* [PATCH 00/26] use array_size
@ 2023-06-23 21:14 Julia Lawall
2023-06-23 21:14 ` [PATCH 21/26] x86/sgx: " Julia Lawall
0 siblings, 1 reply; 3+ messages in thread
From: Julia Lawall @ 2023-06-23 21:14 UTC (permalink / raw)
To: linux-staging
Cc: keescook, kernel-janitors, Tianshu Qiu, Bingbu Cao, linux-sgx,
H. Peter Anvin, Dave Hansen, kasan-dev, Andrey Konovalov,
Dmitry Vyukov, iommu, linux-tegra, Robin Murphy, Krishna Reddy,
linux-scsi, linux-rdma, dri-devel, linux-kernel, netdev,
Shailend Chand, Benjamin Gaignard, Liam Mark, Laura Abbott,
Brian Starkey, John Stultz, linux-media, linaro-mm-sig, Xuan Zhuo,
virtualization, mhi, linux-arm-msm, linux-btrfs, intel-gvt-dev,
intel-gfx, VMware Graphics Reviewers, linux-hyperv
Use array_size to protect against multiplication overflows.
This follows up on the following patches by Kees Cook from 2018.
42bc47b35320 ("treewide: Use array_size() in vmalloc()")
fad953ce0b22 ("treewide: Use array_size() in vzalloc()")
The changes were done using the following Coccinelle semantic patch,
adapted from the one posted by Kees.
// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
@@
alloc(
- (sizeof(t)) * (COUNT)
+ COUNT
, ...)
// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression COUNT;
size_t e1, e2, e3;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(
- (e1) * (e2) * (e3)
+ array3_size(e1, e2, e3)
,...)
|
alloc(
- (e1) * (e2) * (COUNT)
+ array3_size(COUNT, e1, e2)
,...)
)
// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression STRIDE, COUNT;
size_t e;
identifier alloc = {vmalloc,vzalloc};
@@
alloc(
- (e) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, e)
,...)
// Any remaining multi-factor products, first at least 3-factor products
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2 * C3,...)
|
alloc(
- (E1) * (E2) * (E3)
+ array3_size(E1, E2, E3)
,...)
)
// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
size_t e1,e2;
expression COUNT;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(
- (e1) * (e2)
+ array_size(e1, e2)
,...)
|
alloc(
- (e1) * (COUNT)
+ array_size(COUNT, e1)
,...)
)
// And then all remaining 2 factors products when they're not all constants.
@@
expression E1, E2;
constant C1, C2;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2,...)
|
alloc(
- (E1) * (E2)
+ array_size(E1, E2)
,...)
)
---
arch/x86/kernel/cpu/sgx/main.c | 3 ++-
drivers/accel/habanalabs/common/device.c | 3 ++-
drivers/accel/habanalabs/common/state_dump.c | 6 +++---
drivers/bus/mhi/host/init.c | 4 ++--
drivers/comedi/comedi_buf.c | 4 ++--
drivers/dma-buf/heaps/system_heap.c | 2 +-
drivers/gpu/drm/gud/gud_pipe.c | 2 +-
drivers/gpu/drm/i915/gvt/gtt.c | 6 ++++--
drivers/gpu/drm/vmwgfx/vmwgfx_devcaps.c | 2 +-
drivers/infiniband/hw/bnxt_re/qplib_res.c | 4 ++--
drivers/infiniband/hw/erdma/erdma_verbs.c | 4 ++--
drivers/infiniband/sw/siw/siw_qp.c | 4 ++--
drivers/infiniband/sw/siw/siw_verbs.c | 6 +++---
drivers/iommu/tegra-gart.c | 4 ++--
drivers/net/ethernet/amd/pds_core/core.c | 4 ++--
drivers/net/ethernet/freescale/enetc/enetc.c | 4 ++--
drivers/net/ethernet/google/gve/gve_tx.c | 2 +-
drivers/net/ethernet/marvell/octeon_ep/octep_rx.c | 2 +-
drivers/net/ethernet/microsoft/mana/hw_channel.c | 2 +-
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 4 ++--
drivers/scsi/fnic/fnic_trace.c | 2 +-
drivers/scsi/qla2xxx/qla_init.c | 4 ++--
drivers/staging/media/ipu3/ipu3-mmu.c | 2 +-
drivers/vdpa/vdpa_user/iova_domain.c | 3 +--
drivers/virtio/virtio_mem.c | 6 +++---
fs/btrfs/zoned.c | 5 +++--
kernel/kcov.c | 2 +-
lib/test_vmalloc.c | 12 ++++++------
28 files changed, 56 insertions(+), 52 deletions(-)
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 21/26] x86/sgx: use array_size
2023-06-23 21:14 [PATCH 00/26] use array_size Julia Lawall
@ 2023-06-23 21:14 ` Julia Lawall
2023-07-10 22:02 ` Jarkko Sakkinen
0 siblings, 1 reply; 3+ messages in thread
From: Julia Lawall @ 2023-06-23 21:14 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: keescook, kernel-janitors, Dave Hansen, Thomas Gleixner,
Ingo Molnar, Borislav Petkov, x86, H. Peter Anvin, linux-sgx,
linux-kernel
Use array_size to protect against multiplication overflows.
The changes were done using the following Coccinelle semantic patch:
// <smpl>
@@
expression E1, E2;
constant C1, C2;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2,...)
|
alloc(
- (E1) * (E2)
+ array_size(E1, E2)
,...)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
arch/x86/kernel/cpu/sgx/main.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
index 166692f2d501..3a234942c586 100644
--- a/arch/x86/kernel/cpu/sgx/main.c
+++ b/arch/x86/kernel/cpu/sgx/main.c
@@ -628,7 +628,8 @@ static bool __init sgx_setup_epc_section(u64 phys_addr, u64 size,
if (!section->virt_addr)
return false;
- section->pages = vmalloc(nr_pages * sizeof(struct sgx_epc_page));
+ section->pages = vmalloc(array_size(nr_pages,
+ sizeof(struct sgx_epc_page)));
if (!section->pages) {
memunmap(section->virt_addr);
return false;
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 21/26] x86/sgx: use array_size
2023-06-23 21:14 ` [PATCH 21/26] x86/sgx: " Julia Lawall
@ 2023-07-10 22:02 ` Jarkko Sakkinen
0 siblings, 0 replies; 3+ messages in thread
From: Jarkko Sakkinen @ 2023-07-10 22:02 UTC (permalink / raw)
To: Julia Lawall
Cc: keescook, kernel-janitors, Dave Hansen, Thomas Gleixner,
Ingo Molnar, Borislav Petkov, x86, H. Peter Anvin, linux-sgx,
linux-kernel
On Fri, 2023-06-23 at 23:14 +0200, Julia Lawall wrote:
> Use array_size to protect against multiplication overflows.
>
> The changes were done using the following Coccinelle semantic patch:
>
> // <smpl>
> @@
> expression E1, E2;
> constant C1, C2;
> identifier alloc = {vmalloc,vzalloc};
> @@
>
> (
> alloc(C1 * C2,...)
> >
> alloc(
> - (E1) * (E2)
> + array_size(E1, E2)
> ,...)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
>
> ---
> arch/x86/kernel/cpu/sgx/main.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
> index 166692f2d501..3a234942c586 100644
> --- a/arch/x86/kernel/cpu/sgx/main.c
> +++ b/arch/x86/kernel/cpu/sgx/main.c
> @@ -628,7 +628,8 @@ static bool __init sgx_setup_epc_section(u64 phys_addr, u64 size,
> if (!section->virt_addr)
> return false;
>
> - section->pages = vmalloc(nr_pages * sizeof(struct sgx_epc_page));
> + section->pages = vmalloc(array_size(nr_pages,
> + sizeof(struct sgx_epc_page)));
> if (!section->pages) {
> memunmap(section->virt_addr);
> return false;
>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
BR, Jarkko
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-07-10 22:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-23 21:14 [PATCH 00/26] use array_size Julia Lawall
2023-06-23 21:14 ` [PATCH 21/26] x86/sgx: " Julia Lawall
2023-07-10 22:02 ` Jarkko Sakkinen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox