include/linux/bpf-cgroup.h | 2 +- include/linux/bpf.h | 7 +------ kernel/bpf/core.c | 12 +++++++----- 3 files changed, 9 insertions(+), 12 deletions(-)
Apparently, struct bpf_empty_prog_array exists entirely to populate a
single element of "items" in a global variable. "null_prog" is only
used during the initializer.
None of this is needed; globals will be correctly sized with an array
initializer of a flexible-array member.
So, remove struct bpf_empty_prog_array and adjust the rest of the code,
accordingly.
With these changes, fix the following warnings:
7659 ./include/linux/bpf.h:2369:31: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
Changes in v2:
- Remove struct bpf_empty_prog_array. (Kees)
v1:
-Link: https://lore.kernel.org/linux-hardening/aaZr2A1UPJq33127@kspp/
include/linux/bpf-cgroup.h | 2 +-
include/linux/bpf.h | 7 +------
kernel/bpf/core.c | 12 +++++++-----
3 files changed, 9 insertions(+), 12 deletions(-)
diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h
index 2f535331f926..b2e79c2b41d5 100644
--- a/include/linux/bpf-cgroup.h
+++ b/include/linux/bpf-cgroup.h
@@ -184,7 +184,7 @@ static inline bool cgroup_bpf_sock_enabled(struct sock *sk,
struct bpf_prog_array *array;
array = rcu_access_pointer(cgrp->bpf.effective[type]);
- return array != &bpf_empty_prog_array.hdr;
+ return array != &bpf_empty_prog_array;
}
/* Wrappers for __cgroup_bpf_run_filter_skb() guarded by cgroup_bpf_enabled. */
diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 05b34a6355b0..4f5b9e85a20c 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -2365,18 +2365,13 @@ struct bpf_prog_array {
struct bpf_prog_array_item items[];
};
-struct bpf_empty_prog_array {
- struct bpf_prog_array hdr;
- struct bpf_prog *null_prog;
-};
-
/* to avoid allocating empty bpf_prog_array for cgroups that
* don't have bpf program attached use one global 'bpf_empty_prog_array'
* It will not be modified the caller of bpf_prog_array_alloc()
* (since caller requested prog_cnt == 0)
* that pointer should be 'freed' by bpf_prog_array_free()
*/
-extern struct bpf_empty_prog_array bpf_empty_prog_array;
+extern struct bpf_prog_array bpf_empty_prog_array;
struct bpf_prog_array *bpf_prog_array_alloc(u32 prog_cnt, gfp_t flags);
void bpf_prog_array_free(struct bpf_prog_array *progs);
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 67eb12b637a5..ca39d2e690b9 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -2613,8 +2613,10 @@ static struct bpf_prog_dummy {
},
};
-struct bpf_empty_prog_array bpf_empty_prog_array = {
- .null_prog = NULL,
+struct bpf_prog_array bpf_empty_prog_array = {
+ .items = {
+ { .prog = NULL },
+ },
};
EXPORT_SYMBOL(bpf_empty_prog_array);
@@ -2625,14 +2627,14 @@ struct bpf_prog_array *bpf_prog_array_alloc(u32 prog_cnt, gfp_t flags)
if (prog_cnt)
p = kzalloc_flex(*p, items, prog_cnt + 1, flags);
else
- p = &bpf_empty_prog_array.hdr;
+ p = &bpf_empty_prog_array;
return p;
}
void bpf_prog_array_free(struct bpf_prog_array *progs)
{
- if (!progs || progs == &bpf_empty_prog_array.hdr)
+ if (!progs || progs == &bpf_empty_prog_array)
return;
kfree_rcu(progs, rcu);
}
@@ -2653,7 +2655,7 @@ static void __bpf_prog_array_free_sleepable_cb(struct rcu_head *rcu)
void bpf_prog_array_free_sleepable(struct bpf_prog_array *progs)
{
- if (!progs || progs == &bpf_empty_prog_array.hdr)
+ if (!progs || progs == &bpf_empty_prog_array)
return;
call_rcu_tasks_trace(&progs->rcu, __bpf_prog_array_free_sleepable_cb);
}
--
2.43.0On 3/30/26 11:38 PM, Gustavo A. R. Silva wrote:
> Apparently, struct bpf_empty_prog_array exists entirely to populate a
> single element of "items" in a global variable. "null_prog" is only
> used during the initializer.
>
> None of this is needed; globals will be correctly sized with an array
> initializer of a flexible-array member.
>
> So, remove struct bpf_empty_prog_array and adjust the rest of the code,
> accordingly.
>
> With these changes, fix the following warnings:
>
> 7659 ./include/linux/bpf.h:2369:31: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
>
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> ---
Great cleanup! It was quite confusing how we used null_prog to fill the
fist element of the flexible array. I wonder why was it done like that.
Acked-by: Mykyta Yatsenko <yatsenko@meta.com>
> Changes in v2:
> - Remove struct bpf_empty_prog_array. (Kees)
>
> v1:
> -Link: https://lore.kernel.org/linux-hardening/aaZr2A1UPJq33127@kspp/
>
> include/linux/bpf-cgroup.h | 2 +-
> include/linux/bpf.h | 7 +------
> kernel/bpf/core.c | 12 +++++++-----
> 3 files changed, 9 insertions(+), 12 deletions(-)
>
> diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h
> index 2f535331f926..b2e79c2b41d5 100644
> --- a/include/linux/bpf-cgroup.h
> +++ b/include/linux/bpf-cgroup.h
> @@ -184,7 +184,7 @@ static inline bool cgroup_bpf_sock_enabled(struct sock *sk,
> struct bpf_prog_array *array;
>
> array = rcu_access_pointer(cgrp->bpf.effective[type]);
> - return array != &bpf_empty_prog_array.hdr;
> + return array != &bpf_empty_prog_array;
> }
>
> /* Wrappers for __cgroup_bpf_run_filter_skb() guarded by cgroup_bpf_enabled. */
> diff --git a/include/linux/bpf.h b/include/linux/bpf.h
> index 05b34a6355b0..4f5b9e85a20c 100644
> --- a/include/linux/bpf.h
> +++ b/include/linux/bpf.h
> @@ -2365,18 +2365,13 @@ struct bpf_prog_array {
> struct bpf_prog_array_item items[];
> };
>
> -struct bpf_empty_prog_array {
> - struct bpf_prog_array hdr;
> - struct bpf_prog *null_prog;
> -};
> -
> /* to avoid allocating empty bpf_prog_array for cgroups that
> * don't have bpf program attached use one global 'bpf_empty_prog_array'
> * It will not be modified the caller of bpf_prog_array_alloc()
> * (since caller requested prog_cnt == 0)
> * that pointer should be 'freed' by bpf_prog_array_free()
> */
> -extern struct bpf_empty_prog_array bpf_empty_prog_array;
> +extern struct bpf_prog_array bpf_empty_prog_array;
>
> struct bpf_prog_array *bpf_prog_array_alloc(u32 prog_cnt, gfp_t flags);
> void bpf_prog_array_free(struct bpf_prog_array *progs);
> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index 67eb12b637a5..ca39d2e690b9 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
> @@ -2613,8 +2613,10 @@ static struct bpf_prog_dummy {
> },
> };
>
> -struct bpf_empty_prog_array bpf_empty_prog_array = {
> - .null_prog = NULL,
> +struct bpf_prog_array bpf_empty_prog_array = {
> + .items = {
> + { .prog = NULL },
> + },
> };
> EXPORT_SYMBOL(bpf_empty_prog_array);
>
> @@ -2625,14 +2627,14 @@ struct bpf_prog_array *bpf_prog_array_alloc(u32 prog_cnt, gfp_t flags)
> if (prog_cnt)
> p = kzalloc_flex(*p, items, prog_cnt + 1, flags);
> else
> - p = &bpf_empty_prog_array.hdr;
> + p = &bpf_empty_prog_array;
>
> return p;
> }
>
> void bpf_prog_array_free(struct bpf_prog_array *progs)
> {
> - if (!progs || progs == &bpf_empty_prog_array.hdr)
> + if (!progs || progs == &bpf_empty_prog_array)
> return;
> kfree_rcu(progs, rcu);
> }
> @@ -2653,7 +2655,7 @@ static void __bpf_prog_array_free_sleepable_cb(struct rcu_head *rcu)
>
> void bpf_prog_array_free_sleepable(struct bpf_prog_array *progs)
> {
> - if (!progs || progs == &bpf_empty_prog_array.hdr)
> + if (!progs || progs == &bpf_empty_prog_array)
> return;
> call_rcu_tasks_trace(&progs->rcu, __bpf_prog_array_free_sleepable_cb);
> }
© 2016 - 2026 Red Hat, Inc.