As noted in the "Deprecated Interfaces, Language Features, Attributes, and Conventions" documentation [1], size calculations (especially multiplication) should not be performed in memory allocator (or similar) function arguments due to the risk of them overflowing. This could lead to values wrapping around and a smaller allocation being made than the caller was expecting. Using those allocations could lead to linear overflows of heap memory and other misbehaviors.
So, use the struct_size() helper to do the arithmetic instead of the argument "size + count * size" in the kzalloc() function.
[1] https://www.kernel.org/doc/html/v5.14/process/deprecated.html#open-coded-ari...
Signed-off-by: Len Baker len.baker@gmx.com --- drivers/net/ethernet/microsoft/mana/hw_channel.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/microsoft/mana/hw_channel.c b/drivers/net/ethernet/microsoft/mana/hw_channel.c index 1a923fd99990..0efdc6c3c32a 100644 --- a/drivers/net/ethernet/microsoft/mana/hw_channel.c +++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c @@ -398,9 +398,7 @@ static int mana_hwc_alloc_dma_buf(struct hw_channel_context *hwc, u16 q_depth, int err; u16 i;
- dma_buf = kzalloc(sizeof(*dma_buf) + - q_depth * sizeof(struct hwc_work_request), - GFP_KERNEL); + dma_buf = kzalloc(struct_size(dma_buf, reqs, q_depth), GFP_KERNEL); if (!dma_buf) return -ENOMEM;
-- 2.25.1
-----Original Message----- From: Len Baker len.baker@gmx.com Sent: Saturday, September 11, 2021 6:28 AM To: KY Srinivasan kys@microsoft.com; Haiyang Zhang haiyangz@microsoft.com; Stephen Hemminger sthemmin@microsoft.com; Wei Liu wei.liu@kernel.org; Dexuan Cui decui@microsoft.com; David S. Miller davem@davemloft.net; Jakub Kicinski kuba@kernel.org; Sumit Semwal sumit.semwal@linaro.org; Christian König christian.koenig@amd.com; Kees Cook keescook@chromium.org Cc: Len Baker len.baker@gmx.com; Colin Ian King colin.king@canonical.com; linux-hardening@vger.kernel.org; linux- hyperv@vger.kernel.org; netdev@vger.kernel.org; linux- kernel@vger.kernel.org; linux-media@vger.kernel.org; dri- devel@lists.freedesktop.org; linaro-mm-sig@lists.linaro.org Subject: [PATCH] net: mana: Prefer struct_size over open coded arithmetic
[Some people who received this message don't often get email from len.baker@gmx.com. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.]
As noted in the "Deprecated Interfaces, Language Features, Attributes, and Conventions" documentation [1], size calculations (especially multiplication) should not be performed in memory allocator (or similar) function arguments due to the risk of them overflowing. This could lead to values wrapping around and a smaller allocation being made than the caller was expecting. Using those allocations could lead to linear overflows of heap memory and other misbehaviors.
So, use the struct_size() helper to do the arithmetic instead of the argument "size + count * size" in the kzalloc() function.
[1] https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ke rnel.org%2Fdoc%2Fhtml%2Fv5.14%2Fprocess%2Fdeprecated.html%23open-coded- arithmetic-in-allocator- arguments&data=04%7C01%7Chaiyangz%40microsoft.com%7C1bf83c1204a34dae a6d308d9750eef16%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C6376695297 12931146%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJ BTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=PbYpBtyYfVfwwlxWSQx%2FiARc9 mhb0J7bfD46%2F9q5oTw%3D&reserved=0
Signed-off-by: Len Baker len.baker@gmx.com
drivers/net/ethernet/microsoft/mana/hw_channel.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/microsoft/mana/hw_channel.c b/drivers/net/ethernet/microsoft/mana/hw_channel.c index 1a923fd99990..0efdc6c3c32a 100644 --- a/drivers/net/ethernet/microsoft/mana/hw_channel.c +++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c @@ -398,9 +398,7 @@ static int mana_hwc_alloc_dma_buf(struct hw_channel_context *hwc, u16 q_depth, int err; u16 i;
dma_buf = kzalloc(sizeof(*dma_buf) +q_depth * sizeof(struct hwc_work_request),GFP_KERNEL);
dma_buf = kzalloc(struct_size(dma_buf, reqs, q_depth),GFP_KERNEL);
Thanks!
Reviewed-by: Haiyang Zhang haiyangz@microsoft.com
Hi,
On Sat, Sep 11, 2021 at 12:28:18PM +0200, Len Baker wrote:
As noted in the "Deprecated Interfaces, Language Features, Attributes, and Conventions" documentation [1], size calculations (especially multiplication) should not be performed in memory allocator (or similar) function arguments due to the risk of them overflowing. This could lead to values wrapping around and a smaller allocation being made than the caller was expecting. Using those allocations could lead to linear overflows of heap memory and other misbehaviors.
So, use the struct_size() helper to do the arithmetic instead of the argument "size + count * size" in the kzalloc() function.
[1] https://www.kernel.org/doc/html/v5.14/process/deprecated.html#open-coded-ari...
Signed-off-by: Len Baker len.baker@gmx.com
drivers/net/ethernet/microsoft/mana/hw_channel.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/microsoft/mana/hw_channel.c b/drivers/net/ethernet/microsoft/mana/hw_channel.c index 1a923fd99990..0efdc6c3c32a 100644 --- a/drivers/net/ethernet/microsoft/mana/hw_channel.c +++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c @@ -398,9 +398,7 @@ static int mana_hwc_alloc_dma_buf(struct hw_channel_context *hwc, u16 q_depth, int err; u16 i;
- dma_buf = kzalloc(sizeof(*dma_buf) +
q_depth * sizeof(struct hwc_work_request),GFP_KERNEL);
- dma_buf = kzalloc(struct_size(dma_buf, reqs, q_depth), GFP_KERNEL); if (!dma_buf) return -ENOMEM;
-- 2.25.1
I have received a email from the linux-media subsystem telling that this patch is not applicable. The email is the following:
Hello,
The following patch (submitted by you) has been updated in Patchwork:
* linux-media: net: mana: Prefer struct_size over open coded arithmetic - http://patchwork.linuxtv.org/project/linux-media/patch/20210911102818.3804-1... - for: Linux Media kernel patches was: New now: Not Applicable
This email is a notification only - you do not need to respond.
The question is: Why it is not applicable?. I have no received any bad comment and a "Reviewed-by:" tag from Haiyang Zhang. So, what is the reason for the "Not Applicable" state?.
Regards, Len
On September 18, 2021 6:20:10 AM PDT, Len Baker len.baker@gmx.com wrote:
Hi,
On Sat, Sep 11, 2021 at 12:28:18PM +0200, Len Baker wrote:
As noted in the "Deprecated Interfaces, Language Features, Attributes, and Conventions" documentation [1], size calculations (especially multiplication) should not be performed in memory allocator (or similar) function arguments due to the risk of them overflowing. This could lead to values wrapping around and a smaller allocation being made than the caller was expecting. Using those allocations could lead to linear overflows of heap memory and other misbehaviors.
So, use the struct_size() helper to do the arithmetic instead of the argument "size + count * size" in the kzalloc() function.
[1] https://www.kernel.org/doc/html/v5.14/process/deprecated.html#open-coded-ari...
Signed-off-by: Len Baker len.baker@gmx.com
drivers/net/ethernet/microsoft/mana/hw_channel.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/microsoft/mana/hw_channel.c b/drivers/net/ethernet/microsoft/mana/hw_channel.c index 1a923fd99990..0efdc6c3c32a 100644 --- a/drivers/net/ethernet/microsoft/mana/hw_channel.c +++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c @@ -398,9 +398,7 @@ static int mana_hwc_alloc_dma_buf(struct hw_channel_context *hwc, u16 q_depth, int err; u16 i;
- dma_buf = kzalloc(sizeof(*dma_buf) +
q_depth * sizeof(struct hwc_work_request),GFP_KERNEL);
- dma_buf = kzalloc(struct_size(dma_buf, reqs, q_depth), GFP_KERNEL); if (!dma_buf) return -ENOMEM;
-- 2.25.1
I have received a email from the linux-media subsystem telling that this patch is not applicable. The email is the following:
Hello,
The following patch (submitted by you) has been updated in Patchwork:
- linux-media: net: mana: Prefer struct_size over open coded arithmetic
was: New now: Not Applicable
- http://patchwork.linuxtv.org/project/linux-media/patch/20210911102818.3804-1...
- for: Linux Media kernel patches
This email is a notification only - you do not need to respond.
The question is: Why it is not applicable?. I have no received any bad comment and a "Reviewed-by:" tag from Haiyang Zhang. So, what is the reason for the "Not Applicable" state?.
That is the "Media" subsystem patch tracker. The patch appears to be for networking, so the Media tracker has marked it as "not applicable [to the media subsystem]".
The CC list for this patch seems rather wide (media, dri). I would have expected only netdev. Were you using scripts/get_maintainer.pl for getting addresses?
-Kees
Hi Kees,
On Sat, Sep 18, 2021 at 06:51:51AM -0700, Kees Cook wrote:
On September 18, 2021 6:20:10 AM PDT, Len Baker len.baker@gmx.com wrote:
Hi,
On Sat, Sep 11, 2021 at 12:28:18PM +0200, Len Baker wrote:
As noted in the "Deprecated Interfaces, Language Features, Attributes, and Conventions" documentation [1], size calculations (especially multiplication) should not be performed in memory allocator (or similar) function arguments due to the risk of them overflowing. This could lead to values wrapping around and a smaller allocation being made than the caller was expecting. Using those allocations could lead to linear overflows of heap memory and other misbehaviors.
So, use the struct_size() helper to do the arithmetic instead of the argument "size + count * size" in the kzalloc() function.
[1] https://www.kernel.org/doc/html/v5.14/process/deprecated.html#open-coded-ari...
Signed-off-by: Len Baker len.baker@gmx.com
drivers/net/ethernet/microsoft/mana/hw_channel.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/microsoft/mana/hw_channel.c b/drivers/net/ethernet/microsoft/mana/hw_channel.c index 1a923fd99990..0efdc6c3c32a 100644 --- a/drivers/net/ethernet/microsoft/mana/hw_channel.c +++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c @@ -398,9 +398,7 @@ static int mana_hwc_alloc_dma_buf(struct hw_channel_context *hwc, u16 q_depth, int err; u16 i;
- dma_buf = kzalloc(sizeof(*dma_buf) +
q_depth * sizeof(struct hwc_work_request),GFP_KERNEL);
- dma_buf = kzalloc(struct_size(dma_buf, reqs, q_depth), GFP_KERNEL); if (!dma_buf) return -ENOMEM;
-- 2.25.1
I have received a email from the linux-media subsystem telling that this patch is not applicable. The email is the following:
Hello,
The following patch (submitted by you) has been updated in Patchwork:
- linux-media: net: mana: Prefer struct_size over open coded arithmetic
was: New now: Not Applicable
- http://patchwork.linuxtv.org/project/linux-media/patch/20210911102818.3804-1...
- for: Linux Media kernel patches
This email is a notification only - you do not need to respond.
The question is: Why it is not applicable?. I have no received any bad comment and a "Reviewed-by:" tag from Haiyang Zhang. So, what is the reason for the "Not Applicable" state?.
That is the "Media" subsystem patch tracker. The patch appears to be for networking, so the Media tracker has marked it as "not applicable [to the media subsystem]".
The CC list for this patch seems rather wide (media, dri). I would have expected only netdev. Were you using scripts/get_maintainer.pl for getting addresses?
Yes, my workflow is scripts/checkpatch.pl and then scripts/get_maintainer.pl before sending any patch :)
Regards, Len
-Kees
From: Len Baker len.baker@gmx.com Sent: Saturday, September 18, 2021 6:20 AM ... I have received a email from the linux-media subsystem telling that this patch is not applicable. The email is the following:
Regards, Len
The patch is already in the net-next tree: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?...
Hi Dexuan,
On Sat, Sep 18, 2021 at 05:06:16PM +0000, Dexuan Cui wrote:
From: Len Baker len.baker@gmx.com Sent: Saturday, September 18, 2021 6:20 AM ... I have received a email from the linux-media subsystem telling that this patch is not applicable. The email is the following:
Regards, Len
The patch is already in the net-next tree: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?...
Thanks for the info.
Regards, Len
dri-devel@lists.freedesktop.org
-
Dexuan Cui -
Haiyang Zhang -
Kees Cook -
Len Baker