[PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[Kees Cook]

In preparation for making the kmalloc family of allocators type aware,
we need to make sure that the returned type from the allocation matches
the type of the variable being assigned. (Before, the allocator would
always return "void *", which can be implicitly cast to any pointer type.)

The assigned type is "struct dac_info *" but the returned type will be
"struct ics5342_info *", which has a larger allocation size. This is
by design, as struct ics5342_info contains struct dac_info as its first
member. Cast the allocation type to match the assignment.

Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Helge Deller <deller@gmx.de>
Cc: Javier Martinez Canillas <javierm@redhat.com>
Cc: Thomas Zimmermann <tzimmermann@suse.de>
Cc: Zheyu Ma <zheyuma97@gmail.com>
Cc: Samuel Thibault <samuel.thibault@ens-lyon.org>
Cc: Jiapeng Chong <jiapeng.chong@linux.alibaba.com>
Cc: <linux-fbdev@vger.kernel.org>
Cc: <dri-devel@lists.freedesktop.org>
---
 drivers/video/fbdev/arkfb.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
index 082501feceb9..7d131e3d159a 100644
--- a/drivers/video/fbdev/arkfb.c
+++ b/drivers/video/fbdev/arkfb.c
@@ -431,7 +431,7 @@ static struct dac_ops ics5342_ops = {
 
 static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
 {
-	struct dac_info *info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
+	struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
 
 	if (! info)
 		return NULL;
-- 
2.34.1

Re: [PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[Helge Deller]

On 4/26/25 08:23, Kees Cook wrote:
> In preparation for making the kmalloc family of allocators type aware,
> we need to make sure that the returned type from the allocation matches
> the type of the variable being assigned. (Before, the allocator would
> always return "void *", which can be implicitly cast to any pointer type.)
> 
> The assigned type is "struct dac_info *" but the returned type will be
> "struct ics5342_info *", which has a larger allocation size. This is
> by design, as struct ics5342_info contains struct dac_info as its first
> member. Cast the allocation type to match the assignment.
> 
> Signed-off-by: Kees Cook <kees@kernel.org>

Thanks Kees!
I applied your patch, but wouldn't this untested patch be cleaner and fulfill the
same purpose to match a kzalloc return type?

diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
index 7d131e3d159a..a57c8a992e11 100644
--- a/drivers/video/fbdev/arkfb.c
+++ b/drivers/video/fbdev/arkfb.c
@@ -431,7 +431,8 @@ static struct dac_ops ics5342_ops = {
  
  static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
  {
-       struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
+       struct ics5342_info *ics_info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
+       struct dac_info *info = &ics_info->dac;
  
         if (! info)


Helge

  ---
> Cc: Helge Deller <deller@gmx.de>
> Cc: Javier Martinez Canillas <javierm@redhat.com>
> Cc: Thomas Zimmermann <tzimmermann@suse.de>
> Cc: Zheyu Ma <zheyuma97@gmail.com>
> Cc: Samuel Thibault <samuel.thibault@ens-lyon.org>
> Cc: Jiapeng Chong <jiapeng.chong@linux.alibaba.com>
> Cc: <linux-fbdev@vger.kernel.org>
> Cc: <dri-devel@lists.freedesktop.org>
> ---
>   drivers/video/fbdev/arkfb.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
> index 082501feceb9..7d131e3d159a 100644
> --- a/drivers/video/fbdev/arkfb.c
> +++ b/drivers/video/fbdev/arkfb.c
> @@ -431,7 +431,7 @@ static struct dac_ops ics5342_ops = {
>   
>   static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
>   {
> -	struct dac_info *info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> +	struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
>   
>   	if (! info)
>   		return NULL;

Re: [PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[Geert Uytterhoeven]

Hi Kees,

On Sat, 26 Apr 2025 at 13:33, Helge Deller <deller@gmx.de> wrote:
> On 4/26/25 08:23, Kees Cook wrote:
> > In preparation for making the kmalloc family of allocators type aware,
> > we need to make sure that the returned type from the allocation matches
> > the type of the variable being assigned. (Before, the allocator would
> > always return "void *", which can be implicitly cast to any pointer type.)
> >
> > The assigned type is "struct dac_info *" but the returned type will be
> > "struct ics5342_info *", which has a larger allocation size. This is
> > by design, as struct ics5342_info contains struct dac_info as its first
> > member. Cast the allocation type to match the assignment.
> >
> > Signed-off-by: Kees Cook <kees@kernel.org>

Thanks for your patch, which is now commit 8d2f0f5bbac87b9d ("fbdev:
arkfb: Cast ics5342_init() allocation type") in fbdev/for-next.

> I applied your patch, but wouldn't this untested patch be cleaner and fulfill the
> same purpose to match a kzalloc return type?
>
> diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
> index 7d131e3d159a..a57c8a992e11 100644
> --- a/drivers/video/fbdev/arkfb.c
> +++ b/drivers/video/fbdev/arkfb.c
> @@ -431,7 +431,8 @@ static struct dac_ops ics5342_ops = {
>
>   static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
>   {
> -       struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> +       struct ics5342_info *ics_info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);

sizeof(*ics_info)?

> +       struct dac_info *info = &ics_info->dac;

Exactly my thought when I noticed this commit.  Adding casts makes
it harder to notice any future discrepancies.

> > --- a/drivers/video/fbdev/arkfb.c
> > +++ b/drivers/video/fbdev/arkfb.c
> > @@ -431,7 +431,7 @@ static struct dac_ops ics5342_ops = {
> >
> >   static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
> >   {
> > -     struct dac_info *info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> > +     struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> >
> >       if (! info)
> >               return NULL;

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Re: [PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[Helge Deller]

On 4/28/25 08:36, Geert Uytterhoeven wrote:
> Hi Kees,
> 
> On Sat, 26 Apr 2025 at 13:33, Helge Deller <deller@gmx.de> wrote:
>> On 4/26/25 08:23, Kees Cook wrote:
>>> In preparation for making the kmalloc family of allocators type aware,
>>> we need to make sure that the returned type from the allocation matches
>>> the type of the variable being assigned. (Before, the allocator would
>>> always return "void *", which can be implicitly cast to any pointer type.)
>>>
>>> The assigned type is "struct dac_info *" but the returned type will be
>>> "struct ics5342_info *", which has a larger allocation size. This is
>>> by design, as struct ics5342_info contains struct dac_info as its first
>>> member. Cast the allocation type to match the assignment.
>>>
>>> Signed-off-by: Kees Cook <kees@kernel.org>
> 
> Thanks for your patch, which is now commit 8d2f0f5bbac87b9d ("fbdev:
> arkfb: Cast ics5342_init() allocation type") in fbdev/for-next.
> 
>> I applied your patch, but wouldn't this untested patch be cleaner and fulfill the
>> same purpose to match a kzalloc return type?
>>
>> diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
>> index 7d131e3d159a..a57c8a992e11 100644
>> --- a/drivers/video/fbdev/arkfb.c
>> +++ b/drivers/video/fbdev/arkfb.c
>> @@ -431,7 +431,8 @@ static struct dac_ops ics5342_ops = {
>>
>>    static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
>>    {
>> -       struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
>> +       struct ics5342_info *ics_info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> 
> sizeof(*ics_info)?
> 
>> +       struct dac_info *info = &ics_info->dac;
> 
> Exactly my thought when I noticed this commit.  Adding casts makes
> it harder to notice any future discrepancies.

I've changed it accordingly.

Helge

Re: [PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[Kees Cook]

On April 29, 2025 1:17:26 PM PDT, Helge Deller <deller@gmx.de> wrote:
>On 4/28/25 08:36, Geert Uytterhoeven wrote:
>> Hi Kees,
>> 
>> On Sat, 26 Apr 2025 at 13:33, Helge Deller <deller@gmx.de> wrote:
>>> On 4/26/25 08:23, Kees Cook wrote:
>>>> In preparation for making the kmalloc family of allocators type aware,
>>>> we need to make sure that the returned type from the allocation matches
>>>> the type of the variable being assigned. (Before, the allocator would
>>>> always return "void *", which can be implicitly cast to any pointer type.)
>>>> 
>>>> The assigned type is "struct dac_info *" but the returned type will be
>>>> "struct ics5342_info *", which has a larger allocation size. This is
>>>> by design, as struct ics5342_info contains struct dac_info as its first
>>>> member. Cast the allocation type to match the assignment.
>>>> 
>>>> Signed-off-by: Kees Cook <kees@kernel.org>
>> 
>> Thanks for your patch, which is now commit 8d2f0f5bbac87b9d ("fbdev:
>> arkfb: Cast ics5342_init() allocation type") in fbdev/for-next.
>> 
>>> I applied your patch, but wouldn't this untested patch be cleaner and fulfill the
>>> same purpose to match a kzalloc return type?
>>> 
>>> diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
>>> index 7d131e3d159a..a57c8a992e11 100644
>>> --- a/drivers/video/fbdev/arkfb.c
>>> +++ b/drivers/video/fbdev/arkfb.c
>>> @@ -431,7 +431,8 @@ static struct dac_ops ics5342_ops = {
>>> 
>>>    static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
>>>    {
>>> -       struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
>>> +       struct ics5342_info *ics_info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
>> 
>> sizeof(*ics_info)?
>> 
>>> +       struct dac_info *info = &ics_info->dac;
>> 
>> Exactly my thought when I noticed this commit.  Adding casts makes
>> it harder to notice any future discrepancies.
>
>I've changed it accordingly.

Thanks! Yeah, that's a much nicer solution.

-- 
Kees Cook

Re: [PATCH] video: fbdev: arkfb: Cast ics5342_init() allocation type

[Geert Uytterhoeven]

Hi Helge,

On Tue, 29 Apr 2025 at 22:17, Helge Deller <deller@gmx.de> wrote:
> On 4/28/25 08:36, Geert Uytterhoeven wrote:
> > On Sat, 26 Apr 2025 at 13:33, Helge Deller <deller@gmx.de> wrote:
> >> On 4/26/25 08:23, Kees Cook wrote:
> >>> In preparation for making the kmalloc family of allocators type aware,
> >>> we need to make sure that the returned type from the allocation matches
> >>> the type of the variable being assigned. (Before, the allocator would
> >>> always return "void *", which can be implicitly cast to any pointer type.)
> >>>
> >>> The assigned type is "struct dac_info *" but the returned type will be
> >>> "struct ics5342_info *", which has a larger allocation size. This is
> >>> by design, as struct ics5342_info contains struct dac_info as its first
> >>> member. Cast the allocation type to match the assignment.
> >>>
> >>> Signed-off-by: Kees Cook <kees@kernel.org>
> >
> > Thanks for your patch, which is now commit 8d2f0f5bbac87b9d ("fbdev:
> > arkfb: Cast ics5342_init() allocation type") in fbdev/for-next.
> >
> >> I applied your patch, but wouldn't this untested patch be cleaner and fulfill the
> >> same purpose to match a kzalloc return type?
> >>
> >> diff --git a/drivers/video/fbdev/arkfb.c b/drivers/video/fbdev/arkfb.c
> >> index 7d131e3d159a..a57c8a992e11 100644
> >> --- a/drivers/video/fbdev/arkfb.c
> >> +++ b/drivers/video/fbdev/arkfb.c
> >> @@ -431,7 +431,8 @@ static struct dac_ops ics5342_ops = {
> >>
> >>    static struct dac_info * ics5342_init(dac_read_regs_t drr, dac_write_regs_t dwr, void *data)
> >>    {
> >> -       struct dac_info *info = (struct dac_info *)kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> >> +       struct ics5342_info *ics_info = kzalloc(sizeof(struct ics5342_info), GFP_KERNEL);
> >
> > sizeof(*ics_info)?
> >
> >> +       struct dac_info *info = &ics_info->dac;
> >
> > Exactly my thought when I noticed this commit.  Adding casts makes
> > it harder to notice any future discrepancies.
>
> I've changed it accordingly.

Thanks, but the one-line summary no longer matches what the commit
is doing...

Commit f1a78a7d7827357c ("fbdev: arkfb: Cast ics5342_init() allocation
type") in fbdev/for-next.

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds