• Gustavo A. R. Silva's avatar
    integrity: Avoid -Wflex-array-member-not-at-end warnings · 38aa3f5a
    Gustavo A. R. Silva authored
    -Wflex-array-member-not-at-end is coming in GCC-14, and we are getting
    ready to enable it globally.
    
    There is currently an object (`hdr)` in `struct ima_max_digest_data`
    that contains a flexible structure (`struct ima_digest_data`):
    
     struct ima_max_digest_data {
            struct ima_digest_data hdr;
            u8 digest[HASH_MAX_DIGESTSIZE];
     } __packed;
    
    So, in order to avoid ending up with a flexible-array member in the
    middle of a struct, we use the `__struct_group()` helper to separate
    the flexible array from the rest of the members in the flexible
    structure:
    
    struct ima_digest_data {
            __struct_group(ima_digest_data_hdr, hdr, __packed,
    
            ... the rest of the members
    
            );
            u8 digest[];
    } __packed;
    
    And similarly for `struct evm_ima_xattr_data`.
    
    With the change described above, we can now declare an object of the
    type of the tagged `struct ima_digest_data_hdr`, without embedding the
    flexible array in the middle of another struct:
    
     struct ima_max_digest_data {
            struct ima_digest_data_hdr hdr;
            u8 digest[HASH_MAX_DIGESTSIZE];
     } __packed;
    
    And similarly for `struct evm_digest` and `struct evm_xattr`.
    
    We also use `container_of()` whenever we need to retrieve a pointer to
    the flexible structure.
    
    So, with these changes, fix the following warnings:
    
    security/integrity/evm/evm.h:64:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/evm/../integrity.h:40:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/evm/../integrity.h:68:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/ima/../integrity.h:40:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/ima/../integrity.h:68:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/integrity.h:40:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/integrity.h:68:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/platform_certs/../integrity.h:40:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    security/integrity/platform_certs/../integrity.h:68:32: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
    
    Link: https://github.com/KSPP/linux/issues/202Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
    Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
    38aa3f5a
evm.h 2.11 KB