From: Kees Cook <keescook@chromium.org>
To: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: linux-iio@vger.kernel.org, linux-kernel@vger.kernel.org,
"Jonathan Cameron" <jic23@kernel.org>,
"Lars-Peter Clausen" <lars@metafoo.de>,
"Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>,
"Nuno Sa" <nuno.sa@analog.com>
Subject: Re: [PATCH v3 2/4] iio: core: Add opaque_struct_size() helper and use it
Date: Thu, 27 Jul 2023 11:16:41 -0700 [thread overview]
Message-ID: <202307271114.2B9B07C@keescook> (raw)
In-Reply-To: <ZL5cXHAM/y1eg42D@smile.fi.intel.com>
On Mon, Jul 24, 2023 at 02:11:24PM +0300, Andy Shevchenko wrote:
> On Mon, Jul 24, 2023 at 02:02:02PM +0300, Andy Shevchenko wrote:
> > Introduce opaque_struct_size() helper, which may be moved
> > to overflow.h in the future, and use it in the IIO core.
> >
> > Potential users could be (among possible others):
> >
> > __spi_alloc_controller() in drivers/spi/spi.c
> > alloc_netdev_mqs in net/core/dev.c
Can you include the specific replacement you're thinking for these? It's
almost clear to me, but I'm trying to understand the benefit over what's
already there.
>
> ...
>
> > +#define opaque_struct_size(p, a, s) size_add(ALIGN(sizeof(*(p)), (a)), (s))
>
> This actually might need something like __safe_aling() which takes care about
> possible overflow.
>
> Whatever, I want to hear Kees on this.
i.e. if "a" were huge? What would sanity-checking of "a" look like in
this case? I'm not really sure how to handle a pathological alignment
request, but I'd agree it'd be nice to handle it. :)
-Kees
--
Kees Cook
next prev parent reply other threads:[~2023-07-27 18:16 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-24 11:02 [PATCH v3 0/4] iio: core: A few code cleanups and documentation fixes Andy Shevchenko
2023-07-24 11:02 ` [PATCH v3 1/4] iio: core: Use sysfs_match_string() helper Andy Shevchenko
2023-07-29 11:37 ` Jonathan Cameron
2023-07-24 11:02 ` [PATCH v3 2/4] iio: core: Add opaque_struct_size() helper and use it Andy Shevchenko
2023-07-24 11:11 ` Andy Shevchenko
2023-07-27 18:16 ` Kees Cook [this message]
2023-07-29 11:46 ` Jonathan Cameron
2023-07-31 20:01 ` Andy Shevchenko
2023-08-01 16:45 ` Jonathan Cameron
2023-07-24 11:02 ` [PATCH v3 3/4] iio: core: Switch to krealloc_array() Andy Shevchenko
2023-07-29 11:48 ` Jonathan Cameron
2023-07-24 11:02 ` [PATCH v3 4/4] iio: core: Fix issues and style of the comments Andy Shevchenko
2023-07-29 11:49 ` Jonathan Cameron
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202307271114.2B9B07C@keescook \
--to=keescook@chromium.org \
--cc=andriy.shevchenko@linux.intel.com \
--cc=jic23@kernel.org \
--cc=lars@metafoo.de \
--cc=linux-iio@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nuno.sa@analog.com \
--cc=u.kleine-koenig@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.