[1/2] VMCI: Remove handle_arr_calc_size()
Commit Message
Use struct_size() instead of handle_arr_calc_size().
This is much more conventionnal.
Suggested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
---
drivers/misc/vmw_vmci/vmci_handle_array.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
Comments
On Fri, Dec 08, 2023 at 09:46:09PM +0100, Christophe JAILLET wrote:
> Use struct_size() instead of handle_arr_calc_size().
> This is much more conventionnal.
>
> Suggested-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Looks good. And since capacity in u32, there's no need for size_add().
Reviewed-by: Kees Cook <keescook@chromium.org>
Le 08/12/2023 à 21:59, Kees Cook a écrit :
> On Fri, Dec 08, 2023 at 09:46:09PM +0100, Christophe JAILLET wrote:
>> Use struct_size() instead of handle_arr_calc_size().
>> This is much more conventionnal.
>>
>> Suggested-by: Kees Cook <keescook@chromium.org>
>> Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
>
> Looks good. And since capacity in u32, there's no need for size_add().
Hmm,
isn't u32 + u32 --> u32, so can overflow?
If I understand correctly, the type promotion to size_t will occur after
the addition.
So size_add() looks needed, or I missed something?
CJ
>
> Reviewed-by: Kees Cook <keescook@chromium.org>
>
On Fri, Dec 08, 2023 at 10:14:35PM +0100, Christophe JAILLET wrote:
> Le 08/12/2023 à 21:59, Kees Cook a écrit :
> > On Fri, Dec 08, 2023 at 09:46:09PM +0100, Christophe JAILLET wrote:
> > > Use struct_size() instead of handle_arr_calc_size().
> > > This is much more conventionnal.
> > >
> > > Suggested-by: Kees Cook <keescook@chromium.org>
> > > Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
> >
> > Looks good. And since capacity in u32, there's no need for size_add().
>
> Hmm,
>
> isn't u32 + u32 --> u32, so can overflow?
> If I understand correctly, the type promotion to size_t will occur after the
> addition.
Oh lovely, I thought the promotion was first. Ugh.
> So size_add() looks needed, or I missed something?
Yeah, and I'm also to stuck in pretending 32-bit systems don't exist.
So, yes, please include size_add()...
-Kees
>
> CJ
>
> >
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> >
>
@@ -8,12 +8,6 @@
#include <linux/slab.h>
#include "vmci_handle_array.h"
-static size_t handle_arr_calc_size(u32 capacity)
-{
- return VMCI_HANDLE_ARRAY_HEADER_SIZE +
- capacity * sizeof(struct vmci_handle);
-}
-
struct vmci_handle_arr *vmci_handle_arr_create(u32 capacity, u32 max_capacity)
{
struct vmci_handle_arr *array;
@@ -25,7 +19,7 @@ struct vmci_handle_arr *vmci_handle_arr_create(u32 capacity, u32 max_capacity)
capacity = min((u32)VMCI_HANDLE_ARRAY_DEFAULT_CAPACITY,
max_capacity);
- array = kmalloc(handle_arr_calc_size(capacity), GFP_ATOMIC);
+ array = kmalloc(struct_size(array, entries, capacity), GFP_ATOMIC);
if (!array)
return NULL;
@@ -51,8 +45,8 @@ int vmci_handle_arr_append_entry(struct vmci_handle_arr **array_ptr,
struct vmci_handle_arr *new_array;
u32 capacity_bump = min(array->max_capacity - array->capacity,
array->capacity);
- size_t new_size = handle_arr_calc_size(array->capacity +
- capacity_bump);
+ size_t new_size = struct_size(array, entries,
+ array->capacity + capacity_bump);
if (array->size >= array->max_capacity)
return VMCI_ERROR_NO_MEM;