* [PATCH] net: ipv6: xfrm6_state: remove VLA usage
@ 2018-03-09 12:21 Andreas Christoforou
2018-03-09 12:35 ` Steffen Klassert
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Andreas Christoforou @ 2018-03-09 12:21 UTC (permalink / raw)
To: keescook
Cc: kernel-hardening, Andreas Christoforou, Steffen Klassert,
Herbert Xu, David S. Miller, Alexey Kuznetsov, Hideaki YOSHIFUJI,
netdev, linux-kernel
The kernel would like to have all stack VLA usage removed[1].
Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
---
net/ipv6/xfrm6_state.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
index b15075a..45c0d98 100644
--- a/net/ipv6/xfrm6_state.c
+++ b/net/ipv6/xfrm6_state.c
@@ -62,7 +62,12 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
{
int i;
int class[XFRM_MAX_DEPTH];
- int count[maxclass];
+ int *count;
+
+ count = kcalloc(maxclass + 1, sizeof(*count), GFP_KERNEL);
+
+ if (!count)
+ return -ENOMEM;
memset(count, 0, sizeof(count));
@@ -80,6 +85,7 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
src[i] = NULL;
}
+ kfree(count);
return 0;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] net: ipv6: xfrm6_state: remove VLA usage
2018-03-09 12:21 [PATCH] net: ipv6: xfrm6_state: remove VLA usage Andreas Christoforou
@ 2018-03-09 12:35 ` Steffen Klassert
2018-03-09 12:49 ` Mathias Krause
2018-03-09 18:35 ` Sergei Shtylyov
2 siblings, 0 replies; 6+ messages in thread
From: Steffen Klassert @ 2018-03-09 12:35 UTC (permalink / raw)
To: Andreas Christoforou
Cc: keescook, kernel-hardening, Herbert Xu, David S. Miller,
Alexey Kuznetsov, Hideaki YOSHIFUJI, netdev, linux-kernel
On Fri, Mar 09, 2018 at 02:21:46PM +0200, Andreas Christoforou wrote:
> The kernel would like to have all stack VLA usage removed[1].
>
> Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
Can you please explain why you want this change?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] net: ipv6: xfrm6_state: remove VLA usage
2018-03-09 12:21 [PATCH] net: ipv6: xfrm6_state: remove VLA usage Andreas Christoforou
2018-03-09 12:35 ` Steffen Klassert
@ 2018-03-09 12:49 ` Mathias Krause
2018-03-09 13:02 ` Steffen Klassert
2018-03-09 18:35 ` Sergei Shtylyov
2 siblings, 1 reply; 6+ messages in thread
From: Mathias Krause @ 2018-03-09 12:49 UTC (permalink / raw)
To: Andreas Christoforou
Cc: Kees Cook, kernel-hardening, Steffen Klassert, Herbert Xu,
David S. Miller, Alexey Kuznetsov, Hideaki YOSHIFUJI, netdev,
linux-kernel
On 9 March 2018 at 13:21, Andreas Christoforou
<andreaschristofo@gmail.com> wrote:
> The kernel would like to have all stack VLA usage removed[1].
>
> Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
> ---
> net/ipv6/xfrm6_state.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
> index b15075a..45c0d98 100644
> --- a/net/ipv6/xfrm6_state.c
> +++ b/net/ipv6/xfrm6_state.c
> @@ -62,7 +62,12 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
> {
> int i;
> int class[XFRM_MAX_DEPTH];
> - int count[maxclass];
> + int *count;
> +
> + count = kcalloc(maxclass + 1, sizeof(*count), GFP_KERNEL);
> +
> + if (!count)
> + return -ENOMEM;
>
> memset(count, 0, sizeof(count));
>
> @@ -80,6 +85,7 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
> src[i] = NULL;
> }
>
> + kfree(count);
> return 0;
> }
Instead of dynamically allocating and freeing memory here, shouldn't
we just get rid of the maxclass parameter and use XFRM_MAX_DEPTH as
size for the count[] array, too?
Cheers,
Mathias
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] net: ipv6: xfrm6_state: remove VLA usage
2018-03-09 12:49 ` Mathias Krause
@ 2018-03-09 13:02 ` Steffen Klassert
2018-03-09 13:49 ` Andreas Christoforou
0 siblings, 1 reply; 6+ messages in thread
From: Steffen Klassert @ 2018-03-09 13:02 UTC (permalink / raw)
To: Mathias Krause
Cc: Andreas Christoforou, Kees Cook, kernel-hardening, Herbert Xu,
David S. Miller, Alexey Kuznetsov, Hideaki YOSHIFUJI, netdev,
linux-kernel
On Fri, Mar 09, 2018 at 01:49:07PM +0100, Mathias Krause wrote:
> On 9 March 2018 at 13:21, Andreas Christoforou
> <andreaschristofo@gmail.com> wrote:
> > The kernel would like to have all stack VLA usage removed[1].
> >
> > Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
> > ---
> > net/ipv6/xfrm6_state.c | 8 +++++++-
> > 1 file changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
> > index b15075a..45c0d98 100644
> > --- a/net/ipv6/xfrm6_state.c
> > +++ b/net/ipv6/xfrm6_state.c
> > @@ -62,7 +62,12 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
> > {
> > int i;
> > int class[XFRM_MAX_DEPTH];
> > - int count[maxclass];
> > + int *count;
> > +
> > + count = kcalloc(maxclass + 1, sizeof(*count), GFP_KERNEL);
> > +
> > + if (!count)
> > + return -ENOMEM;
> >
> > memset(count, 0, sizeof(count));
> >
> > @@ -80,6 +85,7 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
> > src[i] = NULL;
> > }
> >
> > + kfree(count);
> > return 0;
> > }
>
> Instead of dynamically allocating and freeing memory here, shouldn't
> we just get rid of the maxclass parameter and use XFRM_MAX_DEPTH as
> size for the count[] array, too?
Right, that's the way to go. Aside from that, allocating
with GFP_KERNEL is definitely wrong here.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] net: ipv6: xfrm6_state: remove VLA usage
2018-03-09 13:02 ` Steffen Klassert
@ 2018-03-09 13:49 ` Andreas Christoforou
0 siblings, 0 replies; 6+ messages in thread
From: Andreas Christoforou @ 2018-03-09 13:49 UTC (permalink / raw)
To: Steffen Klassert
Cc: Mathias Krause, Kees Cook, kernel-hardening, Herbert Xu,
David S. Miller, Alexey Kuznetsov, Hideaki YOSHIFUJI, netdev,
linux-kernel
[-- Attachment #1: Type: text/plain, Size: 1646 bytes --]
Right, thank you for your feedback I will create a new patch.
Kind Regards,
Andreas Christoforou
On Mar 9, 2018 15:02, "Steffen Klassert" <steffen.klassert@secunet.com>
wrote:
On Fri, Mar 09, 2018 at 01:49:07PM +0100, Mathias Krause wrote:
> On 9 March 2018 at 13:21, Andreas Christoforou
> <andreaschristofo@gmail.com> wrote:
> > The kernel would like to have all stack VLA usage removed[1].
> >
> > Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
> > ---
> > net/ipv6/xfrm6_state.c | 8 +++++++-
> > 1 file changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
> > index b15075a..45c0d98 100644
> > --- a/net/ipv6/xfrm6_state.c
> > +++ b/net/ipv6/xfrm6_state.c
> > @@ -62,7 +62,12 @@ __xfrm6_sort(void **dst, void **src, int n, int
(*cmp)(void *p), int maxclass)
> > {
> > int i;
> > int class[XFRM_MAX_DEPTH];
> > - int count[maxclass];
> > + int *count;
> > +
> > + count = kcalloc(maxclass + 1, sizeof(*count), GFP_KERNEL);
> > +
> > + if (!count)
> > + return -ENOMEM;
> >
> > memset(count, 0, sizeof(count));
> >
> > @@ -80,6 +85,7 @@ __xfrm6_sort(void **dst, void **src, int n, int
(*cmp)(void *p), int maxclass)
> > src[i] = NULL;
> > }
> >
> > + kfree(count);
> > return 0;
> > }
>
> Instead of dynamically allocating and freeing memory here, shouldn't
> we just get rid of the maxclass parameter and use XFRM_MAX_DEPTH as
> size for the count[] array, too?
Right, that's the way to go. Aside from that, allocating
with GFP_KERNEL is definitely wrong here.
[-- Attachment #2: Type: text/html, Size: 2684 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] net: ipv6: xfrm6_state: remove VLA usage
2018-03-09 12:21 [PATCH] net: ipv6: xfrm6_state: remove VLA usage Andreas Christoforou
2018-03-09 12:35 ` Steffen Klassert
2018-03-09 12:49 ` Mathias Krause
@ 2018-03-09 18:35 ` Sergei Shtylyov
2 siblings, 0 replies; 6+ messages in thread
From: Sergei Shtylyov @ 2018-03-09 18:35 UTC (permalink / raw)
To: Andreas Christoforou, keescook
Cc: kernel-hardening, Steffen Klassert, Herbert Xu, David S. Miller,
Alexey Kuznetsov, Hideaki YOSHIFUJI, netdev, linux-kernel
Hello!
On 03/09/2018 03:21 PM, Andreas Christoforou wrote:
> The kernel would like to have all stack VLA usage removed[1].
>
> Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
> ---
> net/ipv6/xfrm6_state.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
> index b15075a..45c0d98 100644
> --- a/net/ipv6/xfrm6_state.c
> +++ b/net/ipv6/xfrm6_state.c
> @@ -62,7 +62,12 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
> {
> int i;
> int class[XFRM_MAX_DEPTH];
> - int count[maxclass];
> + int *count;
> +
> + count = kcalloc(maxclass + 1, sizeof(*count), GFP_KERNEL);
> +
Empty line not needed here.
> + if (!count)
> + return -ENOMEM;
>
> memset(count, 0, sizeof(count));
>
[...]
MBR, Sergei
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-03-09 18:35 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-03-09 12:21 [PATCH] net: ipv6: xfrm6_state: remove VLA usage Andreas Christoforou
2018-03-09 12:35 ` Steffen Klassert
2018-03-09 12:49 ` Mathias Krause
2018-03-09 13:02 ` Steffen Klassert
2018-03-09 13:49 ` Andreas Christoforou
2018-03-09 18:35 ` Sergei Shtylyov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox