| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aZbCT3-q3O4M5osr@stanley.mountain>
Date: Thu, 19 Feb 2026 10:57:03 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Kees Cook <kees@...nel.org>
Cc: Vlastimil Babka <vbabka@...e.cz>, Christoph Lameter <cl@...ux.com>,
Pekka Enberg <penberg@...nel.org>,
David Rientjes <rientjes@...gle.com>,
Joonsoo Kim <iamjoonsoo.kim@....com>,
Andrew Morton <akpm@...ux-foundation.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Hyeonggon Yoo <42.hyeyoo@...il.com>,
"Gustavo A . R . Silva" <gustavoars@...nel.org>,
Bill Wendling <morbo@...gle.com>,
Justin Stitt <justinstitt@...gle.com>, Jann Horn <jannh@...gle.com>,
Przemek Kitszel <przemyslaw.kitszel@...el.com>,
Marco Elver <elver@...gle.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Sasha Levin <sashal@...nel.org>, linux-mm@...ck.org,
Randy Dunlap <rdunlap@...radead.org>,
Miguel Ojeda <ojeda@...nel.org>,
Matthew Wilcox <willy@...radead.org>,
John Hubbard <jhubbard@...dia.com>, Joe Perches <joe@...ches.com>,
Vegard Nossum <vegard.nossum@...cle.com>,
Harry Yoo <harry.yoo@...cle.com>,
Nathan Chancellor <nathan@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Nick Desaulniers <nick.desaulniers+lkml@...il.com>,
Jonathan Corbet <corbet@....net>, Jakub Kicinski <kuba@...nel.org>,
Yafang Shao <laoar.shao@...il.com>,
Tony Ambardar <tony.ambardar@...il.com>,
Alexander Lobakin <aleksander.lobakin@...el.com>,
Jan Hendrik Farr <kernel@...rr.cc>,
Alexander Potapenko <glider@...gle.com>,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org,
linux-doc@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH v6 1/5] slab: Introduce kmalloc_obj() and family
On Fri, Jan 09, 2026 at 09:31:03AM -0800, Kees Cook wrote:
> On Thu, Jan 08, 2026 at 03:01:00PM +0100, Vlastimil Babka wrote:
> > On 12/4/25 00:30, Kees Cook wrote:
> > > [...]
> > > +/**
> > > + * __alloc_objs - Allocate objects of a given type using
> > > + * @KMALLOC: which size-based kmalloc wrapper to allocate with.
> > > + * @GFP: GFP flags for the allocation.
> > > + * @TYPE: type to allocate space for.
> > > + * @COUNT: how many @TYPE objects to allocate.
> > > + *
> > > + * Returns: Newly allocated pointer to (first) @TYPE of @COUNT-many
> > > + * allocated @TYPE objects, or NULL on failure.
> > > + */
> > > +#define __alloc_objs(KMALLOC, GFP, TYPE, COUNT) \
> > > +({ \
> > > + const size_t __obj_size = size_mul(sizeof(TYPE), COUNT); \
> >
> > I assume with the hardcoded 1 for COUNT, this size_mul() will be eliminated
> > by the compiler and not add unnecessary runtime overhead? Otherwise we
> > should have two core #define variants.
>
> You're correct: the compiler completely collapses it with 0 runtime
> overhead; a variant is not needed.
>
> > I also noted that the existing kmalloc_array() and kvmalloc_array() do
> > check_mul_overflow() and return NULL silently on overflow. This AFAIU will
> > make SIZE_MAX passed to the underlying kmalloc/kvmalloc and thus will cause
> > a warning. That's IMHO a good thing.
>
> Right -- I prefer seeing the SIZE_MAX yelling from the allocator. Should
> we change how k*malloc_array() behaves?
Huh, yeah, it's weird to not get a stack trace if kmalloc() fails. On
the other hand, if we're allocating SIZE_MAX, that is probably a user
controlled size. Since we don't want people spamming dmesg, it should
probably be WARN_ONCE().
regards,
dan carpenter
Powered by blists - more mailing lists