On 2/17/24 3:58 PM, Kees Cook wrote:
On Sat, Feb 17, 2024 at 02:17:33PM -0600, Alex Elder wrote:
On 2/16/24 5:28 PM, Kees Cook wrote:
FORTIFY_SOURCE has been ignoring 0-sized destinations while the kernel
code base has been converted to flexible arrays. In order to enforce
the 0-sized destinations (e.g. with __counted_by), the remaining 0-sized
destinations need to be handled. Instead of converting an empty struct
into using a flexible array, just directly use a pointer without any
additional indirection. Remove struct gb_bootrom_get_firmware_response
and struct gb_fw_download_fetch_firmware_response.
The only down side I see is that it sort of disrupts a pattern
used on Greybus request handlers (and the response structure definitions).
I think a one-line comment in place of each of these two
definitions would be helpful, something like:
/* gb_fw_download_fetch_firmware_response contains no data */
Er, maybe this should be "no other data" ? Do you want a v2 of this
patch?
Sending v2 is probably best, because I'd like to see these
comments. Greg could fix it up himself but he probably wants
to pull it from the list
And yes, "no other data" is fine, or maybe "no payload"
or "has an empty payload". Any of those is better than
nothing; you choose.
Thank you.
-Alex
And then add a similar comment above the calls to
gb_operation_response_alloc().
Otherwise this looks good.
Reviewed-by: Alex Elder <elder@xxxxxxxxxx>
Thanks!