scsi: megaraid_sas: struct MR_HOST_DEVICE_LIST: Replace 1-element array with flexible...

Replace the deprecated[1] use of a 1-element array in struct
MR_HOST_DEVICE_LIST with a modern flexible array.

One binary difference appears in megasas_host_device_list_query():

        struct MR_HOST_DEVICE_LIST *ci;
	...
        ci = instance->host_device_list_buf;
	...
        memset(ci, 0, sizeof(*ci));

The memset() clears only the non-flexible array fields. Looking at the rest
of the function, this appears to be fine: firmware is using this region to
communicate with the kernel, so it likely never made sense to clear the
first MR_HOST_DEVICE_LIST_ENTRY.

Link: https://github.com/KSPP/linux/issues/79
Signed-off-by: Kees Cook <kees@kernel.org>
Link: https://lore.kernel.org/r/20240711155841.work.839-kees@kernel.org
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

diff --git a/drivers/scsi/megaraid/megaraid_sas.h b/drivers/scsi/megaraid/megaraid_sas.h
index 84cf77c48c0d26af0fd62d2634dcee177bcd47ac..088cc40ae866a0784fc01068f47e0501c3d5644f 100644 (file)
--- a/drivers/scsi/megaraid/megaraid_sas.h
+++ b/drivers/scsi/megaraid/megaraid_sas.h
@@ -814,12 +814,12 @@ struct MR_HOST_DEVICE_LIST {
        __le32                  size;
        __le32                  count;
        __le32                  reserved[2];
-       struct MR_HOST_DEVICE_LIST_ENTRY        host_device_list[1];
+       struct MR_HOST_DEVICE_LIST_ENTRY        host_device_list[] __counted_by_le(count);
 } __packed;
 
 #define HOST_DEVICE_LIST_SZ (sizeof(struct MR_HOST_DEVICE_LIST) +             \
                              (sizeof(struct MR_HOST_DEVICE_LIST_ENTRY) *      \
-                             (MEGASAS_MAX_PD + MAX_LOGICAL_DRIVES_EXT - 1)))
+                             (MEGASAS_MAX_PD + MAX_LOGICAL_DRIVES_EXT)))
 
 
 /*