[PATCH 28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab
Gustavo A. R. Silva
gustavoars at kernel.org
Wed May 4 23:43:24 UTC 2022
Hi Paul,
On Wed, May 04, 2022 at 06:57:28PM -0400, Paul Moore wrote:
> On Tue, May 3, 2022 at 9:57 PM Kees Cook <keescook at chromium.org> wrote:
[..]
> > +++ b/include/uapi/linux/xfrm.h
> > @@ -31,9 +31,9 @@ struct xfrm_id {
> > struct xfrm_sec_ctx {
> > __u8 ctx_doi;
> > __u8 ctx_alg;
> > - __u16 ctx_len;
> > + __DECLARE_FLEX_ARRAY_ELEMENTS_COUNT(__u16, ctx_len);
> > __u32 ctx_sid;
> > - char ctx_str[0];
> > + __DECLARE_FLEX_ARRAY_ELEMENTS(char, ctx_str);
> > };
>
> While I like the idea of this in principle, I'd like to hear about the
> testing you've done on these patches. A previous flex array
> conversion in the audit uapi headers ended up causing a problem with
I'm curious about which commit caused those problems...?
Thanks
--
Gustavo
> GCC12 and SWIG; while it was a SWIG problem and not a kernel header
> problem that was thin consolation for those with broken builds.
More information about the Linux-security-module-archive
mailing list