Commit 26dd68d2 authored by Przemek Kitszel's avatar Przemek Kitszel Committed by Jakub Kicinski
Browse files

overflow: add DEFINE_FLEX() for on-stack allocs 

Add DEFINE_FLEX() macro for on-stack allocations of structs with
flexible array member.

Expose __struct_size() macro outside of fortify-string.h, as it could be
used to read size of structs allocated by DEFINE_FLEX().
Move __member_size() alongside it.
-Kees

Using underlying array for on-stack storage lets us to declare
known-at-compile-time structures without kzalloc().

Actual usage for ice driver is in following patches of the series.

Missing __has_builtin() workaround is moved up to serve also assembly
compilation with m68k-linux-gcc, see [1].
Error was (note the .S file extension):
In file included from ../include/linux/linkage.h:5,
                 from ../arch/m68k/fpsp040/skeleton.S:40:
../include/linux/compiler_types.h:331:5: warning: "__has_builtin" is not defined, evaluates to 0 [-Wundef]
  331 | #if __has_builtin(__builtin_dynamic_object_size)
      |     ^~~~~~~~~~~~~
../include/linux/compiler_types.h:331:18: error: missing binary operator before token "("
  331 | #if __has_builtin(__builtin_dynamic_object_size)
      |                  ^

[1] https://lore.kernel.org/netdev/202308112122.OuF0YZqL-lkp@intel.com/


Co-developed-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarPrzemek Kitszel <przemyslaw.kitszel@intel.com>
Link: https://lore.kernel.org/r/20230912115937.1645707-2-przemyslaw.kitszel@intel.com


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent e6435973

include/linux/compiler_types.h

+21 −11
Original line number Diff line number Diff line
@@ -2,6 +2,15 @@ 
#ifndef __LINUX_COMPILER_TYPES_H

#define __LINUX_COMPILER_TYPES_H



/*

 * __has_builtin is supported on gcc >= 10, clang >= 3 and icc >= 21.

 * In the meantime, to support gcc < 10, we implement __has_builtin

 * by hand.

 */

#ifndef __has_builtin

#define __has_builtin(x) (0)

#endif



#ifndef __ASSEMBLY__



/*
@@ -134,17 +143,6 @@ static inline void __chk_io_ptr(const volatile void __iomem *ptr) { } 
# define __preserve_most

#endif



/* Builtins */



/*

 * __has_builtin is supported on gcc >= 10, clang >= 3 and icc >= 21.

 * In the meantime, to support gcc < 10, we implement __has_builtin

 * by hand.

 */

#ifndef __has_builtin

#define __has_builtin(x) (0)

#endif



/* Compiler specific macros. */

#ifdef __clang__

#include <linux/compiler-clang.h>
@@ -352,6 +350,18 @@ struct ftrace_likely_data { 
# define __realloc_size(x, ...)

#endif



/*

 * When the size of an allocated object is needed, use the best available

 * mechanism to find it. (For cases where sizeof() cannot be used.)

 */

#if __has_builtin(__builtin_dynamic_object_size)

#define __struct_size(p)	__builtin_dynamic_object_size(p, 0)

#define __member_size(p)	__builtin_dynamic_object_size(p, 1)

#else

#define __struct_size(p)	__builtin_object_size(p, 0)

#define __member_size(p)	__builtin_object_size(p, 1)

#endif



#ifndef asm_volatile_goto

#define asm_volatile_goto(x...) asm goto(x)

#endif

include/linux/fortify-string.h

+0 −4
Original line number Diff line number Diff line
@@ -93,13 +93,9 @@ extern char *__underlying_strncpy(char *p, const char *q, __kernel_size_t size) 
#if __has_builtin(__builtin_dynamic_object_size)

#define POS			__pass_dynamic_object_size(1)

#define POS0			__pass_dynamic_object_size(0)

#define __struct_size(p)	__builtin_dynamic_object_size(p, 0)

#define __member_size(p)	__builtin_dynamic_object_size(p, 1)

#else

#define POS			__pass_object_size(1)

#define POS0			__pass_object_size(0)

#define __struct_size(p)	__builtin_object_size(p, 0)

#define __member_size(p)	__builtin_object_size(p, 1)

#endif



#define __compiletime_lessthan(bounds, length)	(	\

include/linux/overflow.h

+35 −0
Original line number Diff line number Diff line
@@ -309,4 +309,39 @@ static inline size_t __must_check size_sub(size_t minuend, size_t subtrahend) 
#define struct_size_t(type, member, count)					\

	struct_size((type *)NULL, member, count)



/**

 * _DEFINE_FLEX() - helper macro for DEFINE_FLEX() family.

 * Enables caller macro to pass (different) initializer.

 *

 * @type: structure type name, including "struct" keyword.

 * @name: Name for a variable to define.

 * @member: Name of the array member.

 * @count: Number of elements in the array; must be compile-time const.

 * @initializer: initializer expression (could be empty for no init).

 */

#define _DEFINE_FLEX(type, name, member, count, initializer)			\

	_Static_assert(__builtin_constant_p(count),				\

		       "onstack flex array members require compile-time const count"); \

	union {									\

		u8 bytes[struct_size_t(type, member, count)];			\

		type obj;							\

	} name##_u initializer;							\

	type *name = (type *)&name##_u



/**

 * DEFINE_FLEX() - Define an on-stack instance of structure with a trailing

 * flexible array member.

 *

 * @type: structure type name, including "struct" keyword.

 * @name: Name for a variable to define.

 * @member: Name of the array member.

 * @count: Number of elements in the array; must be compile-time const.

 *

 * Define a zeroed, on-stack, instance of @type structure with a trailing

 * flexible array member.

 * Use __struct_size(@name) to get compile-time size of it afterwards.

 */

#define DEFINE_FLEX(type, name, member, count)			\

	_DEFINE_FLEX(type, name, member, count, = {})



#endif /* __LINUX_OVERFLOW_H */