Commit 5c78e793 authored by Kees Cook's avatar Kees Cook
Browse files

overflow: Introduce __DEFINE_FLEX for having no initializer 

While not yet in the tree, there is a proposed patch[1] that was
depending on the prior behavior of _DEFINE_FLEX, which did not have an
explicit initializer. Provide this via __DEFINE_FLEX now, which can also
have attributes applied (e.g. __uninitialized).

Examples of the resulting initializer behaviors can be seen here:
https://godbolt.org/z/P7Go8Tr33

Link: https://lore.kernel.org/netdev/20250520205920.2134829-9-anthony.l.nguyen@intel.com

 [1]
Fixes: 47e36ed7 ("overflow: Fix direct struct member initialization in _DEFINE_FLEX()")
Signed-off-by: default avatarKees Cook <kees@kernel.org>
parent d6a0e0bf

include/linux/overflow.h

+19 −6
Original line number Diff line number Diff line
@@ -389,24 +389,37 @@ static inline size_t __must_check size_sub(size_t minuend, size_t subtrahend) 
	struct_size((type *)NULL, member, count)



/**

 * _DEFINE_FLEX() - helper macro for DEFINE_FLEX() family.

 * Enables caller macro to pass (different) initializer.

 * __DEFINE_FLEX() - helper macro for DEFINE_FLEX() family.

 * Enables caller macro to pass arbitrary trailing expressions

 *

 * @type: structure type name, including "struct" keyword.

 * @name: Name for a variable to define.

 * @member: Name of the array member.

 * @count: Number of elements in the array; must be compile-time const.

 * @initializer: Initializer expression (e.g., pass `= { }` at minimum).

 * @trailer: Trailing expressions for attributes and/or initializers.

 */

#define _DEFINE_FLEX(type, name, member, count, initializer...)			\

#define __DEFINE_FLEX(type, name, member, count, trailer...)			\

	_Static_assert(__builtin_constant_p(count),				\

		       "onstack flex array members require compile-time const count"); \

	union {									\

		u8 bytes[struct_size_t(type, member, count)];			\

		type obj;							\

	} name##_u = { .obj initializer };					\

	} name##_u trailer;							\

	type *name = (type *)&name##_u



/**

 * _DEFINE_FLEX() - helper macro for DEFINE_FLEX() family.

 * Enables caller macro to pass (different) initializer.

 *

 * @type: structure type name, including "struct" keyword.

 * @name: Name for a variable to define.

 * @member: Name of the array member.

 * @count: Number of elements in the array; must be compile-time const.

 * @initializer: Initializer expression (e.g., pass `= { }` at minimum).

 */

#define _DEFINE_FLEX(type, name, member, count, initializer...)			\

	__DEFINE_FLEX(type, name, member, count, = { .obj initializer })



/**

 * DEFINE_RAW_FLEX() - Define an on-stack instance of structure with a trailing

 * flexible array member, when it does not have a __counted_by annotation.
@@ -424,7 +437,7 @@ static inline size_t __must_check size_sub(size_t minuend, size_t subtrahend) 
 * elements in array @member.

 */

#define DEFINE_RAW_FLEX(type, name, member, count)	\

	_DEFINE_FLEX(type, name, member, count, = {})

	__DEFINE_FLEX(type, name, member, count, = { })



/**

 * DEFINE_FLEX() - Define an on-stack instance of structure with a trailing