[RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy
@ 2018-03-06 18:47 Gustavo A. R. Silva
  2018-03-11 22:04 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 5+ messages in thread
From: Gustavo A. R. Silva @ 2018-03-06 18:47 UTC (permalink / raw)
  To: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal, David S. Miller
  Cc: netfilter-devel, coreteam, netdev, linux-kernel, Gustavo A. R. Silva

In preparation to enabling -Wvla, remove VLA and replace it
with dynamic memory allocation.

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
 net/netfilter/nfnetlink_cttimeout.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
index 95b0470..a2f7d92 100644
--- a/net/netfilter/nfnetlink_cttimeout.c
+++ b/net/netfilter/nfnetlink_cttimeout.c
@@ -52,18 +52,26 @@ ctnl_timeout_parse_policy(void *timeouts,
 			  struct net *net, const struct nlattr *attr)
 {
 	int ret = 0;
+	struct nlattr **tb = NULL;
 
 	if (likely(l4proto->ctnl_timeout.nlattr_to_obj)) {
-		struct nlattr *tb[l4proto->ctnl_timeout.nlattr_max+1];
+		tb = kcalloc(l4proto->ctnl_timeout.nlattr_max + 1, sizeof(*tb),
+			     GFP_KERNEL);
+
+		if (!tb)
+			return -ENOMEM;
 
 		ret = nla_parse_nested(tb, l4proto->ctnl_timeout.nlattr_max,
 				       attr, l4proto->ctnl_timeout.nla_policy,
 				       NULL);
 		if (ret < 0)
-			return ret;
+			goto err;
 
 		ret = l4proto->ctnl_timeout.nlattr_to_obj(tb, net, timeouts);
 	}
+
+err:
+	kfree(tb);
 	return ret;
 }
 
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy
  2018-03-06 18:47 [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy Gustavo A. R. Silva
@ 2018-03-11 22:04 ` Pablo Neira Ayuso
  2018-03-11 22:12   ` Gustavo A. R. Silva
  0 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2018-03-11 22:04 UTC (permalink / raw)
  To: Gustavo A. R. Silva
  Cc: Jozsef Kadlecsik, Florian Westphal, David S. Miller,
	netfilter-devel, coreteam, netdev, linux-kernel,
	Gustavo A. R. Silva

On Tue, Mar 06, 2018 at 12:47:55PM -0600, Gustavo A. R. Silva wrote:
> In preparation to enabling -Wvla, remove VLA and replace it
> with dynamic memory allocation.

Looks good but...

> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
> ---
>  net/netfilter/nfnetlink_cttimeout.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
> index 95b0470..a2f7d92 100644
> --- a/net/netfilter/nfnetlink_cttimeout.c
> +++ b/net/netfilter/nfnetlink_cttimeout.c
> @@ -52,18 +52,26 @@ ctnl_timeout_parse_policy(void *timeouts,
>  			  struct net *net, const struct nlattr *attr)
>  {
>  	int ret = 0;
> +	struct nlattr **tb = NULL;

I think we don't need to initialize this, right?

>  
>  	if (likely(l4proto->ctnl_timeout.nlattr_to_obj)) {
> -		struct nlattr *tb[l4proto->ctnl_timeout.nlattr_max+1];
> +		tb = kcalloc(l4proto->ctnl_timeout.nlattr_max + 1, sizeof(*tb),
> +			     GFP_KERNEL);
> +
> +		if (!tb)
> +			return -ENOMEM;
>  
>  		ret = nla_parse_nested(tb, l4proto->ctnl_timeout.nlattr_max,
>  				       attr, l4proto->ctnl_timeout.nla_policy,
>  				       NULL);
>  		if (ret < 0)
> -			return ret;
> +			goto err;
>  
>  		ret = l4proto->ctnl_timeout.nlattr_to_obj(tb, net, timeouts);
>  	}
> +
> +err:
> +	kfree(tb);
>  	return ret;
>  }
>  
> -- 
> 2.7.4
> 

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy
  2018-03-11 22:04 ` Pablo Neira Ayuso
@ 2018-03-11 22:12   ` Gustavo A. R. Silva
  2018-03-11 22:21     ` Pablo Neira Ayuso
  0 siblings, 1 reply; 5+ messages in thread
From: Gustavo A. R. Silva @ 2018-03-11 22:12 UTC (permalink / raw)
  To: Pablo Neira Ayuso
  Cc: Jozsef Kadlecsik, Florian Westphal, David S. Miller,
	netfilter-devel, coreteam, netdev, linux-kernel,
	Gustavo A. R. Silva

Hi Pablo,

On 03/11/2018 05:04 PM, Pablo Neira Ayuso wrote:
> On Tue, Mar 06, 2018 at 12:47:55PM -0600, Gustavo A. R. Silva wrote:
>> In preparation to enabling -Wvla, remove VLA and replace it
>> with dynamic memory allocation.
> 
> Looks good but...
> 
>> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
>> ---
>>   net/netfilter/nfnetlink_cttimeout.c | 12 ++++++++++--
>>   1 file changed, 10 insertions(+), 2 deletions(-)
>>
>> diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
>> index 95b0470..a2f7d92 100644
>> --- a/net/netfilter/nfnetlink_cttimeout.c
>> +++ b/net/netfilter/nfnetlink_cttimeout.c
>> @@ -52,18 +52,26 @@ ctnl_timeout_parse_policy(void *timeouts,
>>   			  struct net *net, const struct nlattr *attr)
>>   {
>>   	int ret = 0;
>> +	struct nlattr **tb = NULL;
> 
> I think we don't need to initialize this, right?
> 

We actually do have to initialized it because in the unlikely case that 
the code block inside the 'if' below is not executed, then we will end 
up freeing an uninitialized pointer.

Thanks
--
Gustavo

>>   
>>   	if (likely(l4proto->ctnl_timeout.nlattr_to_obj)) {
>> -		struct nlattr *tb[l4proto->ctnl_timeout.nlattr_max+1];
>> +		tb = kcalloc(l4proto->ctnl_timeout.nlattr_max + 1, sizeof(*tb),
>> +			     GFP_KERNEL);
>> +
>> +		if (!tb)
>> +			return -ENOMEM;
>>   
>>   		ret = nla_parse_nested(tb, l4proto->ctnl_timeout.nlattr_max,
>>   				       attr, l4proto->ctnl_timeout.nla_policy,
>>   				       NULL);
>>   		if (ret < 0)
>> -			return ret;
>> +			goto err;
>>   
>>   		ret = l4proto->ctnl_timeout.nlattr_to_obj(tb, net, timeouts);
>>   	}
>> +
>> +err:
>> +	kfree(tb);
>>   	return ret;
>>   }
>>   
>> -- 
>> 2.7.4
>>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy
  2018-03-11 22:12   ` Gustavo A. R. Silva
@ 2018-03-11 22:21     ` Pablo Neira Ayuso
  2018-03-11 22:45       ` Gustavo A. R. Silva
  0 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2018-03-11 22:21 UTC (permalink / raw)
  To: Gustavo A. R. Silva
  Cc: Jozsef Kadlecsik, Florian Westphal, David S. Miller,
	netfilter-devel, coreteam, netdev, linux-kernel,
	Gustavo A. R. Silva

On Sun, Mar 11, 2018 at 05:12:09PM -0500, Gustavo A. R. Silva wrote:
> Hi Pablo,
> 
> On 03/11/2018 05:04 PM, Pablo Neira Ayuso wrote:
> > On Tue, Mar 06, 2018 at 12:47:55PM -0600, Gustavo A. R. Silva wrote:
> > > In preparation to enabling -Wvla, remove VLA and replace it
> > > with dynamic memory allocation.
> > 
> > Looks good but...
> > 
> > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
> > > ---
> > >   net/netfilter/nfnetlink_cttimeout.c | 12 ++++++++++--
> > >   1 file changed, 10 insertions(+), 2 deletions(-)
> > > 
> > > diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
> > > index 95b0470..a2f7d92 100644
> > > --- a/net/netfilter/nfnetlink_cttimeout.c
> > > +++ b/net/netfilter/nfnetlink_cttimeout.c
> > > @@ -52,18 +52,26 @@ ctnl_timeout_parse_policy(void *timeouts,
> > >   			  struct net *net, const struct nlattr *attr)
> > >   {
> > >   	int ret = 0;
> > > +	struct nlattr **tb = NULL;
> > 
> > I think we don't need to initialize this, right?
> > 
> 
> We actually do have to initialized it because in the unlikely case that the
> code block inside the 'if' below is not executed, then we will end up
> freeing an uninitialized pointer.

I see, you're right indeed.

We can probably simplify this code, but just doing:

        if (!l4proto->ctnl_timeout.nlattr_to_obj))
                return 0;

        netlink attribute parsing here.

You could even remove the likely() thing, which doesn't make much
sense for control plane code.

I understand this is a larger change, but I think this function will
look better while we're removing VLA.

Would you mind having a look? I'd appreciate if so.

Thanks.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy
  2018-03-11 22:21     ` Pablo Neira Ayuso
@ 2018-03-11 22:45       ` Gustavo A. R. Silva
  0 siblings, 0 replies; 5+ messages in thread
From: Gustavo A. R. Silva @ 2018-03-11 22:45 UTC (permalink / raw)
  To: Pablo Neira Ayuso
  Cc: Jozsef Kadlecsik, Florian Westphal, David S. Miller,
	netfilter-devel, coreteam, netdev, linux-kernel,
	Gustavo A. R. Silva



On 03/11/2018 05:21 PM, Pablo Neira Ayuso wrote:
> On Sun, Mar 11, 2018 at 05:12:09PM -0500, Gustavo A. R. Silva wrote:
>> Hi Pablo,
>>
>> On 03/11/2018 05:04 PM, Pablo Neira Ayuso wrote:
>>> On Tue, Mar 06, 2018 at 12:47:55PM -0600, Gustavo A. R. Silva wrote:
>>>> In preparation to enabling -Wvla, remove VLA and replace it
>>>> with dynamic memory allocation.
>>>
>>> Looks good but...
>>>
>>>> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
>>>> ---
>>>>    net/netfilter/nfnetlink_cttimeout.c | 12 ++++++++++--
>>>>    1 file changed, 10 insertions(+), 2 deletions(-)
>>>>
>>>> diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
>>>> index 95b0470..a2f7d92 100644
>>>> --- a/net/netfilter/nfnetlink_cttimeout.c
>>>> +++ b/net/netfilter/nfnetlink_cttimeout.c
>>>> @@ -52,18 +52,26 @@ ctnl_timeout_parse_policy(void *timeouts,
>>>>    			  struct net *net, const struct nlattr *attr)
>>>>    {
>>>>    	int ret = 0;
>>>> +	struct nlattr **tb = NULL;
>>>
>>> I think we don't need to initialize this, right?
>>>
>>
>> We actually do have to initialized it because in the unlikely case that the
>> code block inside the 'if' below is not executed, then we will end up
>> freeing an uninitialized pointer.
> 
> I see, you're right indeed.
> 
> We can probably simplify this code, but just doing:
> 
>          if (!l4proto->ctnl_timeout.nlattr_to_obj))
>                  return 0;
> 

I wonder if it is better to code this instead:

if (unlikely(!l4proto->ctnl_timeout.nlattr_to_obj)))
	return 0;


>          netlink attribute parsing here.
> 
> You could even remove the likely() thing, which doesn't make much
> sense for control plane code.
> 

Why is that?

> I understand this is a larger change, but I think this function will
> look better while we're removing VLA.
> 
> Would you mind having a look? I'd appreciate if so.
> 

I can do that. No problem.

Thanks
--
Gustavo

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2018-03-11 22:45 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-06 18:47 [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy Gustavo A. R. Silva
2018-03-11 22:04 ` Pablo Neira Ayuso
2018-03-11 22:12   ` Gustavo A. R. Silva
2018-03-11 22:21     ` Pablo Neira Ayuso
2018-03-11 22:45       ` Gustavo A. R. Silva

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).