* [PATCH v2 01/24] lib/test_vmalloc.c: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 02/24] octeon_ep: " Julia Lawall
` (25 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: linux-kernel; +Cc: kernel-janitors, keescook, christophe.jaillet, kuba
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
lib/test_vmalloc.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff -u -p a/lib/test_vmalloc.c b/lib/test_vmalloc.c
--- a/lib/test_vmalloc.c
+++ b/lib/test_vmalloc.c
@@ -156,7 +156,7 @@ static int random_size_alloc_test(void)
for (i = 0; i < test_loop_count; i++) {
n = get_random_u32_inclusive(1, 100);
- p = vmalloc(n * PAGE_SIZE);
+ p = vmalloc_array(n, PAGE_SIZE);
if (!p)
return -1;
@@ -221,11 +221,11 @@ static int full_fit_alloc_test(void)
junk_length = fls(num_online_cpus());
junk_length *= (32 * 1024 * 1024 / PAGE_SIZE);
- ptr = vmalloc(sizeof(void *) * junk_length);
+ ptr = vmalloc_array(junk_length, sizeof(void *));
if (!ptr)
return rv;
- junk_ptr = vmalloc(sizeof(void *) * junk_length);
+ junk_ptr = vmalloc_array(junk_length, sizeof(void *));
if (!junk_ptr) {
vfree(ptr);
return rv;
@@ -271,7 +271,8 @@ static int fix_size_alloc_test(void)
if (use_huge)
ptr = vmalloc_huge((nr_pages > 0 ? nr_pages:1) * PAGE_SIZE, GFP_KERNEL);
else
- ptr = vmalloc((nr_pages > 0 ? nr_pages:1) * PAGE_SIZE);
+ ptr = vmalloc_array(nr_pages > 0 ? nr_pages : 1,
+ PAGE_SIZE);
if (!ptr)
return -1;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 02/24] octeon_ep: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
2023-06-27 14:43 ` [PATCH v2 01/24] lib/test_vmalloc.c: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 03/24] drm/gud: " Julia Lawall
` (24 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Veerasenareddy Burru
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Abhijit Ayarekar, David S. Miller, Eric Dumazet, Paolo Abeni,
netdev, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/net/ethernet/marvell/octeon_ep/octep_rx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/net/ethernet/marvell/octeon_ep/octep_rx.c b/drivers/net/ethernet/marvell/octeon_ep/octep_rx.c
--- a/drivers/net/ethernet/marvell/octeon_ep/octep_rx.c
+++ b/drivers/net/ethernet/marvell/octeon_ep/octep_rx.c
@@ -158,7 +158,7 @@ static int octep_setup_oq(struct octep_d
goto desc_dma_alloc_err;
}
- oq->buff_info = vzalloc(oq->max_count * OCTEP_OQ_RECVBUF_SIZE);
+ oq->buff_info = vcalloc(oq->max_count, OCTEP_OQ_RECVBUF_SIZE);
if (unlikely(!oq->buff_info)) {
dev_err(&oct->pdev->dev,
"Failed to allocate buffer info for OQ-%d\n", q_no);
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 03/24] drm/gud: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
2023-06-27 14:43 ` [PATCH v2 01/24] lib/test_vmalloc.c: " Julia Lawall
2023-06-27 14:43 ` [PATCH v2 02/24] octeon_ep: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-07-03 12:23 ` Thomas Zimmermann
2023-07-04 10:41 ` Noralf Trønnes
2023-06-27 14:43 ` [PATCH v2 04/24] gve: " Julia Lawall
` (23 subsequent siblings)
26 siblings, 2 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Noralf Trønnes
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, David Airlie,
Daniel Vetter, dri-devel, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/gpu/drm/gud/gud_pipe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/gpu/drm/gud/gud_pipe.c b/drivers/gpu/drm/gud/gud_pipe.c
--- a/drivers/gpu/drm/gud/gud_pipe.c
+++ b/drivers/gpu/drm/gud/gud_pipe.c
@@ -390,7 +390,7 @@ static int gud_fb_queue_damage(struct gu
mutex_lock(&gdrm->damage_lock);
if (!gdrm->shadow_buf) {
- gdrm->shadow_buf = vzalloc(fb->pitches[0] * fb->height);
+ gdrm->shadow_buf = vcalloc(fb->pitches[0], fb->height);
if (!gdrm->shadow_buf) {
mutex_unlock(&gdrm->damage_lock);
return -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 03/24] drm/gud: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 03/24] drm/gud: " Julia Lawall
@ 2023-07-03 12:23 ` Thomas Zimmermann
2023-07-04 10:41 ` Noralf Trønnes
1 sibling, 0 replies; 38+ messages in thread
From: Thomas Zimmermann @ 2023-07-03 12:23 UTC (permalink / raw)
To: Julia Lawall, Noralf Trønnes
Cc: keescook, kernel-janitors, linux-kernel, dri-devel,
christophe.jaillet, kuba
[-- Attachment #1.1: Type: text/plain, Size: 2197 bytes --]
Am 27.06.23 um 16:43 schrieb Julia Lawall:
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>
>
> ---
> v2: Use vmalloc_array and vcalloc instead of array_size.
> This also leaves a multiplication of a constant by a sizeof
> as is. Two patches are thus dropped from the series.
>
> drivers/gpu/drm/gud/gud_pipe.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -u -p a/drivers/gpu/drm/gud/gud_pipe.c b/drivers/gpu/drm/gud/gud_pipe.c
> --- a/drivers/gpu/drm/gud/gud_pipe.c
> +++ b/drivers/gpu/drm/gud/gud_pipe.c
> @@ -390,7 +390,7 @@ static int gud_fb_queue_damage(struct gu
> mutex_lock(&gdrm->damage_lock);
>
> if (!gdrm->shadow_buf) {
> - gdrm->shadow_buf = vzalloc(fb->pitches[0] * fb->height);
> + gdrm->shadow_buf = vcalloc(fb->pitches[0], fb->height);
> if (!gdrm->shadow_buf) {
> mutex_unlock(&gdrm->damage_lock);
> return -ENOMEM;
>
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 03/24] drm/gud: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 03/24] drm/gud: " Julia Lawall
2023-07-03 12:23 ` Thomas Zimmermann
@ 2023-07-04 10:41 ` Noralf Trønnes
1 sibling, 0 replies; 38+ messages in thread
From: Noralf Trønnes @ 2023-07-04 10:41 UTC (permalink / raw)
To: Julia Lawall
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, David Airlie,
Daniel Vetter, dri-devel, linux-kernel, noralf
On 6/27/23 16:43, Julia Lawall wrote:
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
>
> ---
Thanks, applied to drm-misc-next.
Noralf.
> v2: Use vmalloc_array and vcalloc instead of array_size.
> This also leaves a multiplication of a constant by a sizeof
> as is. Two patches are thus dropped from the series.
>
> drivers/gpu/drm/gud/gud_pipe.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -u -p a/drivers/gpu/drm/gud/gud_pipe.c b/drivers/gpu/drm/gud/gud_pipe.c
> --- a/drivers/gpu/drm/gud/gud_pipe.c
> +++ b/drivers/gpu/drm/gud/gud_pipe.c
> @@ -390,7 +390,7 @@ static int gud_fb_queue_damage(struct gu
> mutex_lock(&gdrm->damage_lock);
>
> if (!gdrm->shadow_buf) {
> - gdrm->shadow_buf = vzalloc(fb->pitches[0] * fb->height);
> + gdrm->shadow_buf = vcalloc(fb->pitches[0], fb->height);
> if (!gdrm->shadow_buf) {
> mutex_unlock(&gdrm->damage_lock);
> return -ENOMEM;
>
^ permalink raw reply [flat|nested] 38+ messages in thread
* [PATCH v2 04/24] gve: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (2 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 03/24] drm/gud: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 05/24] RDMA/erdma: " Julia Lawall
` (22 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Jeroen de Borst
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Praveen Kaligineedi, Shailend Chand, David S. Miller,
Eric Dumazet, Paolo Abeni, netdev, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/net/ethernet/google/gve/gve_tx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/net/ethernet/google/gve/gve_tx.c b/drivers/net/ethernet/google/gve/gve_tx.c
--- a/drivers/net/ethernet/google/gve/gve_tx.c
+++ b/drivers/net/ethernet/google/gve/gve_tx.c
@@ -248,7 +248,7 @@ static int gve_tx_alloc_ring(struct gve_
tx->mask = slots - 1;
/* alloc metadata */
- tx->info = vzalloc(sizeof(*tx->info) * slots);
+ tx->info = vcalloc(slots, sizeof(*tx->info));
if (!tx->info)
return -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 05/24] RDMA/erdma: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (3 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 04/24] gve: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-07-21 18:56 ` Jason Gunthorpe
2023-06-27 14:43 ` [PATCH v2 06/24] dma-buf: system_heap: " Julia Lawall
` (21 subsequent siblings)
26 siblings, 1 reply; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Cheng Xu
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, Kai Shen,
Jason Gunthorpe, Leon Romanovsky, linux-rdma, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/infiniband/hw/erdma/erdma_verbs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/infiniband/hw/erdma/erdma_verbs.c b/drivers/infiniband/hw/erdma/erdma_verbs.c
--- a/drivers/infiniband/hw/erdma/erdma_verbs.c
+++ b/drivers/infiniband/hw/erdma/erdma_verbs.c
@@ -481,8 +481,8 @@ static int init_kernel_qp(struct erdma_d
dev->func_bar + (ERDMA_SDB_SHARED_PAGE_INDEX << PAGE_SHIFT);
kqp->hw_rq_db = dev->func_bar + ERDMA_BAR_RQDB_SPACE_OFFSET;
- kqp->swr_tbl = vmalloc(qp->attrs.sq_size * sizeof(u64));
- kqp->rwr_tbl = vmalloc(qp->attrs.rq_size * sizeof(u64));
+ kqp->swr_tbl = vmalloc_array(qp->attrs.sq_size, sizeof(u64));
+ kqp->rwr_tbl = vmalloc_array(qp->attrs.rq_size, sizeof(u64));
if (!kqp->swr_tbl || !kqp->rwr_tbl)
goto err_out;
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 05/24] RDMA/erdma: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 05/24] RDMA/erdma: " Julia Lawall
@ 2023-07-21 18:56 ` Jason Gunthorpe
0 siblings, 0 replies; 38+ messages in thread
From: Jason Gunthorpe @ 2023-07-21 18:56 UTC (permalink / raw)
To: Julia Lawall
Cc: Cheng Xu, kernel-janitors, keescook, christophe.jaillet, kuba,
Kai Shen, Leon Romanovsky, linux-rdma, linux-kernel
On Tue, Jun 27, 2023 at 04:43:20PM +0200, Julia Lawall wrote:
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
> ---
> v2: Use vmalloc_array and vcalloc instead of array_size.
> This also leaves a multiplication of a constant by a sizeof
> as is. Two patches are thus dropped from the series.
>
> drivers/infiniband/hw/erdma/erdma_verbs.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Applied to rdma for-next along with
[v2,19/24] RDMA/bnxt_re: use vmalloc_array and vcalloc
[v2,14/24] RDMA/siw: use vmalloc_array and vcalloc
[v2,05/24] RDMA/erdma: use vmalloc_array and vcalloc
Thanks,
Jason
^ permalink raw reply [flat|nested] 38+ messages in thread
* [PATCH v2 06/24] dma-buf: system_heap: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (4 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 05/24] RDMA/erdma: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 18:52 ` John Stultz
2023-06-27 14:43 ` [PATCH v2 07/24] scsi: fnic: " Julia Lawall
` (20 subsequent siblings)
26 siblings, 1 reply; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Sumit Semwal
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Benjamin Gaignard, Liam Mark, Laura Abbott, Brian Starkey,
John Stultz, Christian König, linux-media, dri-devel,
linaro-mm-sig, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/dma-buf/heaps/system_heap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/dma-buf/heaps/system_heap.c b/drivers/dma-buf/heaps/system_heap.c
--- a/drivers/dma-buf/heaps/system_heap.c
+++ b/drivers/dma-buf/heaps/system_heap.c
@@ -221,7 +221,7 @@ static void *system_heap_do_vmap(struct
{
struct sg_table *table = &buffer->sg_table;
int npages = PAGE_ALIGN(buffer->len) / PAGE_SIZE;
- struct page **pages = vmalloc(sizeof(struct page *) * npages);
+ struct page **pages = vmalloc_array(npages, sizeof(struct page *));
struct page **tmp = pages;
struct sg_page_iter piter;
void *vaddr;
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 06/24] dma-buf: system_heap: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 06/24] dma-buf: system_heap: " Julia Lawall
@ 2023-06-27 18:52 ` John Stultz
0 siblings, 0 replies; 38+ messages in thread
From: John Stultz @ 2023-06-27 18:52 UTC (permalink / raw)
To: Julia Lawall
Cc: Sumit Semwal, kernel-janitors, keescook, christophe.jaillet, kuba,
Benjamin Gaignard, Liam Mark, Laura Abbott, Brian Starkey,
Christian König, linux-media, dri-devel, linaro-mm-sig,
linux-kernel
On Tue, Jun 27, 2023 at 7:44 AM Julia Lawall <Julia.Lawall@inria.fr> wrote:
>
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
>
> ---
> v2: Use vmalloc_array and vcalloc instead of array_size.
> This also leaves a multiplication of a constant by a sizeof
> as is. Two patches are thus dropped from the series.
>
> drivers/dma-buf/heaps/system_heap.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -u -p a/drivers/dma-buf/heaps/system_heap.c b/drivers/dma-buf/heaps/system_heap.c
> --- a/drivers/dma-buf/heaps/system_heap.c
> +++ b/drivers/dma-buf/heaps/system_heap.c
> @@ -221,7 +221,7 @@ static void *system_heap_do_vmap(struct
> {
> struct sg_table *table = &buffer->sg_table;
> int npages = PAGE_ALIGN(buffer->len) / PAGE_SIZE;
> - struct page **pages = vmalloc(sizeof(struct page *) * npages);
> + struct page **pages = vmalloc_array(npages, sizeof(struct page *));
> struct page **tmp = pages;
> struct sg_page_iter piter;
> void *vaddr;
Seems reasonable. Thanks for sending this out!
Acked-by: John Stultz <jstultz@google.com>
thanks
-john
^ permalink raw reply [flat|nested] 38+ messages in thread
* [PATCH v2 07/24] scsi: fnic: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (5 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 06/24] dma-buf: system_heap: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 08/24] virtio-mem: " Julia Lawall
` (19 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Satish Kharat
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Sesidhar Baddela, Karan Tilak Kumar, James E.J. Bottomley,
Martin K. Petersen, linux-scsi, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/scsi/fnic/fnic_trace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/scsi/fnic/fnic_trace.c b/drivers/scsi/fnic/fnic_trace.c
--- a/drivers/scsi/fnic/fnic_trace.c
+++ b/drivers/scsi/fnic/fnic_trace.c
@@ -465,7 +465,7 @@ int fnic_trace_buf_init(void)
fnic_max_trace_entries = (trace_max_pages * PAGE_SIZE)/
FNIC_ENTRY_SIZE_BYTES;
- fnic_trace_buf_p = (unsigned long)vzalloc(trace_max_pages * PAGE_SIZE);
+ fnic_trace_buf_p = (unsigned long)vcalloc(trace_max_pages, PAGE_SIZE);
if (!fnic_trace_buf_p) {
printk(KERN_ERR PFX "Failed to allocate memory "
"for fnic_trace_buf_p\n");
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 08/24] virtio-mem: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (6 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 07/24] scsi: fnic: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 09/24] pds_core: " Julia Lawall
` (18 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: David Hildenbrand
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Michael S. Tsirkin, Jason Wang, Xuan Zhuo, virtualization,
linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/virtio/virtio_mem.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff -u -p a/drivers/virtio/virtio_mem.c b/drivers/virtio/virtio_mem.c
--- a/drivers/virtio/virtio_mem.c
+++ b/drivers/virtio/virtio_mem.c
@@ -399,7 +399,7 @@ static int virtio_mem_bbm_bb_states_prep
if (vm->bbm.bb_states && old_pages == new_pages)
return 0;
- new_array = vzalloc(new_pages * PAGE_SIZE);
+ new_array = vcalloc(new_pages, PAGE_SIZE);
if (!new_array)
return -ENOMEM;
@@ -465,7 +465,7 @@ static int virtio_mem_sbm_mb_states_prep
if (vm->sbm.mb_states && old_pages == new_pages)
return 0;
- new_array = vzalloc(new_pages * PAGE_SIZE);
+ new_array = vcalloc(new_pages, PAGE_SIZE);
if (!new_array)
return -ENOMEM;
@@ -588,7 +588,7 @@ static int virtio_mem_sbm_sb_states_prep
if (vm->sbm.sb_states && old_pages == new_pages)
return 0;
- new_bitmap = vzalloc(new_pages * PAGE_SIZE);
+ new_bitmap = vcalloc(new_pages, PAGE_SIZE);
if (!new_bitmap)
return -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 09/24] pds_core: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (7 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 08/24] virtio-mem: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 10/24] bus: mhi: host: " Julia Lawall
` (17 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Shannon Nelson
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Brett Creeley, David S. Miller, Eric Dumazet, Paolo Abeni, netdev,
linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/net/ethernet/amd/pds_core/core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/net/ethernet/amd/pds_core/core.c b/drivers/net/ethernet/amd/pds_core/core.c
--- a/drivers/net/ethernet/amd/pds_core/core.c
+++ b/drivers/net/ethernet/amd/pds_core/core.c
@@ -196,7 +196,7 @@ int pdsc_qcq_alloc(struct pdsc *pdsc, un
dma_addr_t q_base_pa;
int err;
- qcq->q.info = vzalloc(num_descs * sizeof(*qcq->q.info));
+ qcq->q.info = vcalloc(num_descs, sizeof(*qcq->q.info));
if (!qcq->q.info) {
err = -ENOMEM;
goto err_out;
@@ -219,7 +219,7 @@ int pdsc_qcq_alloc(struct pdsc *pdsc, un
if (err)
goto err_out_free_q_info;
- qcq->cq.info = vzalloc(num_descs * sizeof(*qcq->cq.info));
+ qcq->cq.info = vcalloc(num_descs, sizeof(*qcq->cq.info));
if (!qcq->cq.info) {
err = -ENOMEM;
goto err_out_free_irq;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 10/24] bus: mhi: host: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (8 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 09/24] pds_core: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:48 ` Jeffrey Hugo
2023-07-12 16:48 ` Manivannan Sadhasivam
2023-06-27 14:43 ` [PATCH v2 11/24] ionic: " Julia Lawall
` (16 subsequent siblings)
26 siblings, 2 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Manivannan Sadhasivam
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, mhi,
linux-arm-msm, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/bus/mhi/host/init.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/bus/mhi/host/init.c b/drivers/bus/mhi/host/init.c
--- a/drivers/bus/mhi/host/init.c
+++ b/drivers/bus/mhi/host/init.c
@@ -759,7 +759,7 @@ static int parse_ch_cfg(struct mhi_contr
* so to avoid any memory possible allocation failures, vzalloc is
* used here
*/
- mhi_cntrl->mhi_chan = vzalloc(mhi_cntrl->max_chan *
+ mhi_cntrl->mhi_chan = vcalloc(mhi_cntrl->max_chan,
sizeof(*mhi_cntrl->mhi_chan));
if (!mhi_cntrl->mhi_chan)
return -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 10/24] bus: mhi: host: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 10/24] bus: mhi: host: " Julia Lawall
@ 2023-06-27 14:48 ` Jeffrey Hugo
2023-07-12 16:48 ` Manivannan Sadhasivam
1 sibling, 0 replies; 38+ messages in thread
From: Jeffrey Hugo @ 2023-06-27 14:48 UTC (permalink / raw)
To: Julia Lawall, Manivannan Sadhasivam
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, mhi,
linux-arm-msm, linux-kernel
On 6/27/2023 8:43 AM, Julia Lawall wrote:
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
>
Reviewed-by: Jeffrey Hugo <quic_jhugo@quicinc.com>
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 10/24] bus: mhi: host: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 10/24] bus: mhi: host: " Julia Lawall
2023-06-27 14:48 ` Jeffrey Hugo
@ 2023-07-12 16:48 ` Manivannan Sadhasivam
1 sibling, 0 replies; 38+ messages in thread
From: Manivannan Sadhasivam @ 2023-07-12 16:48 UTC (permalink / raw)
To: Julia Lawall
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, mhi,
linux-arm-msm, linux-kernel
On Tue, Jun 27, 2023 at 04:43:25PM +0200, Julia Lawall wrote:
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Applied to mhi-next!
- Mani
>
> ---
> v2: Use vmalloc_array and vcalloc instead of array_size.
> This also leaves a multiplication of a constant by a sizeof
> as is. Two patches are thus dropped from the series.
>
> drivers/bus/mhi/host/init.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -u -p a/drivers/bus/mhi/host/init.c b/drivers/bus/mhi/host/init.c
> --- a/drivers/bus/mhi/host/init.c
> +++ b/drivers/bus/mhi/host/init.c
> @@ -759,7 +759,7 @@ static int parse_ch_cfg(struct mhi_contr
> * so to avoid any memory possible allocation failures, vzalloc is
> * used here
> */
> - mhi_cntrl->mhi_chan = vzalloc(mhi_cntrl->max_chan *
> + mhi_cntrl->mhi_chan = vcalloc(mhi_cntrl->max_chan,
> sizeof(*mhi_cntrl->mhi_chan));
> if (!mhi_cntrl->mhi_chan)
> return -ENOMEM;
>
--
மணிவண்ணன் சதாசிவம்
^ permalink raw reply [flat|nested] 38+ messages in thread
* [PATCH v2 11/24] ionic: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (9 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 10/24] bus: mhi: host: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 12/24] btrfs: zoned: " Julia Lawall
` (15 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Shannon Nelson
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Brett Creeley, drivers, David S. Miller, Eric Dumazet,
Paolo Abeni, netdev, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/net/ethernet/pensando/ionic/ionic_lif.c b/drivers/net/ethernet/pensando/ionic/ionic_lif.c
--- a/drivers/net/ethernet/pensando/ionic/ionic_lif.c
+++ b/drivers/net/ethernet/pensando/ionic/ionic_lif.c
@@ -561,7 +561,7 @@ static int ionic_qcq_alloc(struct ionic_
new->q.dev = dev;
new->flags = flags;
- new->q.info = vzalloc(num_descs * sizeof(*new->q.info));
+ new->q.info = vcalloc(num_descs, sizeof(*new->q.info));
if (!new->q.info) {
netdev_err(lif->netdev, "Cannot allocate queue info\n");
err = -ENOMEM;
@@ -582,7 +582,7 @@ static int ionic_qcq_alloc(struct ionic_
if (err)
goto err_out;
- new->cq.info = vzalloc(num_descs * sizeof(*new->cq.info));
+ new->cq.info = vcalloc(num_descs, sizeof(*new->cq.info));
if (!new->cq.info) {
netdev_err(lif->netdev, "Cannot allocate completion queue info\n");
err = -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 12/24] btrfs: zoned: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (10 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 11/24] ionic: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 13/24] iommu/tegra: gart: " Julia Lawall
` (14 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Chris Mason
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, Josef Bacik,
David Sterba, linux-btrfs, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
fs/btrfs/zoned.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/fs/btrfs/zoned.c b/fs/btrfs/zoned.c
--- a/fs/btrfs/zoned.c
+++ b/fs/btrfs/zoned.c
@@ -465,8 +465,8 @@ int btrfs_get_dev_zone_info(struct btrfs
* use the cache.
*/
if (populate_cache && bdev_is_zoned(device->bdev)) {
- zone_info->zone_cache = vzalloc(sizeof(struct blk_zone) *
- zone_info->nr_zones);
+ zone_info->zone_cache = vcalloc(zone_info->nr_zones,
+ sizeof(struct blk_zone));
if (!zone_info->zone_cache) {
btrfs_err_in_rcu(device->fs_info,
"zoned: failed to allocate zone cache for %s",
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 13/24] iommu/tegra: gart: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (11 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 12/24] btrfs: zoned: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 14/24] RDMA/siw: " Julia Lawall
` (13 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Thierry Reding
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Krishna Reddy, Joerg Roedel, Will Deacon, Robin Murphy,
Jonathan Hunter, linux-tegra, iommu, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/iommu/tegra-gart.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/iommu/tegra-gart.c b/drivers/iommu/tegra-gart.c
--- a/drivers/iommu/tegra-gart.c
+++ b/drivers/iommu/tegra-gart.c
@@ -348,8 +348,8 @@ struct gart_device *tegra_gart_probe(str
if (err)
goto remove_sysfs;
- gart->savedata = vmalloc(resource_size(res) / GART_PAGE_SIZE *
- sizeof(u32));
+ gart->savedata = vmalloc_array(resource_size(res) / GART_PAGE_SIZE,
+ sizeof(u32));
if (!gart->savedata) {
err = -ENOMEM;
goto unregister_iommu;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 14/24] RDMA/siw: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (12 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 13/24] iommu/tegra: gart: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 15/24] habanalabs: " Julia Lawall
` (12 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Bernard Metzler
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Jason Gunthorpe, Leon Romanovsky, linux-rdma, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/infiniband/sw/siw/siw_qp.c | 4 ++--
drivers/infiniband/sw/siw/siw_verbs.c | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff -u -p a/drivers/infiniband/sw/siw/siw_verbs.c b/drivers/infiniband/sw/siw/siw_verbs.c
--- a/drivers/infiniband/sw/siw/siw_verbs.c
+++ b/drivers/infiniband/sw/siw/siw_verbs.c
@@ -381,7 +381,7 @@ int siw_create_qp(struct ib_qp *ibqp, st
if (udata)
qp->sendq = vmalloc_user(num_sqe * sizeof(struct siw_sqe));
else
- qp->sendq = vzalloc(num_sqe * sizeof(struct siw_sqe));
+ qp->sendq = vcalloc(num_sqe, sizeof(struct siw_sqe));
if (qp->sendq == NULL) {
rv = -ENOMEM;
@@ -414,7 +414,7 @@ int siw_create_qp(struct ib_qp *ibqp, st
qp->recvq =
vmalloc_user(num_rqe * sizeof(struct siw_rqe));
else
- qp->recvq = vzalloc(num_rqe * sizeof(struct siw_rqe));
+ qp->recvq = vcalloc(num_rqe, sizeof(struct siw_rqe));
if (qp->recvq == NULL) {
rv = -ENOMEM;
@@ -1624,7 +1624,7 @@ int siw_create_srq(struct ib_srq *base_s
srq->recvq =
vmalloc_user(srq->num_rqe * sizeof(struct siw_rqe));
else
- srq->recvq = vzalloc(srq->num_rqe * sizeof(struct siw_rqe));
+ srq->recvq = vcalloc(srq->num_rqe, sizeof(struct siw_rqe));
if (srq->recvq == NULL) {
rv = -ENOMEM;
diff -u -p a/drivers/infiniband/sw/siw/siw_qp.c b/drivers/infiniband/sw/siw/siw_qp.c
--- a/drivers/infiniband/sw/siw/siw_qp.c
+++ b/drivers/infiniband/sw/siw/siw_qp.c
@@ -204,7 +204,7 @@ static int siw_qp_readq_init(struct siw_
{
if (irq_size) {
irq_size = roundup_pow_of_two(irq_size);
- qp->irq = vzalloc(irq_size * sizeof(struct siw_sqe));
+ qp->irq = vcalloc(irq_size, sizeof(struct siw_sqe));
if (!qp->irq) {
qp->attrs.irq_size = 0;
return -ENOMEM;
@@ -212,7 +212,7 @@ static int siw_qp_readq_init(struct siw_
}
if (orq_size) {
orq_size = roundup_pow_of_two(orq_size);
- qp->orq = vzalloc(orq_size * sizeof(struct siw_sqe));
+ qp->orq = vcalloc(orq_size, sizeof(struct siw_sqe));
if (!qp->orq) {
qp->attrs.orq_size = 0;
qp->attrs.irq_size = 0;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 15/24] habanalabs: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (13 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 14/24] RDMA/siw: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-07-02 8:01 ` Oded Gabbay
2023-06-27 14:43 ` [PATCH v2 16/24] drm/i915/gvt: " Julia Lawall
` (11 subsequent siblings)
26 siblings, 1 reply; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Oded Gabbay
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, dri-devel,
linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/accel/habanalabs/common/device.c | 3 ++-
drivers/accel/habanalabs/common/state_dump.c | 7 ++++---
2 files changed, 6 insertions(+), 4 deletions(-)
diff -u -p a/drivers/accel/habanalabs/common/device.c b/drivers/accel/habanalabs/common/device.c
--- a/drivers/accel/habanalabs/common/device.c
+++ b/drivers/accel/habanalabs/common/device.c
@@ -2594,7 +2594,8 @@ static void hl_capture_user_mappings(str
*/
vfree(pgf_info->user_mappings);
pgf_info->user_mappings =
- vzalloc(pgf_info->num_of_user_mappings * sizeof(struct hl_user_mapping));
+ vcalloc(pgf_info->num_of_user_mappings,
+ sizeof(struct hl_user_mapping));
if (!pgf_info->user_mappings) {
pgf_info->num_of_user_mappings = 0;
goto finish;
diff -u -p a/drivers/accel/habanalabs/common/state_dump.c b/drivers/accel/habanalabs/common/state_dump.c
--- a/drivers/accel/habanalabs/common/state_dump.c
+++ b/drivers/accel/habanalabs/common/state_dump.c
@@ -272,7 +272,8 @@ static u32 *hl_state_dump_read_sync_obje
base_addr = sds->props[SP_SYNC_OBJ_BASE_ADDR] +
sds->props[SP_NEXT_SYNC_OBJ_ADDR] * index;
- sync_objects = vmalloc(sds->props[SP_SYNC_OBJ_AMOUNT] * sizeof(u32));
+ sync_objects = vmalloc_array(sds->props[SP_SYNC_OBJ_AMOUNT],
+ sizeof(u32));
if (!sync_objects)
return NULL;
@@ -453,8 +454,8 @@ hl_state_dump_alloc_read_sm_block_monito
s64 base_addr; /* Base addr can be negative */
int i;
- monitors = vmalloc(sds->props[SP_MONITORS_AMOUNT] *
- sizeof(struct hl_mon_state_dump));
+ monitors = vmalloc_array(sds->props[SP_MONITORS_AMOUNT],
+ sizeof(struct hl_mon_state_dump));
if (!monitors)
return NULL;
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 15/24] habanalabs: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 15/24] habanalabs: " Julia Lawall
@ 2023-07-02 8:01 ` Oded Gabbay
0 siblings, 0 replies; 38+ messages in thread
From: Oded Gabbay @ 2023-07-02 8:01 UTC (permalink / raw)
To: Julia Lawall
Cc: keescook, kernel-janitors, linux-kernel, dri-devel,
christophe.jaillet, kuba
On Tue, Jun 27, 2023 at 5:44 PM Julia Lawall <Julia.Lawall@inria.fr> wrote:
>
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
>
> The changes were done using the following Coccinelle
> semantic patch:
>
> // <smpl>
> @initialize:ocaml@
> @@
>
> let rename alloc =
> match alloc with
> "vmalloc" -> "vmalloc_array"
> | "vzalloc" -> "vcalloc"
> | _ -> failwith "unknown"
>
> @@
> size_t e1,e2;
> constant C1, C2;
> expression E1, E2, COUNT, x1, x2, x3;
> typedef u8;
> typedef __u8;
> type t = {u8,__u8,char,unsigned char};
> identifier alloc = {vmalloc,vzalloc};
> fresh identifier realloc = script:ocaml(alloc) { rename alloc };
> @@
>
> (
> alloc(x1*x2*x3)
> |
> alloc(C1 * C2)
> |
> alloc((sizeof(t)) * (COUNT), ...)
> |
> - alloc((e1) * (e2))
> + realloc(e1, e2)
> |
> - alloc((e1) * (COUNT))
> + realloc(COUNT, e1)
> |
> - alloc((E1) * (E2))
> + realloc(E1, E2)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
>
> ---
> v2: Use vmalloc_array and vcalloc instead of array_size.
> This also leaves a multiplication of a constant by a sizeof
> as is. Two patches are thus dropped from the series.
>
> drivers/accel/habanalabs/common/device.c | 3 ++-
> drivers/accel/habanalabs/common/state_dump.c | 7 ++++---
> 2 files changed, 6 insertions(+), 4 deletions(-)
>
> diff -u -p a/drivers/accel/habanalabs/common/device.c b/drivers/accel/habanalabs/common/device.c
> --- a/drivers/accel/habanalabs/common/device.c
> +++ b/drivers/accel/habanalabs/common/device.c
> @@ -2594,7 +2594,8 @@ static void hl_capture_user_mappings(str
> */
> vfree(pgf_info->user_mappings);
> pgf_info->user_mappings =
> - vzalloc(pgf_info->num_of_user_mappings * sizeof(struct hl_user_mapping));
> + vcalloc(pgf_info->num_of_user_mappings,
> + sizeof(struct hl_user_mapping));
> if (!pgf_info->user_mappings) {
> pgf_info->num_of_user_mappings = 0;
> goto finish;
> diff -u -p a/drivers/accel/habanalabs/common/state_dump.c b/drivers/accel/habanalabs/common/state_dump.c
> --- a/drivers/accel/habanalabs/common/state_dump.c
> +++ b/drivers/accel/habanalabs/common/state_dump.c
> @@ -272,7 +272,8 @@ static u32 *hl_state_dump_read_sync_obje
> base_addr = sds->props[SP_SYNC_OBJ_BASE_ADDR] +
> sds->props[SP_NEXT_SYNC_OBJ_ADDR] * index;
>
> - sync_objects = vmalloc(sds->props[SP_SYNC_OBJ_AMOUNT] * sizeof(u32));
> + sync_objects = vmalloc_array(sds->props[SP_SYNC_OBJ_AMOUNT],
> + sizeof(u32));
> if (!sync_objects)
> return NULL;
>
> @@ -453,8 +454,8 @@ hl_state_dump_alloc_read_sm_block_monito
> s64 base_addr; /* Base addr can be negative */
> int i;
>
> - monitors = vmalloc(sds->props[SP_MONITORS_AMOUNT] *
> - sizeof(struct hl_mon_state_dump));
> + monitors = vmalloc_array(sds->props[SP_MONITORS_AMOUNT],
> + sizeof(struct hl_mon_state_dump));
> if (!monitors)
> return NULL;
>
>
Reviewed-by: Oded Gabbay <ogabbay@kernel.org>
^ permalink raw reply [flat|nested] 38+ messages in thread
* [PATCH v2 16/24] drm/i915/gvt: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (14 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 15/24] habanalabs: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 17/24] kcov: " Julia Lawall
` (10 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Zhenyu Wang
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, Zhi Wang,
Jani Nikula, Joonas Lahtinen, Rodrigo Vivi, Tvrtko Ursulin,
David Airlie, Daniel Vetter, intel-gvt-dev, intel-gfx, dri-devel,
linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/gpu/drm/i915/gvt/gtt.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff -u -p a/drivers/gpu/drm/i915/gvt/gtt.c b/drivers/gpu/drm/i915/gvt/gtt.c
--- a/drivers/gpu/drm/i915/gvt/gtt.c
+++ b/drivers/gpu/drm/i915/gvt/gtt.c
@@ -1969,14 +1969,16 @@ static struct intel_vgpu_mm *intel_vgpu_
return ERR_PTR(-ENOMEM);
}
- mm->ggtt_mm.host_ggtt_aperture = vzalloc((vgpu_aperture_sz(vgpu) >> PAGE_SHIFT) * sizeof(u64));
+ mm->ggtt_mm.host_ggtt_aperture = vcalloc(vgpu_aperture_sz(vgpu) >> PAGE_SHIFT,
+ sizeof(u64));
if (!mm->ggtt_mm.host_ggtt_aperture) {
vfree(mm->ggtt_mm.virtual_ggtt);
vgpu_free_mm(mm);
return ERR_PTR(-ENOMEM);
}
- mm->ggtt_mm.host_ggtt_hidden = vzalloc((vgpu_hidden_sz(vgpu) >> PAGE_SHIFT) * sizeof(u64));
+ mm->ggtt_mm.host_ggtt_hidden = vcalloc(vgpu_hidden_sz(vgpu) >> PAGE_SHIFT,
+ sizeof(u64));
if (!mm->ggtt_mm.host_ggtt_hidden) {
vfree(mm->ggtt_mm.host_ggtt_aperture);
vfree(mm->ggtt_mm.virtual_ggtt);
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 17/24] kcov: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (15 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 16/24] drm/i915/gvt: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 18/24] net: enetc: " Julia Lawall
` (9 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Dmitry Vyukov
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Andrey Konovalov, kasan-dev, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
kernel/kcov.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/kernel/kcov.c b/kernel/kcov.c
--- a/kernel/kcov.c
+++ b/kernel/kcov.c
@@ -901,7 +901,7 @@ void kcov_remote_start(u64 handle)
/* Can only happen when in_task(). */
if (!area) {
local_unlock_irqrestore(&kcov_percpu_data.lock, flags);
- area = vmalloc(size * sizeof(unsigned long));
+ area = vmalloc_array(size, sizeof(unsigned long));
if (!area) {
kcov_put(kcov);
return;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 18/24] net: enetc: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (16 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 17/24] kcov: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 19/24] RDMA/bnxt_re: " Julia Lawall
` (8 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Claudiu Manoil
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Vladimir Oltean, David S. Miller, Eric Dumazet, Paolo Abeni,
netdev, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/net/ethernet/freescale/enetc/enetc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/net/ethernet/freescale/enetc/enetc.c b/drivers/net/ethernet/freescale/enetc/enetc.c
--- a/drivers/net/ethernet/freescale/enetc/enetc.c
+++ b/drivers/net/ethernet/freescale/enetc/enetc.c
@@ -1789,7 +1789,7 @@ static int enetc_alloc_tx_resource(struc
res->bd_count = bd_count;
res->bd_size = sizeof(union enetc_tx_bd);
- res->tx_swbd = vzalloc(bd_count * sizeof(*res->tx_swbd));
+ res->tx_swbd = vcalloc(bd_count, sizeof(*res->tx_swbd));
if (!res->tx_swbd)
return -ENOMEM;
@@ -1877,7 +1877,7 @@ static int enetc_alloc_rx_resource(struc
if (extended)
res->bd_size *= 2;
- res->rx_swbd = vzalloc(bd_count * sizeof(struct enetc_rx_swbd));
+ res->rx_swbd = vcalloc(bd_count, sizeof(struct enetc_rx_swbd));
if (!res->rx_swbd)
return -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 19/24] RDMA/bnxt_re: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (17 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 18/24] net: enetc: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 20/24] comedi: " Julia Lawall
` (7 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Selvin Xavier
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Jason Gunthorpe, Leon Romanovsky, linux-rdma, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/infiniband/hw/bnxt_re/qplib_res.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/infiniband/hw/bnxt_re/qplib_res.c b/drivers/infiniband/hw/bnxt_re/qplib_res.c
--- a/drivers/infiniband/hw/bnxt_re/qplib_res.c
+++ b/drivers/infiniband/hw/bnxt_re/qplib_res.c
@@ -118,11 +118,11 @@ static int __alloc_pbl(struct bnxt_qplib
else
pages = sginfo->npages;
/* page ptr arrays */
- pbl->pg_arr = vmalloc(pages * sizeof(void *));
+ pbl->pg_arr = vmalloc_array(pages, sizeof(void *));
if (!pbl->pg_arr)
return -ENOMEM;
- pbl->pg_map_arr = vmalloc(pages * sizeof(dma_addr_t));
+ pbl->pg_map_arr = vmalloc_array(pages, sizeof(dma_addr_t));
if (!pbl->pg_map_arr) {
vfree(pbl->pg_arr);
pbl->pg_arr = NULL;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 20/24] comedi: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (18 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 19/24] RDMA/bnxt_re: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 21/24] x86/sgx: " Julia Lawall
` (6 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Ian Abbott
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
H Hartley Sweeten, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT))
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. The position of this patch in the series changed
accordingly.
drivers/comedi/comedi_buf.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/comedi/comedi_buf.c b/drivers/comedi/comedi_buf.c
--- a/drivers/comedi/comedi_buf.c
+++ b/drivers/comedi/comedi_buf.c
@@ -89,7 +89,7 @@ comedi_buf_map_alloc(struct comedi_devic
bm->dma_hw_dev = get_device(dev->hw_dev);
}
- bm->page_list = vzalloc(sizeof(*buf) * n_pages);
+ bm->page_list = vcalloc(n_pages, sizeof(*buf));
if (!bm->page_list)
goto err;
@@ -169,7 +169,7 @@ static void __comedi_buf_alloc(struct co
buf = &bm->page_list[0];
async->prealloc_buf = buf->virt_addr;
} else {
- pages = vmalloc(sizeof(struct page *) * n_pages);
+ pages = vmalloc_array(n_pages, sizeof(struct page *));
if (!pages)
return;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 21/24] x86/sgx: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (19 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 20/24] comedi: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:54 ` Dave Hansen
2023-06-27 14:43 ` [PATCH v2 22/24] net: mana: " Julia Lawall
` (5 subsequent siblings)
26 siblings, 1 reply; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, Dave Hansen,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, x86,
H. Peter Anvin, linux-sgx, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
arch/x86/kernel/cpu/sgx/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
--- a/arch/x86/kernel/cpu/sgx/main.c
+++ b/arch/x86/kernel/cpu/sgx/main.c
@@ -628,7 +628,7 @@ static bool __init sgx_setup_epc_section
if (!section->virt_addr)
return false;
- section->pages = vmalloc(nr_pages * sizeof(struct sgx_epc_page));
+ section->pages = vmalloc_array(nr_pages, sizeof(struct sgx_epc_page));
if (!section->pages) {
memunmap(section->virt_addr);
return false;
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 21/24] x86/sgx: use vmalloc_array and vcalloc
2023-06-27 14:43 ` [PATCH v2 21/24] x86/sgx: " Julia Lawall
@ 2023-06-27 14:54 ` Dave Hansen
2023-06-27 15:01 ` Julia Lawall
0 siblings, 1 reply; 38+ messages in thread
From: Dave Hansen @ 2023-06-27 14:54 UTC (permalink / raw)
To: Julia Lawall, Jarkko Sakkinen
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, Dave Hansen,
Thomas Gleixner, Ingo Molnar, Borislav Petkov, x86,
H. Peter Anvin, linux-sgx, linux-kernel
On 6/27/23 07:43, Julia Lawall wrote:
> Use vmalloc_array and vcalloc to protect against
> multiplication overflows.
...
> diff -u -p a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
> --- a/arch/x86/kernel/cpu/sgx/main.c
> +++ b/arch/x86/kernel/cpu/sgx/main.c
> @@ -628,7 +628,7 @@ static bool __init sgx_setup_epc_section
> if (!section->virt_addr)
> return false;
>
> - section->pages = vmalloc(nr_pages * sizeof(struct sgx_epc_page));
> + section->pages = vmalloc_array(nr_pages, sizeof(struct sgx_epc_page));
> if (!section->pages) {
I'm not sure that changelog matches the code.
'nr_pages' here is an 'unsigned long' and The sizeof()==32. In
practice, the multiplication can be done with a shift, and the ulong is
a *LONG* way from overflowing.
I'll accept that, as a general rule, vmalloc_array() is the preferred
form. It's totally possible that someone could copy and paste the
nr_foo*sizeof(struct bar) code over to a place where nr_foo is a more
troublesome type.
But, if that's the true motivation, could we please say that in the
changelog? As it stands, it's a bit silly to be talking about
multiplication overflows, unless I'm missing something totally obvious.
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 21/24] x86/sgx: use vmalloc_array and vcalloc
2023-06-27 14:54 ` Dave Hansen
@ 2023-06-27 15:01 ` Julia Lawall
2023-06-27 15:06 ` Dave Hansen
0 siblings, 1 reply; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 15:01 UTC (permalink / raw)
To: Dave Hansen
Cc: Jarkko Sakkinen, kernel-janitors, keescook, christophe.jaillet,
kuba, Dave Hansen, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
x86, H. Peter Anvin, linux-sgx, linux-kernel
On Tue, 27 Jun 2023, Dave Hansen wrote:
> On 6/27/23 07:43, Julia Lawall wrote:
> > Use vmalloc_array and vcalloc to protect against
> > multiplication overflows.
> ...
> > diff -u -p a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
> > --- a/arch/x86/kernel/cpu/sgx/main.c
> > +++ b/arch/x86/kernel/cpu/sgx/main.c
> > @@ -628,7 +628,7 @@ static bool __init sgx_setup_epc_section
> > if (!section->virt_addr)
> > return false;
> >
> > - section->pages = vmalloc(nr_pages * sizeof(struct sgx_epc_page));
> > + section->pages = vmalloc_array(nr_pages, sizeof(struct sgx_epc_page));
> > if (!section->pages) {
>
> I'm not sure that changelog matches the code.
>
> 'nr_pages' here is an 'unsigned long' and The sizeof()==32. In
> practice, the multiplication can be done with a shift, and the ulong is
> a *LONG* way from overflowing.
>
> I'll accept that, as a general rule, vmalloc_array() is the preferred
> form. It's totally possible that someone could copy and paste the
> nr_foo*sizeof(struct bar) code over to a place where nr_foo is a more
> troublesome type.
>
> But, if that's the true motivation, could we please say that in the
> changelog? As it stands, it's a bit silly to be talking about
> multiplication overflows, unless I'm missing something totally obvious.
If it is certain that no overflow is possible, then perhaps it is fine to
drop the patch? I didn't change cases where both arguments are constants
nor where the result of the sizeof is 1. But I also didn't do a careful
analysis to see if an overflow is possible given the possible values
involved.
Or if it seems better to keep the change, I can also change the log
message.
julia
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 21/24] x86/sgx: use vmalloc_array and vcalloc
2023-06-27 15:01 ` Julia Lawall
@ 2023-06-27 15:06 ` Dave Hansen
0 siblings, 0 replies; 38+ messages in thread
From: Dave Hansen @ 2023-06-27 15:06 UTC (permalink / raw)
To: Julia Lawall
Cc: Jarkko Sakkinen, kernel-janitors, keescook, christophe.jaillet,
kuba, Dave Hansen, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
x86, H. Peter Anvin, linux-sgx, linux-kernel
On 6/27/23 08:01, Julia Lawall wrote:
> If it is certain that no overflow is possible, then perhaps it is fine to
> drop the patch?
It's impossible in practice in this case because the code is 64-bit only
and uses an 'unsigned long'. But, like I said, I can see that same
vmalloc() being copied-and-pasted or moved to a 32-bit system and
theoretically causing problems in rare scenarios.
I'd probably just drop this patch.
^ permalink raw reply [flat|nested] 38+ messages in thread
* [PATCH v2 22/24] net: mana: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (20 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 21/24] x86/sgx: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 23/24] vduse: " Julia Lawall
` (4 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: K. Y. Srinivasan
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
Haiyang Zhang, Wei Liu, Dexuan Cui, David S. Miller, Eric Dumazet,
Paolo Abeni, linux-hyperv, netdev, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/net/ethernet/microsoft/mana/hw_channel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -u -p a/drivers/net/ethernet/microsoft/mana/hw_channel.c b/drivers/net/ethernet/microsoft/mana/hw_channel.c
--- a/drivers/net/ethernet/microsoft/mana/hw_channel.c
+++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c
@@ -627,7 +627,7 @@ static int mana_hwc_establish_channel(st
if (WARN_ON(cq->id >= gc->max_num_cqs))
return -EPROTO;
- gc->cq_table = vzalloc(gc->max_num_cqs * sizeof(struct gdma_queue *));
+ gc->cq_table = vcalloc(gc->max_num_cqs, sizeof(struct gdma_queue *));
if (!gc->cq_table)
return -ENOMEM;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 23/24] vduse: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (21 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 22/24] net: mana: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 14:43 ` [PATCH v2 24/24] scsi: qla2xxx: " Julia Lawall
` (3 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Michael S. Tsirkin
Cc: kernel-janitors, keescook, christophe.jaillet, kuba, Jason Wang,
Xuan Zhuo, virtualization, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT))
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. The position of this patch in the series changed
accordingly.
drivers/vdpa/vdpa_user/iova_domain.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/vdpa/vdpa_user/iova_domain.c b/drivers/vdpa/vdpa_user/iova_domain.c
--- a/drivers/vdpa/vdpa_user/iova_domain.c
+++ b/drivers/vdpa/vdpa_user/iova_domain.c
@@ -571,8 +571,8 @@ vduse_domain_create(unsigned long iova_l
domain->iova_limit = iova_limit;
domain->bounce_size = PAGE_ALIGN(bounce_size);
- domain->bounce_maps = vzalloc(bounce_pfns *
- sizeof(struct vduse_bounce_map));
+ domain->bounce_maps = vcalloc(bounce_pfns,
+ sizeof(struct vduse_bounce_map));
if (!domain->bounce_maps)
goto err_map;
^ permalink raw reply [flat|nested] 38+ messages in thread* [PATCH v2 24/24] scsi: qla2xxx: use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (22 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 23/24] vduse: " Julia Lawall
@ 2023-06-27 14:43 ` Julia Lawall
2023-06-27 16:40 ` [PATCH v2 00/24] " patchwork-bot+netdevbpf
` (2 subsequent siblings)
26 siblings, 0 replies; 38+ messages in thread
From: Julia Lawall @ 2023-06-27 14:43 UTC (permalink / raw)
To: Nilesh Javali
Cc: kernel-janitors, keescook, christophe.jaillet, kuba,
GR-QLogic-Storage-Upstream, James E.J. Bottomley,
Martin K. Petersen, linux-scsi, linux-kernel
Use vmalloc_array and vcalloc to protect against
multiplication overflows.
The changes were done using the following Coccinelle
semantic patch:
// <smpl>
@initialize:ocaml@
@@
let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"
@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@
(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
---
v2: Use vmalloc_array and vcalloc instead of array_size.
This also leaves a multiplication of a constant by a sizeof
as is. Two patches are thus dropped from the series.
drivers/scsi/qla2xxx/qla_init.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff -u -p a/drivers/scsi/qla2xxx/qla_init.c b/drivers/scsi/qla2xxx/qla_init.c
--- a/drivers/scsi/qla2xxx/qla_init.c
+++ b/drivers/scsi/qla2xxx/qla_init.c
@@ -8434,7 +8434,7 @@ qla24xx_load_risc_flash(scsi_qla_host_t
ql_dbg(ql_dbg_init, vha, 0x0163,
"-> fwdt%u template allocate template %#x words...\n",
j, risc_size);
- fwdt->template = vmalloc(risc_size * sizeof(*dcode));
+ fwdt->template = vmalloc_array(risc_size, sizeof(*dcode));
if (!fwdt->template) {
ql_log(ql_log_warn, vha, 0x0164,
"-> fwdt%u failed allocate template.\n", j);
@@ -8689,7 +8689,7 @@ qla24xx_load_risc_blob(scsi_qla_host_t *
ql_dbg(ql_dbg_init, vha, 0x0173,
"-> fwdt%u template allocate template %#x words...\n",
j, risc_size);
- fwdt->template = vmalloc(risc_size * sizeof(*dcode));
+ fwdt->template = vmalloc_array(risc_size, sizeof(*dcode));
if (!fwdt->template) {
ql_log(ql_log_warn, vha, 0x0174,
"-> fwdt%u failed allocate template.\n", j);
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 00/24] use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (23 preceding siblings ...)
2023-06-27 14:43 ` [PATCH v2 24/24] scsi: qla2xxx: " Julia Lawall
@ 2023-06-27 16:40 ` patchwork-bot+netdevbpf
2023-07-06 1:35 ` Martin K. Petersen
2023-07-11 16:31 ` (subset) " Martin K. Petersen
26 siblings, 0 replies; 38+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-06-27 16:40 UTC (permalink / raw)
To: Julia Lawall
Cc: linux-hyperv, kernel-janitors, keescook, christophe.jaillet, kuba,
kasan-dev, andreyknvl, dvyukov, iommu, linux-tegra, robin.murphy,
vdumpa, virtualization, xuanzhuo, linux-scsi, linaro-mm-sig,
linux-media, jstultz, Brian.Starkey, labbott, lmark,
benjamin.gaignard, dri-devel, linux-kernel, netdev, shailend,
linux-rdma, mhi, linux-arm-msm, linux-btrfs, intel-gvt-dev,
intel-gfx, dave.hansen, hpa, linux-sgx
Hello:
This series was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@kernel.org>:
On Tue, 27 Jun 2023 16:43:15 +0200 you wrote:
> The functions vmalloc_array and vcalloc were introduced in
>
> commit a8749a35c399 ("mm: vmalloc: introduce array allocation functions")
>
> but are not used much yet. This series introduces uses of
> these functions, to protect against multiplication overflows.
>
> [...]
Here is the summary with links:
- [v2,02/24] octeon_ep: use vmalloc_array and vcalloc
https://git.kernel.org/netdev/net-next/c/32d462a5c3e5
- [v2,04/24] gve: use vmalloc_array and vcalloc
https://git.kernel.org/netdev/net-next/c/a13de901e8d5
- [v2,09/24] pds_core: use vmalloc_array and vcalloc
https://git.kernel.org/netdev/net-next/c/906a76cc7645
- [v2,11/24] ionic: use vmalloc_array and vcalloc
https://git.kernel.org/netdev/net-next/c/f712c8297e0a
- [v2,18/24] net: enetc: use vmalloc_array and vcalloc
https://git.kernel.org/netdev/net-next/c/fa87c54693ae
- [v2,22/24] net: mana: use vmalloc_array and vcalloc
https://git.kernel.org/netdev/net-next/c/e9c74f8b8a31
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: [PATCH v2 00/24] use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (24 preceding siblings ...)
2023-06-27 16:40 ` [PATCH v2 00/24] " patchwork-bot+netdevbpf
@ 2023-07-06 1:35 ` Martin K. Petersen
2023-07-11 16:31 ` (subset) " Martin K. Petersen
26 siblings, 0 replies; 38+ messages in thread
From: Martin K. Petersen @ 2023-07-06 1:35 UTC (permalink / raw)
To: Julia Lawall
Cc: linux-hyperv, kernel-janitors, keescook, christophe.jaillet, kuba,
kasan-dev, Andrey Konovalov, Dmitry Vyukov, iommu, linux-tegra,
Robin Murphy, Krishna Reddy, virtualization, Xuan Zhuo,
linux-scsi, linaro-mm-sig, linux-media, John Stultz,
Brian Starkey, Laura Abbott, Liam Mark, Benjamin Gaignard,
dri-devel, linux-kernel, netdev, Shailend Chand, linux-rdma, mhi,
linux-arm-msm, linux-btrfs, intel-gvt-dev, intel-gfx, Dave Hansen,
H. Peter Anvin, linux-sgx
Julia,
> The functions vmalloc_array and vcalloc were introduced in
>
> commit a8749a35c399 ("mm: vmalloc: introduce array allocation functions")
>
> but are not used much yet. This series introduces uses of
> these functions, to protect against multiplication overflows.
Applied #7 and #24 to 6.5/scsi-staging, thanks!
--
Martin K. Petersen Oracle Linux Engineering
^ permalink raw reply [flat|nested] 38+ messages in thread* Re: (subset) [PATCH v2 00/24] use vmalloc_array and vcalloc
2023-06-27 14:43 [PATCH v2 00/24] use vmalloc_array and vcalloc Julia Lawall
` (25 preceding siblings ...)
2023-07-06 1:35 ` Martin K. Petersen
@ 2023-07-11 16:31 ` Martin K. Petersen
26 siblings, 0 replies; 38+ messages in thread
From: Martin K. Petersen @ 2023-07-11 16:31 UTC (permalink / raw)
To: linux-hyperv, Julia Lawall
Cc: Martin K . Petersen, kernel-janitors, keescook,
christophe.jaillet, kuba, kasan-dev, Andrey Konovalov,
Dmitry Vyukov, iommu, linux-tegra, Robin Murphy, Krishna Reddy,
virtualization, Xuan Zhuo, linux-scsi, linaro-mm-sig, linux-media,
John Stultz, Brian Starkey, Laura Abbott, Liam Mark,
Benjamin Gaignard, dri-devel, linux-kernel, netdev,
Shailend Chand, linux-rdma, mhi, linux-arm-msm, linux-btrfs,
intel-gvt-dev, intel-gfx, Dave Hansen, H. Peter Anvin, linux-sgx
On Tue, 27 Jun 2023 16:43:15 +0200, Julia Lawall wrote:
> The functions vmalloc_array and vcalloc were introduced in
>
> commit a8749a35c399 ("mm: vmalloc: introduce array allocation functions")
>
> but are not used much yet. This series introduces uses of
> these functions, to protect against multiplication overflows.
>
> [...]
Applied to 6.5/scsi-fixes, thanks!
[07/24] scsi: fnic: use vmalloc_array and vcalloc
https://git.kernel.org/mkp/scsi/c/b34c7dcaf311
[24/24] scsi: qla2xxx: use vmalloc_array and vcalloc
https://git.kernel.org/mkp/scsi/c/04d91b783acf
--
Martin K. Petersen Oracle Linux Engineering
^ permalink raw reply [flat|nested] 38+ messages in thread