On Thu, May 12, 2022 at 10:41:05PM +0100, David Howells wrote:
>
> Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> > struct afs_acl {
> > - u32 size;
> > - u8 data[];
> > + DECLARE_FLEX_ARRAY_ELEMENTS_COUNT(u32, size);
> > + DECLARE_FLEX_ARRAY_ELEMENTS(u8, data);
> > };
>
> Oof... That's really quite unpleasant syntax. Is it not possible to have
> mem_to_flex_dup() and friends work without that? You are telling them the
> fields they have to fill in.
Other threads discussed this too. I'm hoping to have something more
flexible (pardon the pun) in v2.
> [...]
> or:
>
> ret = mem_to_flex_dup(&acl, buffer, size, GFP_KERNEL);
> if (ret < 0)
>
> (or use != 0 rather than < 0)
Sure, I can make the tests more explicit. The kerndoc, etc all shows it's
using < 0 for errors.
--
Kees Cook
