* [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
@ 2019-04-05 4:57 Borislav Petkov
2019-04-05 6:26 ` Rasmus Villemoes
` (2 more replies)
0 siblings, 3 replies; 11+ messages in thread
From: Borislav Petkov @ 2019-04-05 4:57 UTC (permalink / raw)
To: LKML; +Cc: Kees Cook, Matthew Wilcox
From: Borislav Petkov <bp@suse.de>
... to make its name readable to humans so that it can denote what that
helper does.
No functional changes.
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: Matthew Wilcox <willy@infradead.org>
---
include/linux/overflow.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/overflow.h b/include/linux/overflow.h
index 40b48e2133cb..a9cb77d54df0 100644
--- a/include/linux/overflow.h
+++ b/include/linux/overflow.h
@@ -278,7 +278,7 @@ static inline __must_check size_t array3_size(size_t a, size_t b, size_t c)
return bytes;
}
-static inline __must_check size_t __ab_c_size(size_t n, size_t size, size_t c)
+static inline __must_check size_t __calc_size(size_t n, size_t size, size_t c)
{
size_t bytes;
@@ -302,7 +302,7 @@ static inline __must_check size_t __ab_c_size(size_t n, size_t size, size_t c)
* Return: number of bytes needed or SIZE_MAX on overflow.
*/
#define struct_size(p, member, n) \
- __ab_c_size(n, \
+ __calc_size(n, \
sizeof(*(p)->member) + __must_be_array((p)->member),\
sizeof(*(p)))
--
2.21.0
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 4:57 [PATCH] overflow.h: Rename __ab_c_size() to __calc_size() Borislav Petkov
@ 2019-04-05 6:26 ` Rasmus Villemoes
2019-04-05 7:52 ` Borislav Petkov
2019-04-10 20:40 ` [tip:core/core] overflow.h: Add comment documenting __ab_c_size() tip-bot for Rasmus Villemoes
2019-04-12 11:49 ` tip-bot for Rasmus Villemoes
2 siblings, 1 reply; 11+ messages in thread
From: Rasmus Villemoes @ 2019-04-05 6:26 UTC (permalink / raw)
To: Borislav Petkov, LKML; +Cc: Kees Cook, Matthew Wilcox
On 05/04/2019 06.57, Borislav Petkov wrote:
> From: Borislav Petkov <bp@suse.de>
>
> ... to make its name readable to humans so that it can denote what that helper does.
I like the current color. It computes a*b+c with overflow checking at each step. calc_size is
way too generic and doesn't say anything at all about how the calc(ulation) is done.
Rasmus
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 6:26 ` Rasmus Villemoes
@ 2019-04-05 7:52 ` Borislav Petkov
2019-04-05 8:09 ` Rasmus Villemoes
0 siblings, 1 reply; 11+ messages in thread
From: Borislav Petkov @ 2019-04-05 7:52 UTC (permalink / raw)
To: Rasmus Villemoes; +Cc: LKML, Kees Cook, Matthew Wilcox
On Fri, Apr 05, 2019 at 08:26:45AM +0200, Rasmus Villemoes wrote:
> I like the current color.
Color?
> It computes a*b+c with overflow checking at each step. calc_size
> is way too generic and doesn't say anything at all about how the
> calc(ulation) is done.
Ok, whatever.
Then it would need at least a comment above it to state what it does. I
don't want to go and parse the macros each time.
Thx.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 7:52 ` Borislav Petkov
@ 2019-04-05 8:09 ` Rasmus Villemoes
2019-04-05 8:24 ` Borislav Petkov
0 siblings, 1 reply; 11+ messages in thread
From: Rasmus Villemoes @ 2019-04-05 8:09 UTC (permalink / raw)
To: Borislav Petkov, Rasmus Villemoes; +Cc: LKML, Kees Cook, Matthew Wilcox
On 05/04/2019 09.52, Borislav Petkov wrote:
> On Fri, Apr 05, 2019 at 08:26:45AM +0200, Rasmus Villemoes wrote:
>> It computes a*b+c with overflow checking at each step. calc_size
>> is way too generic and doesn't say anything at all about how the
>> calc(ulation) is done.
>
> Ok, whatever.
>
> Then it would need at least a comment above it to state what it does. I
> don't want to go and parse the macros each time.
It's an internal helper, and struct_size is fully kernel-doc'ed. But
yeah, a comment wouldn't hurt, and let's rename the parameters so they
match the abc naming.
diff --git a/include/linux/overflow.h b/include/linux/overflow.h
index 40b48e2133cb..6534a727cadb 100644
--- a/include/linux/overflow.h
+++ b/include/linux/overflow.h
@@ -278,11 +278,15 @@ static inline __must_check size_t
array3_size(size_t a, size_t b, size_t c)
return bytes;
}
-static inline __must_check size_t __ab_c_size(size_t n, size_t size,
size_t c)
+/*
+ * Compute a*b+c, returning SIZE_MAX on overflow. Internal helper for
+ * struct_size() below.
+ */
+static inline __must_check size_t __ab_c_size(size_t a, size_t b, size_t c)
{
size_t bytes;
- if (check_mul_overflow(n, size, &bytes))
+ if (check_mul_overflow(a, b, &bytes))
return SIZE_MAX;
if (check_add_overflow(bytes, c, &bytes))
return SIZE_MAX;
Rasmus
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 8:09 ` Rasmus Villemoes
@ 2019-04-05 8:24 ` Borislav Petkov
2019-04-05 16:13 ` Kees Cook
0 siblings, 1 reply; 11+ messages in thread
From: Borislav Petkov @ 2019-04-05 8:24 UTC (permalink / raw)
To: Rasmus Villemoes; +Cc: LKML, Kees Cook, Matthew Wilcox
On Fri, Apr 05, 2019 at 10:09:31AM +0200, Rasmus Villemoes wrote:
> On 05/04/2019 09.52, Borislav Petkov wrote:
> > On Fri, Apr 05, 2019 at 08:26:45AM +0200, Rasmus Villemoes wrote:
>
> >> It computes a*b+c with overflow checking at each step. calc_size
> >> is way too generic and doesn't say anything at all about how the
> >> calc(ulation) is done.
> >
> > Ok, whatever.
> >
> > Then it would need at least a comment above it to state what it does. I
> > don't want to go and parse the macros each time.
>
> It's an internal helper, and struct_size is fully kernel-doc'ed. But
> yeah, a comment wouldn't hurt, and let's rename the parameters so they
> match the abc naming.
>
> diff --git a/include/linux/overflow.h b/include/linux/overflow.h
> index 40b48e2133cb..6534a727cadb 100644
> --- a/include/linux/overflow.h
> +++ b/include/linux/overflow.h
> @@ -278,11 +278,15 @@ static inline __must_check size_t
> array3_size(size_t a, size_t b, size_t c)
> return bytes;
> }
>
> -static inline __must_check size_t __ab_c_size(size_t n, size_t size,
> size_t c)
> +/*
> + * Compute a*b+c, returning SIZE_MAX on overflow. Internal helper for
> + * struct_size() below.
> + */
> +static inline __must_check size_t __ab_c_size(size_t a, size_t b, size_t c)
> {
> size_t bytes;
>
> - if (check_mul_overflow(n, size, &bytes))
> + if (check_mul_overflow(a, b, &bytes))
> return SIZE_MAX;
> if (check_add_overflow(bytes, c, &bytes))
> return SIZE_MAX;
>
>
Reported-by: Borislav Petkov <bp@suse.de>
Acked-by: Borislav Petkov <bp@suse.de>
Thx.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 8:24 ` Borislav Petkov
@ 2019-04-05 16:13 ` Kees Cook
2019-04-05 16:25 ` Matthew Wilcox
0 siblings, 1 reply; 11+ messages in thread
From: Kees Cook @ 2019-04-05 16:13 UTC (permalink / raw)
To: Borislav Petkov; +Cc: Rasmus Villemoes, LKML, Matthew Wilcox
On Fri, Apr 5, 2019 at 1:24 AM Borislav Petkov <bp@alien8.de> wrote:
>
> On Fri, Apr 05, 2019 at 10:09:31AM +0200, Rasmus Villemoes wrote:
> > On 05/04/2019 09.52, Borislav Petkov wrote:
> > > On Fri, Apr 05, 2019 at 08:26:45AM +0200, Rasmus Villemoes wrote:
> >
> > >> It computes a*b+c with overflow checking at each step. calc_size
> > >> is way too generic and doesn't say anything at all about how the
> > >> calc(ulation) is done.
> > >
> > > Ok, whatever.
> > >
> > > Then it would need at least a comment above it to state what it does. I
> > > don't want to go and parse the macros each time.
> >
> > It's an internal helper, and struct_size is fully kernel-doc'ed. But
> > yeah, a comment wouldn't hurt, and let's rename the parameters so they
> > match the abc naming.
> >
> > diff --git a/include/linux/overflow.h b/include/linux/overflow.h
> > index 40b48e2133cb..6534a727cadb 100644
> > --- a/include/linux/overflow.h
> > +++ b/include/linux/overflow.h
> > @@ -278,11 +278,15 @@ static inline __must_check size_t
> > array3_size(size_t a, size_t b, size_t c)
> > return bytes;
> > }
> >
> > -static inline __must_check size_t __ab_c_size(size_t n, size_t size,
> > size_t c)
> > +/*
> > + * Compute a*b+c, returning SIZE_MAX on overflow. Internal helper for
> > + * struct_size() below.
> > + */
May as well make this kern-doc too?
> > +static inline __must_check size_t __ab_c_size(size_t a, size_t b, size_t c)
> > {
> > size_t bytes;
> >
> > - if (check_mul_overflow(n, size, &bytes))
> > + if (check_mul_overflow(a, b, &bytes))
> > return SIZE_MAX;
> > if (check_add_overflow(bytes, c, &bytes))
> > return SIZE_MAX;
> >
> >
>
> Reported-by: Borislav Petkov <bp@suse.de>
> Acked-by: Borislav Petkov <bp@suse.de>
Acked-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 16:13 ` Kees Cook
@ 2019-04-05 16:25 ` Matthew Wilcox
2019-04-06 9:32 ` Borislav Petkov
0 siblings, 1 reply; 11+ messages in thread
From: Matthew Wilcox @ 2019-04-05 16:25 UTC (permalink / raw)
To: Kees Cook; +Cc: Borislav Petkov, Rasmus Villemoes, LKML
On Fri, Apr 05, 2019 at 09:13:24AM -0700, Kees Cook wrote:
> On Fri, Apr 5, 2019 at 1:24 AM Borislav Petkov <bp@alien8.de> wrote:
> >
> > On Fri, Apr 05, 2019 at 10:09:31AM +0200, Rasmus Villemoes wrote:
> > > On 05/04/2019 09.52, Borislav Petkov wrote:
> > > > On Fri, Apr 05, 2019 at 08:26:45AM +0200, Rasmus Villemoes wrote:
> > >
> > > >> It computes a*b+c with overflow checking at each step. calc_size
> > > >> is way too generic and doesn't say anything at all about how the
> > > >> calc(ulation) is done.
> > > >
> > > > Ok, whatever.
> > > >
> > > > Then it would need at least a comment above it to state what it does. I
> > > > don't want to go and parse the macros each time.
> > >
> > > It's an internal helper, and struct_size is fully kernel-doc'ed. But
> > > yeah, a comment wouldn't hurt, and let's rename the parameters so they
> > > match the abc naming.
> > >
> > > diff --git a/include/linux/overflow.h b/include/linux/overflow.h
> > > index 40b48e2133cb..6534a727cadb 100644
> > > --- a/include/linux/overflow.h
> > > +++ b/include/linux/overflow.h
> > > @@ -278,11 +278,15 @@ static inline __must_check size_t
> > > array3_size(size_t a, size_t b, size_t c)
> > > return bytes;
> > > }
> > >
> > > -static inline __must_check size_t __ab_c_size(size_t n, size_t size,
> > > size_t c)
> > > +/*
> > > + * Compute a*b+c, returning SIZE_MAX on overflow. Internal helper for
> > > + * struct_size() below.
> > > + */
>
> May as well make this kern-doc too?
I don't think that's a good idea; we should only document functions we
want other people to use.
> > > +static inline __must_check size_t __ab_c_size(size_t a, size_t b, size_t c)
I could also go for renaming this to __size_ab_plus_c.
For a bit of history ... the origins of this was a system which had
alloc_ab (a * b)
alloc_abc (a * b * c)
alloc_ab_c (a * b + c)
alloc_ab_cd (a * b + c * d)
In the process of getting it upstreamed, it changed from kmalloc_ab_c to
kmalloc(struct_size(...)) and we never bothered to change the name of
__ab_c_size().
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-05 16:25 ` Matthew Wilcox
@ 2019-04-06 9:32 ` Borislav Petkov
2019-04-06 11:32 ` Rasmus Villemoes
0 siblings, 1 reply; 11+ messages in thread
From: Borislav Petkov @ 2019-04-06 9:32 UTC (permalink / raw)
To: Matthew Wilcox; +Cc: Kees Cook, Rasmus Villemoes, LKML
On Fri, Apr 05, 2019 at 09:25:27AM -0700, Matthew Wilcox wrote:
> I don't think that's a good idea; we should only document functions we
> want other people to use.
Yap.
> I could also go for renaming this to __size_ab_plus_c.
Let's just leave it short as it is now - the comment should be good
enough.
Btw, is anyone picking this up or should I?
Thx.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] overflow.h: Rename __ab_c_size() to __calc_size()
2019-04-06 9:32 ` Borislav Petkov
@ 2019-04-06 11:32 ` Rasmus Villemoes
0 siblings, 0 replies; 11+ messages in thread
From: Rasmus Villemoes @ 2019-04-06 11:32 UTC (permalink / raw)
To: Borislav Petkov, Matthew Wilcox; +Cc: Kees Cook, Rasmus Villemoes, LKML
On 06/04/2019 11.32, Borislav Petkov wrote:
> On Fri, Apr 05, 2019 at 09:25:27AM -0700, Matthew Wilcox wrote:
>> I don't think that's a good idea; we should only document functions we
>> want other people to use.
>
> Yap.
Exactly, not kernel-doc'ing was a deliberate choice.
>> I could also go for renaming this to __size_ab_plus_c.
>
> Let's just leave it short as it is now - the comment should be good
> enough.
>
> Btw, is anyone picking this up or should I?
I'm fine with you picking it up. Here's a real changelog, feel free to edit.
overflow.h: add comment documenting __ab_c_size()
__ab_c_size() is a somewhat opaque name. Document its purpose, and while
at it, rename the parameters to actually match the abc naming.
Rasmus
^ permalink raw reply [flat|nested] 11+ messages in thread
* [tip:core/core] overflow.h: Add comment documenting __ab_c_size()
2019-04-05 4:57 [PATCH] overflow.h: Rename __ab_c_size() to __calc_size() Borislav Petkov
2019-04-05 6:26 ` Rasmus Villemoes
@ 2019-04-10 20:40 ` tip-bot for Rasmus Villemoes
2019-04-12 11:49 ` tip-bot for Rasmus Villemoes
2 siblings, 0 replies; 11+ messages in thread
From: tip-bot for Rasmus Villemoes @ 2019-04-10 20:40 UTC (permalink / raw)
To: linux-tip-commits
Cc: bp, tglx, mingo, linux, keescook, willy, hpa, linux-kernel
Commit-ID: 899cbdfa8d147c873fe4e66c38d2cca3c1ac6286
Gitweb: https://git.kernel.org/tip/899cbdfa8d147c873fe4e66c38d2cca3c1ac6286
Author: Rasmus Villemoes <linux@rasmusvillemoes.dk>
AuthorDate: Wed, 10 Apr 2019 22:27:25 +0200
Committer: Borislav Petkov <bp@suse.de>
CommitDate: Wed, 10 Apr 2019 22:35:47 +0200
overflow.h: Add comment documenting __ab_c_size()
__ab_c_size() is a somewhat opaque name. Document its purpose, and while
at it, rename the parameters to actually match the abc naming.
[ bp: glued a complete patch from chunks on LKML. ]
Reported-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Matthew Wilcox <willy@infradead.org>
Link: https://lkml.kernel.org/r/20190405045711.30339-1-bp@alien8.de
---
include/linux/overflow.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/include/linux/overflow.h b/include/linux/overflow.h
index 40b48e2133cb..6534a727cadb 100644
--- a/include/linux/overflow.h
+++ b/include/linux/overflow.h
@@ -278,11 +278,15 @@ static inline __must_check size_t array3_size(size_t a, size_t b, size_t c)
return bytes;
}
-static inline __must_check size_t __ab_c_size(size_t n, size_t size, size_t c)
+/*
+ * Compute a*b+c, returning SIZE_MAX on overflow. Internal helper for
+ * struct_size() below.
+ */
+static inline __must_check size_t __ab_c_size(size_t a, size_t b, size_t c)
{
size_t bytes;
- if (check_mul_overflow(n, size, &bytes))
+ if (check_mul_overflow(a, b, &bytes))
return SIZE_MAX;
if (check_add_overflow(bytes, c, &bytes))
return SIZE_MAX;
^ permalink raw reply related [flat|nested] 11+ messages in thread
* [tip:core/core] overflow.h: Add comment documenting __ab_c_size()
2019-04-05 4:57 [PATCH] overflow.h: Rename __ab_c_size() to __calc_size() Borislav Petkov
2019-04-05 6:26 ` Rasmus Villemoes
2019-04-10 20:40 ` [tip:core/core] overflow.h: Add comment documenting __ab_c_size() tip-bot for Rasmus Villemoes
@ 2019-04-12 11:49 ` tip-bot for Rasmus Villemoes
2 siblings, 0 replies; 11+ messages in thread
From: tip-bot for Rasmus Villemoes @ 2019-04-12 11:49 UTC (permalink / raw)
To: linux-tip-commits
Cc: linux, tglx, linux-kernel, hpa, keescook, bp, willy, mingo
Commit-ID: e0478542cfd4d993e38d5f92a3f3ecd238805e96
Gitweb: https://git.kernel.org/tip/e0478542cfd4d993e38d5f92a3f3ecd238805e96
Author: Rasmus Villemoes <linux@rasmusvillemoes.dk>
AuthorDate: Wed, 10 Apr 2019 22:27:25 +0200
Committer: Borislav Petkov <bp@suse.de>
CommitDate: Fri, 12 Apr 2019 13:44:24 +0200
overflow.h: Add comment documenting __ab_c_size()
__ab_c_size() is a somewhat opaque name. Document its purpose, and while
at it, rename the parameters to actually match the abc naming.
[ bp: glued a complete patch from chunks on LKML. ]
Reported-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Matthew Wilcox <willy@infradead.org>
Link: https://lkml.kernel.org/r/20190405045711.30339-1-bp@alien8.de
---
include/linux/overflow.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/include/linux/overflow.h b/include/linux/overflow.h
index 40b48e2133cb..6534a727cadb 100644
--- a/include/linux/overflow.h
+++ b/include/linux/overflow.h
@@ -278,11 +278,15 @@ static inline __must_check size_t array3_size(size_t a, size_t b, size_t c)
return bytes;
}
-static inline __must_check size_t __ab_c_size(size_t n, size_t size, size_t c)
+/*
+ * Compute a*b+c, returning SIZE_MAX on overflow. Internal helper for
+ * struct_size() below.
+ */
+static inline __must_check size_t __ab_c_size(size_t a, size_t b, size_t c)
{
size_t bytes;
- if (check_mul_overflow(n, size, &bytes))
+ if (check_mul_overflow(a, b, &bytes))
return SIZE_MAX;
if (check_add_overflow(bytes, c, &bytes))
return SIZE_MAX;
^ permalink raw reply related [flat|nested] 11+ messages in thread
end of thread, other threads:[~2019-04-12 11:49 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-05 4:57 [PATCH] overflow.h: Rename __ab_c_size() to __calc_size() Borislav Petkov
2019-04-05 6:26 ` Rasmus Villemoes
2019-04-05 7:52 ` Borislav Petkov
2019-04-05 8:09 ` Rasmus Villemoes
2019-04-05 8:24 ` Borislav Petkov
2019-04-05 16:13 ` Kees Cook
2019-04-05 16:25 ` Matthew Wilcox
2019-04-06 9:32 ` Borislav Petkov
2019-04-06 11:32 ` Rasmus Villemoes
2019-04-10 20:40 ` [tip:core/core] overflow.h: Add comment documenting __ab_c_size() tip-bot for Rasmus Villemoes
2019-04-12 11:49 ` tip-bot for Rasmus Villemoes
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).