https://github.com/KSPP/linux/issues/83
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
drivers/mux/core.c | 7 +++----
include/linux/mux/driver.h | 4 ++--
2 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/drivers/mux/core.c b/drivers/mux/core.c
index 02be4ba37257..a3840fe0995f 100644
--- a/drivers/mux/core.c
+++ b/drivers/mux/core.c
@@ -98,13 +98,12 @@ struct mux_chip *mux_chip_alloc(struct device *dev,
if (WARN_ON(!dev || !controllers))
return ERR_PTR(-EINVAL);
- mux_chip = kzalloc(sizeof(*mux_chip) +
- controllers * sizeof(*mux_chip->mux) +
- sizeof_priv, GFP_KERNEL);
+ mux_chip = kzalloc(size_add(struct_size(mux_chip, mux, controllers),
+ sizeof_priv),
+ GFP_KERNEL);
if (!mux_chip)
return ERR_PTR(-ENOMEM);
- mux_chip->mux = (struct mux_control *)(mux_chip + 1);
mux_chip->dev.class = &mux_class;
mux_chip->dev.type = &mux_type;
mux_chip->dev.parent = dev;
diff --git a/include/linux/mux/driver.h b/include/linux/mux/driver.h
index 18824064f8c0..e58e59354e23 100644
--- a/include/linux/mux/driver.h
+++ b/include/linux/mux/driver.h
@@ -56,18 +56,18 @@ struct mux_control {
/**
* struct mux_chip - Represents a chip holding mux controllers.
* @controllers: Number of mux controllers handled by the chip.
- * @mux: Array of mux controllers that are handled.
* @dev: Device structure.
* @id: Used to identify the device internally.
* @ops: Mux controller operations.
+ * @mux: Array of mux controllers that are handled.
*/
struct mux_chip {
unsigned int controllers;
- struct mux_control *mux;
struct device dev;
int id;
const struct mux_control_ops *ops;
+ struct mux_control mux[] __counted_by(controllers);
};
#define to_mux_chip(x) container_of((x), struct mux_chip, dev)
--
2.49.0On Tue, 10 Jun 2025 12:40:59 +0200, Thorsten Blum wrote:
> Convert mux_control_ops to a flexible array member at the end of the
> mux_chip struct and add the __counted_by() compiler attribute to
> improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
> CONFIG_FORTIFY_SOURCE.
>
> Use struct_size() to calculate the number of bytes to allocate for a new
> mux chip and to remove the following Coccinelle/coccicheck warning:
>
> [...]
Applied to for-next/hardening, thanks!
[1/1] mux: Convert mux_control_ops to a flex array member in mux_chip
https://git.kernel.org/kees/c/4bfbc2691de8
Take care,
--
Kees Cook
On 10. Jun 2025, at 12:40, Thorsten Blum wrote: > Convert mux_control_ops to a flexible array member at the end of the > mux_chip struct and add the __counted_by() compiler attribute to > improve access bounds-checking via CONFIG_UBSAN_BOUNDS and > CONFIG_FORTIFY_SOURCE. > > Use struct_size() to calculate the number of bytes to allocate for a new > mux chip and to remove the following Coccinelle/coccicheck warning: > > WARNING: Use struct_size > > Use size_add() to safely add any extra bytes. > > No functional changes intended. > > Link: https://github.com/KSPP/linux/issues/83 > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> > --- Hi all, since Peter isn't reachable, could someone else take care of this one? Is there anything else I can do to get this merged? I also noticed that Krzysztof recently changed the status of the mux subsystem from "Maintained" to "Odd Fixes" in ff91020412085. Thanks, Thorsten
© 2016 - 2025 Red Hat, Inc.