* [PATCH v3] keys: Use struct_size and size_add helper with alloc
@ 2022-05-25 1:26 GUO Zihua
2022-05-26 1:06 ` Jarkko Sakkinen
0 siblings, 1 reply; 3+ messages in thread
From: GUO Zihua @ 2022-05-25 1:26 UTC (permalink / raw)
To: linux-integrity; +Cc: zohar, dhowells, jarkko, keyrings, gustavoars
Use struct_size helper for calculating size of flexible struct, following
the best practice.
Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
adding 1 should be fine here.
Link: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
Signed-off-by: GUO Zihua <guozihua@huawei.com>
---
v3:
Update commit message format according to Jarkko's feedback.
v2:
Update the commit message, removing the part about "potential issue"
following Jarkko's suggestion.
---
security/keys/encrypted-keys/encrypted.c | 7 +++++--
security/keys/user_defined.c | 2 +-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index e05cfc2e49ae..37349580e855 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -613,6 +613,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
long dlen;
int i;
int ret;
+ size_t epayload_datalen = 0;
ret = kstrtol(datalen, 10, &dlen);
if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
@@ -667,8 +668,10 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
if (ret < 0)
return ERR_PTR(ret);
- epayload = kzalloc(sizeof(*epayload) + payload_datalen +
- datablob_len + HASH_SIZE + 1, GFP_KERNEL);
+ epayload_datalen = size_add(payload_datalen, datablob_len);
+ epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);
+ epayload = kzalloc(struct_size(epayload, payload_data,
+ epayload_datalen), GFP_KERNEL);
if (!epayload)
return ERR_PTR(-ENOMEM);
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 749e2a4dcb13..334fed36e9f3 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -64,7 +64,7 @@ int user_preparse(struct key_preparsed_payload *prep)
if (datalen <= 0 || datalen > 32767 || !prep->data)
return -EINVAL;
- upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
+ upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
if (!upayload)
return -ENOMEM;
--
2.36.0
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH v3] keys: Use struct_size and size_add helper with alloc
2022-05-25 1:26 [PATCH v3] keys: Use struct_size and size_add helper with alloc GUO Zihua
@ 2022-05-26 1:06 ` Jarkko Sakkinen
2022-05-26 2:16 ` Guozihua (Scott)
0 siblings, 1 reply; 3+ messages in thread
From: Jarkko Sakkinen @ 2022-05-26 1:06 UTC (permalink / raw)
To: GUO Zihua, linux-integrity; +Cc: zohar, dhowells, keyrings, gustavoars
On Wed, 2022-05-25 at 09:26 +0800, GUO Zihua wrote:
> Use struct_size helper for calculating size of flexible struct, following
> the best practice.
>
> Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
~~~~~
> adding 1 should be fine here.
Where? '1' is without a context. I don't really know how to interpret
this sentence.
>
> Link: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
> Signed-off-by: GUO Zihua <guozihua@huawei.com>
>
> ---
>
> v3:
> Update commit message format according to Jarkko's feedback.
> v2:
> Update the commit message, removing the part about "potential issue"
> following Jarkko's suggestion.
>
> ---
> security/keys/encrypted-keys/encrypted.c | 7 +++++--
> security/keys/user_defined.c | 2 +-
> 2 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
> index e05cfc2e49ae..37349580e855 100644
> --- a/security/keys/encrypted-keys/encrypted.c
> +++ b/security/keys/encrypted-keys/encrypted.c
> @@ -613,6 +613,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
> long dlen;
> int i;
> int ret;
> + size_t epayload_datalen = 0;
>
> ret = kstrtol(datalen, 10, &dlen);
> if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
> @@ -667,8 +668,10 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
> if (ret < 0)
> return ERR_PTR(ret);
>
> - epayload = kzalloc(sizeof(*epayload) + payload_datalen +
> - datablob_len + HASH_SIZE + 1, GFP_KERNEL);
> + epayload_datalen = size_add(payload_datalen, datablob_len);
> + epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);
> + epayload = kzalloc(struct_size(epayload, payload_data,
> + epayload_datalen), GFP_KERNEL);
> if (!epayload)
> return ERR_PTR(-ENOMEM);
>
> diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
> index 749e2a4dcb13..334fed36e9f3 100644
> --- a/security/keys/user_defined.c
> +++ b/security/keys/user_defined.c
> @@ -64,7 +64,7 @@ int user_preparse(struct key_preparsed_payload *prep)
> if (datalen <= 0 || datalen > 32767 || !prep->data)
> return -EINVAL;
>
> - upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
> + upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
> if (!upayload)
> return -ENOMEM;
>
BR, Jarkko
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH v3] keys: Use struct_size and size_add helper with alloc
2022-05-26 1:06 ` Jarkko Sakkinen
@ 2022-05-26 2:16 ` Guozihua (Scott)
0 siblings, 0 replies; 3+ messages in thread
From: Guozihua (Scott) @ 2022-05-26 2:16 UTC (permalink / raw)
To: Jarkko Sakkinen, linux-integrity; +Cc: zohar, dhowells, keyrings, gustavoars
On 2022/5/26 9:06, Jarkko Sakkinen wrote:
> On Wed, 2022-05-25 at 09:26 +0800, GUO Zihua wrote:
>> Use struct_size helper for calculating size of flexible struct, following
>> the best practice.
>>
>> Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
> ~~~~~
>
>> adding 1 should be fine here.
>
> Where? '1' is without a context. I don't really know how to interpret
> this sentence.
Hi Jarkko,
The original code computes the size for kzalloc with open-coded
HASH_SIZE + 1. Although the best practice for size computation suggest
that we should be using size_add(). I figure it's a bit redundant here
as the purpose of size_add() is to avoid size overflow and adding 32
with 1 will not trigger a size overflow.
Maybe I should just use size_add() anyway? Please lemme know and I'll
update the patch or the commit message.
>
>>
>> Link: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
>> Signed-off-by: GUO Zihua <guozihua@huawei.com>
>>
>> ---
>>
>> v3:
>> Update commit message format according to Jarkko's feedback.
>> v2:
>> Update the commit message, removing the part about "potential issue"
>> following Jarkko's suggestion.
>>
>> ---
>> security/keys/encrypted-keys/encrypted.c | 7 +++++--
>> security/keys/user_defined.c | 2 +-
>> 2 files changed, 6 insertions(+), 3 deletions(-)
>>
>> diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
>> index e05cfc2e49ae..37349580e855 100644
>> --- a/security/keys/encrypted-keys/encrypted.c
>> +++ b/security/keys/encrypted-keys/encrypted.c
>> @@ -613,6 +613,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
>> long dlen;
>> int i;
>> int ret;
>> + size_t epayload_datalen = 0;
>>
>> ret = kstrtol(datalen, 10, &dlen);
>> if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
>> @@ -667,8 +668,10 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
>> if (ret < 0)
>> return ERR_PTR(ret);
>>
>> - epayload = kzalloc(sizeof(*epayload) + payload_datalen +
>> - datablob_len + HASH_SIZE + 1, GFP_KERNEL);
>> + epayload_datalen = size_add(payload_datalen, datablob_len);
>> + epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);
BTW, the "here" is here.
>> + epayload = kzalloc(struct_size(epayload, payload_data,
>> + epayload_datalen), GFP_KERNEL);
>> if (!epayload)
>> return ERR_PTR(-ENOMEM);
>>
>> diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
>> index 749e2a4dcb13..334fed36e9f3 100644
>> --- a/security/keys/user_defined.c
>> +++ b/security/keys/user_defined.c
>> @@ -64,7 +64,7 @@ int user_preparse(struct key_preparsed_payload *prep)
>> if (datalen <= 0 || datalen > 32767 || !prep->data)
>> return -EINVAL;
>>
>> - upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
>> + upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
>> if (!upayload)
>> return -ENOMEM;
>>
>
> BR, Jarkko
--
Best
GUO Zihua
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-05-26 2:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-25 1:26 [PATCH v3] keys: Use struct_size and size_add helper with alloc GUO Zihua
2022-05-26 1:06 ` Jarkko Sakkinen
2022-05-26 2:16 ` Guozihua (Scott)
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.