Merge tag 'size_t-saturating-helpers-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull misc hardening updates from Gustavo Silva:
"Replace a few open-coded instances with size_t saturating arithmetic
helpers"

* tag 'size_t-saturating-helpers-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux:
virt: acrn: Prefer array_size and struct_size over open coded arithmetic
afs: Prefer struct_size over open coded arithmetic

Linus Torvalds 3 years ago 62e5873e a3a8b54b

+11 -11

3 changed files

expand all

drivers

virt

acrn

acrn_drv.h

mm.c

afs

security.c

+6 -4

drivers/virt/acrn/acrn_drv.h

··· 48 48 * @reserved: Reserved. 49 49 * @regions_num: The number of vm_memory_region_op. 50 50 * @regions_gpa: Physical address of a vm_memory_region_op array. 51 + * @regions_op: Flexible array of vm_memory_region_op. 51 52 * 52 53 * HC_VM_SET_MEMORY_REGIONS uses this structure to manage EPT mappings of 53 54 * multiple memory regions of a User VM. A &struct vm_memory_region_batch ··· 56 55 * ACRN Hypervisor. 57 56 */ 58 57 struct vm_memory_region_batch { 59 - u16 vmid; 60 - u16 reserved[3]; 61 - u32 regions_num; 62 - u64 regions_gpa; 58 + u16 vmid; 59 + u16 reserved[3]; 60 + u32 regions_num; 61 + u64 regions_gpa; 62 + struct vm_memory_region_op regions_op[]; 63 63 }; 64 64 65 65 /**

+4 -5

drivers/virt/acrn/mm.c

··· 192 192 193 193 /* Get the page number of the map region */ 194 194 nr_pages = memmap->len >> PAGE_SHIFT; 195 - pages = vzalloc(nr_pages * sizeof(struct page *)); 195 + pages = vzalloc(array_size(nr_pages, sizeof(*pages))); 196 196 if (!pages) 197 197 return -ENOMEM; 198 198 ··· 244 244 } 245 245 246 246 /* Prepare the vm_memory_region_batch */ 247 - regions_info = kzalloc(sizeof(*regions_info) + 248 - sizeof(*vm_region) * nr_regions, 249 - GFP_KERNEL); 247 + regions_info = kzalloc(struct_size(regions_info, regions_op, 248 + nr_regions), GFP_KERNEL); 250 249 if (!regions_info) { 251 250 ret = -ENOMEM; 252 251 goto unmap_kernel_map; 253 252 } 254 253 255 254 /* Fill each vm_memory_region_op */ 256 - vm_region = (struct vm_memory_region_op *)(regions_info + 1); 255 + vm_region = regions_info->regions_op; 257 256 regions_info->vmid = vm->vmid; 258 257 regions_info->regions_num = nr_regions; 259 258 regions_info->regions_gpa = virt_to_phys(vm_region);

+1 -2

fs/afs/security.c

··· 219 219 * yet. 220 220 */ 221 221 size++; 222 - new = kzalloc(sizeof(struct afs_permits) + 223 - sizeof(struct afs_permit) * size, GFP_NOFS); 222 + new = kzalloc(struct_size(new, permits, size), GFP_NOFS); 224 223 if (!new) 225 224 goto out_put; 226 225