From: Dan Carpenter <dan.carpenter@linaro.org>
To: Jiri Pirko <jiri@resnulli.us>
Cc: Maciej Fijalkowski <maciej.fijalkowski@intel.com>,
Jesse Brandeburg <jesse.brandeburg@intel.com>,
Tony Nguyen <anthony.l.nguyen@intel.com>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Przemek Kitszel <przemyslaw.kitszel@intel.com>,
intel-wired-lan@lists.osuosl.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org
Subject: Re: [PATCH v2 net] ice: Fix freeing uninitialized pointers
Date: Thu, 21 Mar 2024 18:49:29 +0300 [thread overview]
Message-ID: <dd392ed9-9f68-4364-bc9a-ab95d6b54cda@moroto.mountain> (raw)
In-Reply-To: <ZfxTjYUPAFz_LRlk@nanopsycho>
On Thu, Mar 21, 2024 at 04:34:37PM +0100, Jiri Pirko wrote:
> >The change to ice_update_link_info() isn't required because it's
> >assigned on the very next line... But I did that because it's harmless
> >and makes __free() stuff easier to verify. I felt like moving the
> >declarations into the code would be controversial and it also ends up
> >making the lines really long.
> >
> > goto goto err_unroll_sched;
> >
> > struct ice_aqc_get_phy_caps_data *pcaps __free(kfree) =
> > kzalloc(sizeof(*pcaps), GFP_KERNEL);
>
> Yeah, that is why I'm proposing KZALLOC_FREE helper:
> https://lore.kernel.org/all/20240315132249.2515468-1-jiri@resnulli.us/
>
I like the idea, but I'm not keen on the format. What about something
like?
#define __ALLOC(p) p __free(kfree) = kzalloc(sizeof(*p), GFP_KERNEL)
struct ice_aqc_get_phy_caps_data *__ALLOC(pcaps);
I'm not a huge fan of putting functions which can fail into the
declaration block but I feel like we're going to officially say that
small allocations can't fail.
https://lwn.net/Articles/964793/
https://lore.kernel.org/all/170925937840.24797.2167230750547152404@noble.neil.brown.name/
Normally we would try to delay the allocations until after all the
sanity checks have run but that's optimizing for the failure case. In
the normal case we're going to want these allocations.
regards,
damn carpenter
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@linaro.org>
To: Jiri Pirko <jiri@resnulli.us>
Cc: Maciej Fijalkowski <maciej.fijalkowski@intel.com>,
Przemek Kitszel <przemyslaw.kitszel@intel.com>,
kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org,
Eric Dumazet <edumazet@google.com>,
netdev@vger.kernel.org, Tony Nguyen <anthony.l.nguyen@intel.com>,
intel-wired-lan@lists.osuosl.org,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
"David S. Miller" <davem@davemloft.net>
Subject: Re: [Intel-wired-lan] [PATCH v2 net] ice: Fix freeing uninitialized pointers
Date: Thu, 21 Mar 2024 18:49:29 +0300 [thread overview]
Message-ID: <dd392ed9-9f68-4364-bc9a-ab95d6b54cda@moroto.mountain> (raw)
In-Reply-To: <ZfxTjYUPAFz_LRlk@nanopsycho>
On Thu, Mar 21, 2024 at 04:34:37PM +0100, Jiri Pirko wrote:
> >The change to ice_update_link_info() isn't required because it's
> >assigned on the very next line... But I did that because it's harmless
> >and makes __free() stuff easier to verify. I felt like moving the
> >declarations into the code would be controversial and it also ends up
> >making the lines really long.
> >
> > goto goto err_unroll_sched;
> >
> > struct ice_aqc_get_phy_caps_data *pcaps __free(kfree) =
> > kzalloc(sizeof(*pcaps), GFP_KERNEL);
>
> Yeah, that is why I'm proposing KZALLOC_FREE helper:
> https://lore.kernel.org/all/20240315132249.2515468-1-jiri@resnulli.us/
>
I like the idea, but I'm not keen on the format. What about something
like?
#define __ALLOC(p) p __free(kfree) = kzalloc(sizeof(*p), GFP_KERNEL)
struct ice_aqc_get_phy_caps_data *__ALLOC(pcaps);
I'm not a huge fan of putting functions which can fail into the
declaration block but I feel like we're going to officially say that
small allocations can't fail.
https://lwn.net/Articles/964793/
https://lore.kernel.org/all/170925937840.24797.2167230750547152404@noble.neil.brown.name/
Normally we would try to delay the allocations until after all the
sanity checks have run but that's optimizing for the failure case. In
the normal case we're going to want these allocations.
regards,
damn carpenter
next prev parent reply other threads:[~2024-03-21 15:49 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-21 14:42 [PATCH v2 net] ice: Fix freeing uninitialized pointers Dan Carpenter
2024-03-21 14:42 ` [Intel-wired-lan] " Dan Carpenter
2024-03-21 15:34 ` Jiri Pirko
2024-03-21 15:34 ` [Intel-wired-lan] " Jiri Pirko
2024-03-21 15:49 ` Dan Carpenter [this message]
2024-03-21 15:49 ` Dan Carpenter
2024-03-21 20:05 ` Markus Elfring
2024-03-21 20:05 ` Markus Elfring
2024-03-22 5:32 ` [Intel-wired-lan] " Dan Carpenter
2024-03-22 5:32 ` Dan Carpenter
2024-03-22 10:10 ` [Intel-wired-lan] [v2] " Markus Elfring
2024-03-22 10:10 ` Markus Elfring
2024-03-22 12:57 ` [PATCH v2 net] " Simon Horman
2024-03-22 12:57 ` [Intel-wired-lan] " Simon Horman
2024-03-23 16:56 ` Markus Elfring
2024-03-23 16:56 ` [Intel-wired-lan] " Markus Elfring
2024-03-24 10:43 ` Dan Carpenter
2024-03-24 10:43 ` [Intel-wired-lan] " Dan Carpenter
2024-03-24 13:22 ` [Intel-wired-lan] [v2] " Markus Elfring
2024-03-24 13:22 ` Markus Elfring
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dd392ed9-9f68-4364-bc9a-ab95d6b54cda@moroto.mountain \
--to=dan.carpenter@linaro.org \
--cc=anthony.l.nguyen@intel.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=intel-wired-lan@lists.osuosl.org \
--cc=jesse.brandeburg@intel.com \
--cc=jiri@resnulli.us \
--cc=kernel-janitors@vger.kernel.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maciej.fijalkowski@intel.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=przemyslaw.kitszel@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.