[PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation
@ 2024-08-28  7:09 Jinjie Ruan
  2024-08-28  7:07 ` Jinjie Ruan
                   ` (5 more replies)
  0 siblings, 6 replies; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:09 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel
  Cc: ruanjinjie

Let the kmemdup_array() take care about multiplication and possible
overflows.

Jinjie Ruan (5):
  nfc: core: Use kmemdup_array() instead of kmemdup() for multiple
    allocation
  netfilter: Use kmemdup_array() instead of kmemdup() for multiple
    allocation
  netfilter: arptables: Use kmemdup_array() instead of kmemdup() for
    multiple allocation
  netfilter: iptables: Use kmemdup_array() instead of kmemdup() for
    multiple allocation
  netfilter: nf_nat: Use kmemdup_array() instead of kmemdup() for
    multiple allocation

 net/bridge/netfilter/ebtables.c | 2 +-
 net/ipv4/netfilter/arp_tables.c | 2 +-
 net/ipv4/netfilter/ip_tables.c  | 2 +-
 net/netfilter/nf_nat_core.c     | 2 +-
 net/nfc/core.c                  | 5 ++---
 5 files changed, 6 insertions(+), 7 deletions(-)

-- 
2.34.1


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
@ 2024-08-28  7:07 ` Jinjie Ruan
  2024-08-28  7:10 ` [PATCH -next 1/5] nfc: core: " Jinjie Ruan
                   ` (4 subsequent siblings)
  5 siblings, 0 replies; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:07 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel

Please ignore this email, didn't notice there was already a patch for this

On 2024/8/28 15:09, Jinjie Ruan wrote:
> Let the kmemdup_array() take care about multiplication and possible
> overflows.
> 
> Jinjie Ruan (5):
>   nfc: core: Use kmemdup_array() instead of kmemdup() for multiple
>     allocation
>   netfilter: Use kmemdup_array() instead of kmemdup() for multiple
>     allocation
>   netfilter: arptables: Use kmemdup_array() instead of kmemdup() for
>     multiple allocation
>   netfilter: iptables: Use kmemdup_array() instead of kmemdup() for
>     multiple allocation
>   netfilter: nf_nat: Use kmemdup_array() instead of kmemdup() for
>     multiple allocation
> 
>  net/bridge/netfilter/ebtables.c | 2 +-
>  net/ipv4/netfilter/arp_tables.c | 2 +-
>  net/ipv4/netfilter/ip_tables.c  | 2 +-
>  net/netfilter/nf_nat_core.c     | 2 +-
>  net/nfc/core.c                  | 5 ++---
>  5 files changed, 6 insertions(+), 7 deletions(-)
> 

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH -next 1/5] nfc: core: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
  2024-08-28  7:07 ` Jinjie Ruan
@ 2024-08-28  7:10 ` Jinjie Ruan
  2024-08-28  7:10 ` [PATCH -next 2/5] netfilter: " Jinjie Ruan
                   ` (3 subsequent siblings)
  5 siblings, 0 replies; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:10 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel
  Cc: ruanjinjie

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
---
 net/nfc/core.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/net/nfc/core.c b/net/nfc/core.c
index e58dc6405054..cbc2f718aece 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -790,9 +790,8 @@ int nfc_targets_found(struct nfc_dev *dev,
 	dev->targets = NULL;
 
 	if (targets) {
-		dev->targets = kmemdup(targets,
-				       n_targets * sizeof(struct nfc_target),
-				       GFP_ATOMIC);
+		dev->targets = kmemdup_array(targets, n_targets,
+					     sizeof(struct nfc_target), GFP_ATOMIC);
 
 		if (!dev->targets) {
 			dev->n_targets = 0;
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [PATCH -next 2/5] netfilter: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
  2024-08-28  7:07 ` Jinjie Ruan
  2024-08-28  7:10 ` [PATCH -next 1/5] nfc: core: " Jinjie Ruan
@ 2024-08-28  7:10 ` Jinjie Ruan
  2024-08-28  7:10 ` [PATCH -next 3/5] netfilter: arptables: " Jinjie Ruan
                   ` (2 subsequent siblings)
  5 siblings, 0 replies; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:10 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel
  Cc: ruanjinjie

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
---
 net/bridge/netfilter/ebtables.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index cbd0e3586c3f..3e67d4aff419 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -1256,7 +1256,7 @@ int ebt_register_table(struct net *net, const struct ebt_table *input_table,
 		goto free_unlock;
 	}
 
-	ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
+	ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
 	if (!ops) {
 		ret = -ENOMEM;
 		if (newinfo->nentries)
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [PATCH -next 3/5] netfilter: arptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
                   ` (2 preceding siblings ...)
  2024-08-28  7:10 ` [PATCH -next 2/5] netfilter: " Jinjie Ruan
@ 2024-08-28  7:10 ` Jinjie Ruan
  2024-08-28  7:10 ` [PATCH -next 4/5] netfilter: iptables: " Jinjie Ruan
  2024-08-28  7:10 ` [PATCH -next 5/5] netfilter: nf_nat: " Jinjie Ruan
  5 siblings, 0 replies; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:10 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel
  Cc: ruanjinjie

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
---
 net/ipv4/netfilter/arp_tables.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 14365b20f1c5..4493a785c1ea 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -1547,7 +1547,7 @@ int arpt_register_table(struct net *net,
 		goto out_free;
 	}
 
-	ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
+	ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
 	if (!ops) {
 		ret = -ENOMEM;
 		goto out_free;
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
                   ` (3 preceding siblings ...)
  2024-08-28  7:10 ` [PATCH -next 3/5] netfilter: arptables: " Jinjie Ruan
@ 2024-08-28  7:10 ` Jinjie Ruan
  2024-08-28  8:42   ` Pablo Neira Ayuso
  2024-08-28  7:10 ` [PATCH -next 5/5] netfilter: nf_nat: " Jinjie Ruan
  5 siblings, 1 reply; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:10 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel
  Cc: ruanjinjie

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
---
 net/ipv4/netfilter/ip_tables.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index fe89a056eb06..096bfef472b1 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1767,7 +1767,7 @@ int ipt_register_table(struct net *net, const struct xt_table *table,
 		goto out_free;
 	}
 
-	ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
+	ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
 	if (!ops) {
 		ret = -ENOMEM;
 		goto out_free;
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* Re: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:10 ` [PATCH -next 4/5] netfilter: iptables: " Jinjie Ruan
@ 2024-08-28  8:42   ` Pablo Neira Ayuso
  2024-08-28 14:51     ` Pablo Neira Ayuso
  0 siblings, 1 reply; 9+ messages in thread
From: Pablo Neira Ayuso @ 2024-08-28  8:42 UTC (permalink / raw)
  To: Jinjie Ruan
  Cc: kadlec, roopa, razor, davem, edumazet, kuba, pabeni, dsahern,
	krzk, netfilter-devel, coreteam, bridge, netdev, linux-kernel

On Wed, Aug 28, 2024 at 03:10:03PM +0800, Jinjie Ruan wrote:
> Let the kmemdup_array() take care about multiplication and possible
> overflows.

No patch for net/ipv6/netfilter/ip6_tables.c?

We have yet another code copy & paste there.

BTW, could you collapse all these patches for netfilter in one single
patch?

Thanks.

> Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
> ---
>  net/ipv4/netfilter/ip_tables.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
> index fe89a056eb06..096bfef472b1 100644
> --- a/net/ipv4/netfilter/ip_tables.c
> +++ b/net/ipv4/netfilter/ip_tables.c
> @@ -1767,7 +1767,7 @@ int ipt_register_table(struct net *net, const struct xt_table *table,
>  		goto out_free;
>  	}
>  
> -	ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
> +	ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
>  	if (!ops) {
>  		ret = -ENOMEM;
>  		goto out_free;
> -- 
> 2.34.1
> 
> 

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  8:42   ` Pablo Neira Ayuso
@ 2024-08-28 14:51     ` Pablo Neira Ayuso
  0 siblings, 0 replies; 9+ messages in thread
From: Pablo Neira Ayuso @ 2024-08-28 14:51 UTC (permalink / raw)
  To: Jinjie Ruan
  Cc: kadlec, roopa, razor, davem, edumazet, kuba, pabeni, dsahern,
	krzk, netfilter-devel, coreteam, bridge, netdev, linux-kernel

On Wed, Aug 28, 2024 at 10:42:12AM +0200, Pablo Neira Ayuso wrote:
> On Wed, Aug 28, 2024 at 03:10:03PM +0800, Jinjie Ruan wrote:
> > Let the kmemdup_array() take care about multiplication and possible
> > overflows.
> 
> No patch for net/ipv6/netfilter/ip6_tables.c?
> 
> We have yet another code copy & paste there.
> 
> BTW, could you collapse all these patches for netfilter in one single
> patch?

BTW, someone else seems to have made the same patch:

https://patchwork.ozlabs.org/project/netfilter-devel/patch/20240826034136.1791485-1-yanzhen@vivo.com/

it is already sitting in the queue.

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH -next 5/5] netfilter: nf_nat: Use kmemdup_array() instead of kmemdup() for multiple allocation
  2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
                   ` (4 preceding siblings ...)
  2024-08-28  7:10 ` [PATCH -next 4/5] netfilter: iptables: " Jinjie Ruan
@ 2024-08-28  7:10 ` Jinjie Ruan
  5 siblings, 0 replies; 9+ messages in thread
From: Jinjie Ruan @ 2024-08-28  7:10 UTC (permalink / raw)
  To: pablo, kadlec, roopa, razor, davem, edumazet, kuba, pabeni,
	dsahern, krzk, netfilter-devel, coreteam, bridge, netdev,
	linux-kernel
  Cc: ruanjinjie

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
---
 net/netfilter/nf_nat_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 016c816d91cb..6d8da6dddf99 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -1104,7 +1104,7 @@ int nf_nat_register_fn(struct net *net, u8 pf, const struct nf_hook_ops *ops,
 	if (!nat_proto_net->nat_hook_ops) {
 		WARN_ON(nat_proto_net->users != 0);
 
-		nat_ops = kmemdup(orig_nat_ops, sizeof(*orig_nat_ops) * ops_count, GFP_KERNEL);
+		nat_ops = kmemdup_array(orig_nat_ops, ops_count, sizeof(*orig_nat_ops), GFP_KERNEL);
 		if (!nat_ops) {
 			mutex_unlock(&nf_nat_proto_mutex);
 			return -ENOMEM;
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2024-08-28 14:51 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-08-28  7:09 [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation Jinjie Ruan
2024-08-28  7:07 ` Jinjie Ruan
2024-08-28  7:10 ` [PATCH -next 1/5] nfc: core: " Jinjie Ruan
2024-08-28  7:10 ` [PATCH -next 2/5] netfilter: " Jinjie Ruan
2024-08-28  7:10 ` [PATCH -next 3/5] netfilter: arptables: " Jinjie Ruan
2024-08-28  7:10 ` [PATCH -next 4/5] netfilter: iptables: " Jinjie Ruan
2024-08-28  8:42   ` Pablo Neira Ayuso
2024-08-28 14:51     ` Pablo Neira Ayuso
2024-08-28  7:10 ` [PATCH -next 5/5] netfilter: nf_nat: " Jinjie Ruan

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).