On Sat, Feb 17, 2024 at 02:17:33PM -0600, Alex Elder wrote:
On 2/16/24 5:28 PM, Kees Cook wrote:
FORTIFY_SOURCE has been ignoring 0-sized destinations while the kernel code base has been converted to flexible arrays. In order to enforce the 0-sized destinations (e.g. with __counted_by), the remaining 0-sized destinations need to be handled. Instead of converting an empty struct into using a flexible array, just directly use a pointer without any additional indirection. Remove struct gb_bootrom_get_firmware_response and struct gb_fw_download_fetch_firmware_response.
The only down side I see is that it sort of disrupts a pattern used on Greybus request handlers (and the response structure definitions).
I think a one-line comment in place of each of these two definitions would be helpful, something like: /* gb_fw_download_fetch_firmware_response contains no data */
Er, maybe this should be "no other data" ? Do you want a v2 of this patch?
And then add a similar comment above the calls to gb_operation_response_alloc().
Otherwise this looks good.
Reviewed-by: Alex Elder elder@linaro.org
Thanks!