From: Kees Cook <keescook@chromium.org>
To: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: "David S. Miller" <davem@davemloft.net>,
sparclinux@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH][next] openprom: Use struct_size() helper
Date: Thu, 29 Jun 2023 13:02:42 -0700 [thread overview]
Message-ID: <202306291300.7DBE393BC@keescook> (raw)
In-Reply-To: <ZJTYWQ5NA726baWK@work>
On Thu, Jun 22, 2023 at 05:25:13PM -0600, Gustavo A. R. Silva wrote:
> Prefer struct_size() over open-coded versions.
This commit log could be more descriptive since the replacement below
isn't in the standard "sizeof(struct) + sizeof(element) * count" format.
:) It took me a moment to figure out what was going on:
struct openpromio
{
unsigned int oprom_size; /* Actual size of the oprom_array. */
char oprom_array[]; /* Holds property names and values. */
};
sizeof(struct openpromio) == sizeof(int) :P
>
> Link: https://github.com/KSPP/linux/issues/160
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> ---
> drivers/sbus/char/openprom.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/sbus/char/openprom.c b/drivers/sbus/char/openprom.c
> index 30b9751aad30..de56c8fec373 100644
> --- a/drivers/sbus/char/openprom.c
> +++ b/drivers/sbus/char/openprom.c
> @@ -76,7 +76,9 @@ static int copyin(struct openpromio __user *info, struct openpromio **opp_p)
> if (bufsize > OPROMMAXPARAM)
> bufsize = OPROMMAXPARAM;
>
> - if (!(*opp_p = kzalloc(sizeof(int) + bufsize + 1, GFP_KERNEL)))
> + *opp_p = kzalloc(struct_size(*opp_p, oprom_array, bufsize + 1),
> + GFP_KERNEL);
> + if (!*opp_p)
> return -ENOMEM;
>
> if (copy_from_user(&(*opp_p)->oprom_array,
> @@ -95,7 +97,9 @@ static int getstrings(struct openpromio __user *info, struct openpromio **opp_p)
> if (!info || !opp_p)
> return -EFAULT;
>
> - if (!(*opp_p = kzalloc(sizeof(int) + OPROMMAXPARAM + 1, GFP_KERNEL)))
> + *opp_p = kzalloc(struct_size(*opp_p, oprom_array, OPROMMAXPARAM + 1),
> + GFP_KERNEL);
> + if (!*opp_p)
> return -ENOMEM;
With that understood, yeah, these look good to me. :)
Reviewed-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
prev parent reply other threads:[~2023-06-29 20:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-22 23:25 [PATCH][next] openprom: Use struct_size() helper Gustavo A. R. Silva
2023-06-29 20:02 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202306291300.7DBE393BC@keescook \
--to=keescook@chromium.org \
--cc=davem@davemloft.net \
--cc=gustavoars@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sparclinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.