From: Julia Lawall <Julia.Lawall@inria.fr>
To: linux-staging@lists.linux.dev
Cc: keescook@chromium.org, kernel-janitors@vger.kernel.org,
Tianshu Qiu <tian.shu.qiu@intel.com>,
Bingbu Cao <bingbu.cao@intel.com>,
linux-sgx@vger.kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
kasan-dev@googlegroups.com,
Andrey Konovalov <andreyknvl@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
iommu@lists.linux.dev, linux-tegra@vger.kernel.org,
Robin Murphy <robin.murphy@arm.com>,
Krishna Reddy <vdumpa@nvidia.com>,
linux-scsi@vger.kernel.org, linux-rdma@vger.kernel.org,
dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, Shailend Chand <shailend@google.com>,
Benjamin Gaignard <benjamin.gaignard@collabora.com>,
Liam Mark <lmark@codeaurora.org>,
Laura Abbott <labbott@redhat.com>,
Brian Starkey <Brian.Starkey@arm.com>,
John Stultz <jstultz@google.com>,
linux-media@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
Xuan Zhuo <xuanzhuo@linux.alibaba.com>,
virtualization@lists.linux-foundation.org, mhi@lists.linux.dev,
linux-arm-msm@vger.kernel.org, linux-btrfs@vger.kernel.org,
intel-gvt-dev@lists.freedesktop.org,
intel-gfx@lists.freedesktop.org,
VMware Graphics Reviewers <linux-graphics-maintainer@vmware.com>,
linux-hyperv@vger.kernel.org
Subject: [PATCH 00/26] use array_size
Date: Fri, 23 Jun 2023 23:14:31 +0200 [thread overview]
Message-ID: <20230623211457.102544-1-Julia.Lawall@inria.fr> (raw)
Use array_size to protect against multiplication overflows.
This follows up on the following patches by Kees Cook from 2018.
42bc47b35320 ("treewide: Use array_size() in vmalloc()")
fad953ce0b22 ("treewide: Use array_size() in vzalloc()")
The changes were done using the following Coccinelle semantic patch,
adapted from the one posted by Kees.
// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
@@
alloc(
- (sizeof(t)) * (COUNT)
+ COUNT
, ...)
// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression COUNT;
size_t e1, e2, e3;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(
- (e1) * (e2) * (e3)
+ array3_size(e1, e2, e3)
,...)
|
alloc(
- (e1) * (e2) * (COUNT)
+ array3_size(COUNT, e1, e2)
,...)
)
// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression STRIDE, COUNT;
size_t e;
identifier alloc = {vmalloc,vzalloc};
@@
alloc(
- (e) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, e)
,...)
// Any remaining multi-factor products, first at least 3-factor products
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2 * C3,...)
|
alloc(
- (E1) * (E2) * (E3)
+ array3_size(E1, E2, E3)
,...)
)
// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
size_t e1,e2;
expression COUNT;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(
- (e1) * (e2)
+ array_size(e1, e2)
,...)
|
alloc(
- (e1) * (COUNT)
+ array_size(COUNT, e1)
,...)
)
// And then all remaining 2 factors products when they're not all constants.
@@
expression E1, E2;
constant C1, C2;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2,...)
|
alloc(
- (E1) * (E2)
+ array_size(E1, E2)
,...)
)
---
arch/x86/kernel/cpu/sgx/main.c | 3 ++-
drivers/accel/habanalabs/common/device.c | 3 ++-
drivers/accel/habanalabs/common/state_dump.c | 6 +++---
drivers/bus/mhi/host/init.c | 4 ++--
drivers/comedi/comedi_buf.c | 4 ++--
drivers/dma-buf/heaps/system_heap.c | 2 +-
drivers/gpu/drm/gud/gud_pipe.c | 2 +-
drivers/gpu/drm/i915/gvt/gtt.c | 6 ++++--
drivers/gpu/drm/vmwgfx/vmwgfx_devcaps.c | 2 +-
drivers/infiniband/hw/bnxt_re/qplib_res.c | 4 ++--
drivers/infiniband/hw/erdma/erdma_verbs.c | 4 ++--
drivers/infiniband/sw/siw/siw_qp.c | 4 ++--
drivers/infiniband/sw/siw/siw_verbs.c | 6 +++---
drivers/iommu/tegra-gart.c | 4 ++--
drivers/net/ethernet/amd/pds_core/core.c | 4 ++--
drivers/net/ethernet/freescale/enetc/enetc.c | 4 ++--
drivers/net/ethernet/google/gve/gve_tx.c | 2 +-
drivers/net/ethernet/marvell/octeon_ep/octep_rx.c | 2 +-
drivers/net/ethernet/microsoft/mana/hw_channel.c | 2 +-
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 4 ++--
drivers/scsi/fnic/fnic_trace.c | 2 +-
drivers/scsi/qla2xxx/qla_init.c | 4 ++--
drivers/staging/media/ipu3/ipu3-mmu.c | 2 +-
drivers/vdpa/vdpa_user/iova_domain.c | 3 +--
drivers/virtio/virtio_mem.c | 6 +++---
fs/btrfs/zoned.c | 5 +++--
kernel/kcov.c | 2 +-
lib/test_vmalloc.c | 12 ++++++------
28 files changed, 56 insertions(+), 52 deletions(-)
next reply other threads:[~2023-06-23 21:19 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-23 21:14 Julia Lawall [this message]
2023-06-23 21:14 ` [PATCH 02/26] octeon_ep: use array_size Julia Lawall
2023-06-24 15:46 ` Simon Horman
2023-06-24 22:28 ` Jakub Kicinski
2023-06-25 20:14 ` Christophe JAILLET
2023-06-25 20:25 ` Julia Lawall
2023-06-25 20:32 ` Christophe JAILLET
2023-06-25 20:57 ` Julia Lawall
2023-06-23 21:14 ` [PATCH 04/26] gve: " Julia Lawall
2023-06-24 15:47 ` Simon Horman
2023-06-23 21:14 ` [PATCH 09/26] pds_core: " Julia Lawall
2023-06-24 15:47 ` Simon Horman
2023-06-26 16:02 ` Shannon Nelson
2023-06-23 21:14 ` [PATCH 11/26] ionic: " Julia Lawall
2023-06-24 15:47 ` Simon Horman
2023-06-26 16:03 ` Shannon Nelson
2023-06-23 21:14 ` [PATCH 18/26] net: enetc: " Julia Lawall
2023-06-24 15:48 ` Simon Horman
2023-06-23 21:14 ` [PATCH 22/26] net: mana: " Julia Lawall
2023-06-24 15:48 ` Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230623211457.102544-1-Julia.Lawall@inria.fr \
--to=julia.lawall@inria.fr \
--cc=Brian.Starkey@arm.com \
--cc=andreyknvl@gmail.com \
--cc=benjamin.gaignard@collabora.com \
--cc=bingbu.cao@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=dvyukov@google.com \
--cc=hpa@zytor.com \
--cc=intel-gfx@lists.freedesktop.org \
--cc=intel-gvt-dev@lists.freedesktop.org \
--cc=iommu@lists.linux.dev \
--cc=jstultz@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=keescook@chromium.org \
--cc=kernel-janitors@vger.kernel.org \
--cc=labbott@redhat.com \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-graphics-maintainer@vmware.com \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=linux-staging@lists.linux.dev \
--cc=linux-tegra@vger.kernel.org \
--cc=lmark@codeaurora.org \
--cc=mhi@lists.linux.dev \
--cc=netdev@vger.kernel.org \
--cc=robin.murphy@arm.com \
--cc=shailend@google.com \
--cc=tian.shu.qiu@intel.com \
--cc=vdumpa@nvidia.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=xuanzhuo@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).