linux-hardening.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH][next] hwspinlock: stm32: Use struct_size() helper in devm_kzalloc()
@ 2022-01-25  2:13 Gustavo A. R. Silva
  2022-01-26  3:30 ` Baolin Wang
  2022-01-26  8:29 ` [Linux-stm32] " Fabien DESSENNE
  0 siblings, 2 replies; 3+ messages in thread
From: Gustavo A. R. Silva @ 2022-01-25  2:13 UTC (permalink / raw)
  To: Ohad Ben-Cohen, Bjorn Andersson, Baolin Wang, Maxime Coquelin,
	Alexandre Torgue
  Cc: linux-remoteproc, linux-stm32, linux-arm-kernel, linux-kernel,
	Gustavo A. R. Silva, linux-hardening

Make use of the struct_size() helper instead of an open-coded version,
in order to avoid any potential type mistakes or integer overflows that,
in the worst scenario, could lead to heap overflows.

Also, address the following sparse warnings:
drivers/hwspinlock/stm32_hwspinlock.c:84:32: warning: using sizeof on a flexible structure

Link: https://github.com/KSPP/linux/issues/174
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 drivers/hwspinlock/stm32_hwspinlock.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/hwspinlock/stm32_hwspinlock.c b/drivers/hwspinlock/stm32_hwspinlock.c
index 5bd11a7fab65..716ad4401249 100644
--- a/drivers/hwspinlock/stm32_hwspinlock.c
+++ b/drivers/hwspinlock/stm32_hwspinlock.c
@@ -73,15 +73,14 @@ static int stm32_hwspinlock_probe(struct platform_device *pdev)
 	struct device *dev = &pdev->dev;
 	struct stm32_hwspinlock *hw;
 	void __iomem *io_base;
-	size_t array_size;
 	int i, ret;
 
 	io_base = devm_platform_ioremap_resource(pdev, 0);
 	if (IS_ERR(io_base))
 		return PTR_ERR(io_base);
 
-	array_size = STM32_MUTEX_NUM_LOCKS * sizeof(struct hwspinlock);
-	hw = devm_kzalloc(dev, sizeof(*hw) + array_size, GFP_KERNEL);
+	hw = devm_kzalloc(dev, struct_size(hw, bank.lock, STM32_MUTEX_NUM_LOCKS),
+			  GFP_KERNEL);
 	if (!hw)
 		return -ENOMEM;
 
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH][next] hwspinlock: stm32: Use struct_size() helper in devm_kzalloc()
  2022-01-25  2:13 [PATCH][next] hwspinlock: stm32: Use struct_size() helper in devm_kzalloc() Gustavo A. R. Silva
@ 2022-01-26  3:30 ` Baolin Wang
  2022-01-26  8:29 ` [Linux-stm32] " Fabien DESSENNE
  1 sibling, 0 replies; 3+ messages in thread
From: Baolin Wang @ 2022-01-26  3:30 UTC (permalink / raw)
  To: Gustavo A. R. Silva
  Cc: Ohad Ben-Cohen, Bjorn Andersson, Maxime Coquelin,
	Alexandre Torgue, linux-remoteproc, linux-stm32,
	linux-arm-kernel, LKML, linux-hardening

On Tue, Jan 25, 2022 at 10:07 AM Gustavo A. R. Silva
<gustavoars@kernel.org> wrote:
>
> Make use of the struct_size() helper instead of an open-coded version,
> in order to avoid any potential type mistakes or integer overflows that,
> in the worst scenario, could lead to heap overflows.
>
> Also, address the following sparse warnings:
> drivers/hwspinlock/stm32_hwspinlock.c:84:32: warning: using sizeof on a flexible structure
>
> Link: https://github.com/KSPP/linux/issues/174
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>

LGTM.
Reviewed-by: Baolin Wang <baolin.wang7@gmail.com>

> ---
>  drivers/hwspinlock/stm32_hwspinlock.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/hwspinlock/stm32_hwspinlock.c b/drivers/hwspinlock/stm32_hwspinlock.c
> index 5bd11a7fab65..716ad4401249 100644
> --- a/drivers/hwspinlock/stm32_hwspinlock.c
> +++ b/drivers/hwspinlock/stm32_hwspinlock.c
> @@ -73,15 +73,14 @@ static int stm32_hwspinlock_probe(struct platform_device *pdev)
>         struct device *dev = &pdev->dev;
>         struct stm32_hwspinlock *hw;
>         void __iomem *io_base;
> -       size_t array_size;
>         int i, ret;
>
>         io_base = devm_platform_ioremap_resource(pdev, 0);
>         if (IS_ERR(io_base))
>                 return PTR_ERR(io_base);
>
> -       array_size = STM32_MUTEX_NUM_LOCKS * sizeof(struct hwspinlock);
> -       hw = devm_kzalloc(dev, sizeof(*hw) + array_size, GFP_KERNEL);
> +       hw = devm_kzalloc(dev, struct_size(hw, bank.lock, STM32_MUTEX_NUM_LOCKS),
> +                         GFP_KERNEL);
>         if (!hw)
>                 return -ENOMEM;
>
> --
> 2.27.0
>


-- 
Baolin Wang

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Linux-stm32] [PATCH][next] hwspinlock: stm32: Use struct_size() helper in devm_kzalloc()
  2022-01-25  2:13 [PATCH][next] hwspinlock: stm32: Use struct_size() helper in devm_kzalloc() Gustavo A. R. Silva
  2022-01-26  3:30 ` Baolin Wang
@ 2022-01-26  8:29 ` Fabien DESSENNE
  1 sibling, 0 replies; 3+ messages in thread
From: Fabien DESSENNE @ 2022-01-26  8:29 UTC (permalink / raw)
  To: Gustavo A. R. Silva, Ohad Ben-Cohen, Bjorn Andersson,
	Baolin Wang, Maxime Coquelin, Alexandre Torgue
  Cc: linux-remoteproc, linux-kernel, linux-hardening, linux-stm32,
	linux-arm-kernel

Hi Gustavo,

Thank you for the patch.
I am fine with it with a nit picking comment regarding the non-mandatory 
80 characters line break [1].

BR

Fabien

[1] https://lkml.org/lkml/2020/5/29/1038


On 25/01/2022 03:13, Gustavo A. R. Silva wrote:
> Make use of the struct_size() helper instead of an open-coded version,
> in order to avoid any potential type mistakes or integer overflows that,
> in the worst scenario, could lead to heap overflows.
> 
> Also, address the following sparse warnings:
> drivers/hwspinlock/stm32_hwspinlock.c:84:32: warning: using sizeof on a
> flexible structure
> 
> Link: https://github.com/KSPP/linux/issues/174
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> ---
>   drivers/hwspinlock/stm32_hwspinlock.c | 5 ++---
>   1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/hwspinlock/stm32_hwspinlock.c
> b/drivers/hwspinlock/stm32_hwspinlock.c
> index 5bd11a7fab65..716ad4401249 100644
> --- a/drivers/hwspinlock/stm32_hwspinlock.c
> +++ b/drivers/hwspinlock/stm32_hwspinlock.c
> @@ -73,15 +73,14 @@ static int stm32_hwspinlock_probe(struct
> platform_device *pdev)
>   	struct device *dev = &pdev->dev;
>   	struct stm32_hwspinlock *hw;
>   	void __iomem *io_base;
> -	size_t array_size;
>   	int i, ret;
>   
>   	io_base = devm_platform_ioremap_resource(pdev, 0);
>   	if (IS_ERR(io_base))
>   		return PTR_ERR(io_base);
>   
> -	array_size = STM32_MUTEX_NUM_LOCKS * sizeof(struct hwspinlock);
> -	hw = devm_kzalloc(dev, sizeof(*hw) + array_size, GFP_KERNEL);
> +	hw = devm_kzalloc(dev, struct_size(hw, bank.lock,
> STM32_MUTEX_NUM_LOCKS),
> +			  GFP_KERNEL);

No need from line break here.


>   	if (!hw)
>   		return -ENOMEM;
>   
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-01-26  8:29 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-25  2:13 [PATCH][next] hwspinlock: stm32: Use struct_size() helper in devm_kzalloc() Gustavo A. R. Silva
2022-01-26  3:30 ` Baolin Wang
2022-01-26  8:29 ` [Linux-stm32] " Fabien DESSENNE

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).