bpf: Replace zero-length array with flexible-array member

The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Song Liu <songliubraving@fb.com>
Link: https://lore.kernel.org/bpf/20200227001744.GA3317@embeddedor

diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h
index a11d5b7dbbf30e500a776eb6a6137a38c18dc2d3..a7cd5c7a250917d2f26adcf94392d09d4148fc7f 100644 (file)
--- a/include/linux/bpf-cgroup.h
+++ b/include/linux/bpf-cgroup.h
@@ -36,7 +36,7 @@ struct bpf_cgroup_storage_map;
 
 struct bpf_storage_buffer {
        struct rcu_head rcu;
-       char data[0];
+       char data[];
 };
 
 struct bpf_cgroup_storage {

diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 1acd5bf70350f0926666be407c0960235531bca6..9aa33b8f3d5523b6ef9f98e3c623072eed2fe70f 100644 (file)
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -859,7 +859,7 @@ struct bpf_prog_array_item {
 
 struct bpf_prog_array {
        struct rcu_head rcu;
-       struct bpf_prog_array_item items[0];
+       struct bpf_prog_array_item items[];
 };
 
 struct bpf_prog_array *bpf_prog_array_alloc(u32 prog_cnt, gfp_t flags);

diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 906e9f2752dbb42e61b733be4acb2459ae034b29..8e98ced0963b52009c4754efce7ec8a4e06b9a68 100644 (file)
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -73,7 +73,7 @@ struct bpf_insn {
 /* Key of an a BPF_MAP_TYPE_LPM_TRIE entry */
 struct bpf_lpm_trie_key {
        __u32   prefixlen;      /* up to 32 for AF_INET, 128 for AF_INET6 */
-       __u8    data[0];        /* Arbitrary size */
+       __u8    data[]; /* Arbitrary size */
 };
 
 struct bpf_cgroup_storage_key {

diff --git a/kernel/bpf/bpf_struct_ops.c b/kernel/bpf/bpf_struct_ops.c
index 042f95534f86db0b11148b72d64db98162dd0439..c498f0fffb4061111839cb8cab6eaa2d8d031695 100644 (file)
--- a/kernel/bpf/bpf_struct_ops.c
+++ b/kernel/bpf/bpf_struct_ops.c
@@ -23,7 +23,7 @@ enum bpf_struct_ops_state {
 
 struct bpf_struct_ops_value {
        BPF_STRUCT_OPS_COMMON_VALUE;
-       char data[0] ____cacheline_aligned_in_smp;
+       char data[] ____cacheline_aligned_in_smp;
 };
 
 struct bpf_struct_ops_map {

diff --git a/kernel/bpf/hashtab.c b/kernel/bpf/hashtab.c
index 53d9483fee10b333a799f087d157cd4112bfe516..d541c8486c95dad96568815d1e7745f128707cf7 100644 (file)
--- a/kernel/bpf/hashtab.c
+++ b/kernel/bpf/hashtab.c
@@ -118,7 +118,7 @@ struct htab_elem {
                struct bpf_lru_node lru_node;
        };
        u32 hash;
-       char key[0] __aligned(8);
+       char key[] __aligned(8);
 };
 
 static inline bool htab_is_prealloc(const struct bpf_htab *htab)

diff --git a/kernel/bpf/lpm_trie.c b/kernel/bpf/lpm_trie.c
index 3b3c420bc8ed8eb1b5713280509070c774497d8f..65c236cf341e04514b785d1ca0790cc5207ad04d 100644 (file)
--- a/kernel/bpf/lpm_trie.c
+++ b/kernel/bpf/lpm_trie.c
@@ -25,7 +25,7 @@ struct lpm_trie_node {
        struct lpm_trie_node __rcu      *child[2];
        u32                             prefixlen;
        u32                             flags;
-       u8                              data[0];
+       u8                              data[];
 };
 
 struct lpm_trie {