All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH][net-next] net/mlx5: Use struct_size() helper in kvzalloc()
@ 2021-09-28 22:11 Gustavo A. R. Silva
  2021-09-30 19:06 ` Saeed Mahameed
  0 siblings, 1 reply; 3+ messages in thread
From: Gustavo A. R. Silva @ 2021-09-28 22:11 UTC (permalink / raw)
  To: Saeed Mahameed, Leon Romanovsky, David S. Miller, Jakub Kicinski
  Cc: netdev, linux-rdma, linux-kernel, Gustavo A. R. Silva, linux-hardening

Make use of the struct_size() helper instead of an open-coded version,
in order to avoid any potential type mistakes or integer overflows that,
in the worse scenario, could lead to heap overflows.

Link: https://github.com/KSPP/linux/issues/160
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 drivers/net/ethernet/mellanox/mlx5/core/fs_counters.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_counters.c b/drivers/net/ethernet/mellanox/mlx5/core/fs_counters.c
index 18e5aec14641..f542a36be62c 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_counters.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_counters.c
@@ -497,8 +497,7 @@ static struct mlx5_fc_bulk *mlx5_fc_bulk_create(struct mlx5_core_dev *dev)
 	alloc_bitmask = MLX5_CAP_GEN(dev, flow_counter_bulk_alloc);
 	bulk_len = alloc_bitmask > 0 ? MLX5_FC_BULK_NUM_FCS(alloc_bitmask) : 1;
 
-	bulk = kvzalloc(sizeof(*bulk) + bulk_len * sizeof(struct mlx5_fc),
-			GFP_KERNEL);
+	bulk = kvzalloc(struct_size(bulk, fcs, bulk_len), GFP_KERNEL);
 	if (!bulk)
 		goto err_alloc_bulk;
 
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH][net-next] net/mlx5: Use struct_size() helper in kvzalloc()
  2021-09-28 22:11 [PATCH][net-next] net/mlx5: Use struct_size() helper in kvzalloc() Gustavo A. R. Silva
@ 2021-09-30 19:06 ` Saeed Mahameed
  2021-09-30 19:58   ` Gustavo A. R. Silva
  0 siblings, 1 reply; 3+ messages in thread
From: Saeed Mahameed @ 2021-09-30 19:06 UTC (permalink / raw)
  To: davem, kuba, gustavoars, leon
  Cc: linux-hardening, netdev, linux-rdma, linux-kernel

On Tue, 2021-09-28 at 17:11 -0500, Gustavo A. R. Silva wrote:
> Make use of the struct_size() helper instead of an open-coded
> version,
> in order to avoid any potential type mistakes or integer overflows
> that,
> in the worse scenario, could lead to heap overflows.
> 
> Link: https://github.com/KSPP/linux/issues/160
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>

applied to net-next-mlx5

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH][net-next] net/mlx5: Use struct_size() helper in kvzalloc()
  2021-09-30 19:06 ` Saeed Mahameed
@ 2021-09-30 19:58   ` Gustavo A. R. Silva
  0 siblings, 0 replies; 3+ messages in thread
From: Gustavo A. R. Silva @ 2021-09-30 19:58 UTC (permalink / raw)
  To: Saeed Mahameed
  Cc: davem, kuba, leon, linux-hardening, netdev, linux-rdma, linux-kernel

On Thu, Sep 30, 2021 at 07:06:32PM +0000, Saeed Mahameed wrote:
> On Tue, 2021-09-28 at 17:11 -0500, Gustavo A. R. Silva wrote:
> > Make use of the struct_size() helper instead of an open-coded
> > version,
> > in order to avoid any potential type mistakes or integer overflows
> > that,
> > in the worse scenario, could lead to heap overflows.
> > 
> > Link: https://github.com/KSPP/linux/issues/160
> > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> 
> applied to net-next-mlx5

Thanks, Saeed.
--
Gustavo

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-09-30 19:54 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-28 22:11 [PATCH][net-next] net/mlx5: Use struct_size() helper in kvzalloc() Gustavo A. R. Silva
2021-09-30 19:06 ` Saeed Mahameed
2021-09-30 19:58   ` Gustavo A. R. Silva

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.