linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 0/3][next] lib/stackdepot.c: Replace one-element array with flexible-array member
@ 2020-10-01 15:24 Gustavo A. R. Silva
  2020-10-01 15:25 ` [PATCH 1/3][next] " Gustavo A. R. Silva
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2020-10-01 15:24 UTC (permalink / raw)
  To: linux-kernel; +Cc: linux-hardening, Andrew Morton, Gustavo A. R. Silva

Hi,

This series aim to replace a one-element array with a flexible-array
member. Also, make use of the struct_size(), flexible_array_size()
and array_size() helpers.

Thanks
--
Gustavo

Gustavo A. R. Silva (3):
  lib/stackdepot.c: Replace one-element array with flexible-array member
  lib/stackdepot.c: Use flex_array_size() helper in memcpy()
  lib/stackdepot.c: Use array_size() helper in jhash2()

 lib/stackdepot.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

-- 
2.27.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 1/3][next] lib/stackdepot.c: Replace one-element array with flexible-array member
  2020-10-01 15:24 [PATCH 0/3][next] lib/stackdepot.c: Replace one-element array with flexible-array member Gustavo A. R. Silva
@ 2020-10-01 15:25 ` Gustavo A. R. Silva
  2020-10-01 15:25 ` [PATCH 2/3][next] lib/stackdepot.c: Use flex_array_size() helper in memcpy() Gustavo A. R. Silva
  2020-10-01 15:26 ` [PATCH 3/3][next] lib/stackdepot.c: Use array_size() helper in jhash2() Gustavo A. R. Silva
  2 siblings, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2020-10-01 15:25 UTC (permalink / raw)
  To: linux-kernel; +Cc: linux-hardening, Andrew Morton, Gustavo A. R. Silva

There is a regular need in the kernel to provide a way to declare having
a dynamically sized set of trailing elements in a structure. Kernel code
should always use “flexible array members”[1] for these cases. The older
style of one-element or zero-length arrays should no longer be used[2].

Refactor the code according to the use of a flexible-array member in
struct stack_record, instead of a one-element array, and use the
struct_size() helper to calculate the size for the allocation.

[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] https://www.kernel.org/doc/html/v5.9-rc1/process/deprecated.html#zero-length-and-one-element-arrays

Build-tested-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/lkml/5f75876b.x9zdN10esiC0qLHV%25lkp@intel.com/
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 lib/stackdepot.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lib/stackdepot.c b/lib/stackdepot.c
index 2caffc64e4c8..c6106cfb7950 100644
--- a/lib/stackdepot.c
+++ b/lib/stackdepot.c
@@ -62,7 +62,7 @@ struct stack_record {
 	u32 hash;			/* Hash in the hastable */
 	u32 size;			/* Number of frames in the stack */
 	union handle_parts handle;
-	unsigned long entries[1];	/* Variable-sized array of entries. */
+	unsigned long entries[];	/* Variable-sized array of entries. */
 };
 
 static void *stack_slabs[STACK_ALLOC_MAX_SLABS];
@@ -104,9 +104,8 @@ static bool init_stack_slab(void **prealloc)
 static struct stack_record *depot_alloc_stack(unsigned long *entries, int size,
 		u32 hash, void **prealloc, gfp_t alloc_flags)
 {
-	int required_size = offsetof(struct stack_record, entries) +
-		sizeof(unsigned long) * size;
 	struct stack_record *stack;
+	size_t required_size = struct_size(stack, entries, size);
 
 	required_size = ALIGN(required_size, 1 << STACK_ALLOC_ALIGN);
 
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH 2/3][next] lib/stackdepot.c: Use flex_array_size() helper in memcpy()
  2020-10-01 15:24 [PATCH 0/3][next] lib/stackdepot.c: Replace one-element array with flexible-array member Gustavo A. R. Silva
  2020-10-01 15:25 ` [PATCH 1/3][next] " Gustavo A. R. Silva
@ 2020-10-01 15:25 ` Gustavo A. R. Silva
  2020-10-01 15:26 ` [PATCH 3/3][next] lib/stackdepot.c: Use array_size() helper in jhash2() Gustavo A. R. Silva
  2 siblings, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2020-10-01 15:25 UTC (permalink / raw)
  To: linux-kernel; +Cc: linux-hardening, Andrew Morton, Gustavo A. R. Silva

Make use of the flex_array_size() helper to calculate the size of a
flexible array member within an enclosing structure.

This helper offers defense-in-depth against potential integer
overflows, while at the same time makes it explicitly clear that
we are dealing with a flexible array member.

Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 lib/stackdepot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/stackdepot.c b/lib/stackdepot.c
index c6106cfb7950..683b6a8ddade 100644
--- a/lib/stackdepot.c
+++ b/lib/stackdepot.c
@@ -135,7 +135,7 @@ static struct stack_record *depot_alloc_stack(unsigned long *entries, int size,
 	stack->handle.slabindex = depot_index;
 	stack->handle.offset = depot_offset >> STACK_ALLOC_ALIGN;
 	stack->handle.valid = 1;
-	memcpy(stack->entries, entries, size * sizeof(unsigned long));
+	memcpy(stack->entries, entries, flex_array_size(stack, entries, size));
 	depot_offset += required_size;
 
 	return stack;
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH 3/3][next] lib/stackdepot.c: Use array_size() helper in jhash2()
  2020-10-01 15:24 [PATCH 0/3][next] lib/stackdepot.c: Replace one-element array with flexible-array member Gustavo A. R. Silva
  2020-10-01 15:25 ` [PATCH 1/3][next] " Gustavo A. R. Silva
  2020-10-01 15:25 ` [PATCH 2/3][next] lib/stackdepot.c: Use flex_array_size() helper in memcpy() Gustavo A. R. Silva
@ 2020-10-01 15:26 ` Gustavo A. R. Silva
  2 siblings, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2020-10-01 15:26 UTC (permalink / raw)
  To: linux-kernel; +Cc: linux-hardening, Andrew Morton, Gustavo A. R. Silva

Use array_size() helper instead of the open-coded version in jhash2().
These sorts of multiplication factors need to be wrapped in array_size().

Also, use the preferred form for passing the size of an object type.

Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 lib/stackdepot.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/stackdepot.c b/lib/stackdepot.c
index 683b6a8ddade..890dcc2e984e 100644
--- a/lib/stackdepot.c
+++ b/lib/stackdepot.c
@@ -154,8 +154,8 @@ static struct stack_record *stack_table[STACK_HASH_SIZE] = {
 static inline u32 hash_stack(unsigned long *entries, unsigned int size)
 {
 	return jhash2((u32 *)entries,
-			       size * sizeof(unsigned long) / sizeof(u32),
-			       STACK_HASH_SEED);
+		      array_size(size,  sizeof(*entries)) / sizeof(u32),
+		      STACK_HASH_SEED);
 }
 
 /* Use our own, non-instrumented version of memcmp().
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-10-01 15:20 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-01 15:24 [PATCH 0/3][next] lib/stackdepot.c: Replace one-element array with flexible-array member Gustavo A. R. Silva
2020-10-01 15:25 ` [PATCH 1/3][next] " Gustavo A. R. Silva
2020-10-01 15:25 ` [PATCH 2/3][next] lib/stackdepot.c: Use flex_array_size() helper in memcpy() Gustavo A. R. Silva
2020-10-01 15:26 ` [PATCH 3/3][next] lib/stackdepot.c: Use array_size() helper in jhash2() Gustavo A. R. Silva

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).