lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAF=yD-+8Q19sO4XC0dNSiYWSCj03rS9tfV+mVjvZOBnnwpnS5g@mail.gmail.com>
Date:   Mon, 25 Sep 2023 22:50:24 +0200
From:   Willem de Bruijn <willemdebruijn.kernel@...il.com>
To:     Christophe JAILLET <christophe.jaillet@...adoo.fr>
Cc:     "David S. Miller" <davem@...emloft.net>,
        David Ahern <dsahern@...nel.org>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, linux-kernel@...r.kernel.org,
        kernel-janitors@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH net-next] udp_tunnel: Use flex array to simplify code

On Mon, Sep 25, 2023 at 6:26 PM Christophe JAILLET
<christophe.jaillet@...adoo.fr> wrote:
>
> Le 24/09/2023 à 18:00, Willem de Bruijn a écrit :
> > Christophe JAILLET wrote:
> >> 'n_tables' is small, UDP_TUNNEL_NIC_MAX_TABLES       = 4 as a maximum. So there
> >> is no real point to allocate the 'entries' pointers array with a dedicate
> >> memory allocation.
> >>
> >> Using a flexible array for struct udp_tunnel_nic->entries avoids the
> >> overhead of an additional memory allocation.
> >>
> >> This also saves an indirection when the array is accessed.
> >>
> >> Finally, __counted_by() can be used for run-time bounds checking if
> >> configured and supported by the compiler.
> >>
> >> Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>

Reviewed-by: Willem de Bruijn <willemb@...gle.com>

> >> ---
> >>   net/ipv4/udp_tunnel_nic.c | 11 ++---------
> >>   1 file changed, 2 insertions(+), 9 deletions(-)
> >>
> >> diff --git a/net/ipv4/udp_tunnel_nic.c b/net/ipv4/udp_tunnel_nic.c
> >> index 029219749785..b6d2d16189c0 100644
> >> --- a/net/ipv4/udp_tunnel_nic.c
> >> +++ b/net/ipv4/udp_tunnel_nic.c
> >> @@ -47,7 +47,7 @@ struct udp_tunnel_nic {
> >>
> >>      unsigned int n_tables;
> >>      unsigned long missed;
> >> -    struct udp_tunnel_nic_table_entry **entries;
> >> +    struct udp_tunnel_nic_table_entry *entries[] __counted_by(n_tables);
> >>   };
> >>
> >>   /* We ensure all work structs are done using driver state, but not the code.
> >> @@ -725,16 +725,12 @@ udp_tunnel_nic_alloc(const struct udp_tunnel_nic_info *info,
> >>      struct udp_tunnel_nic *utn;
> >>      unsigned int i;
> >>
> >> -    utn = kzalloc(sizeof(*utn), GFP_KERNEL);
> >> +    utn = kzalloc(struct_size(utn, entries, n_tables), GFP_KERNEL);
> >>      if (!utn)
> >>              return NULL;
> >>      utn->n_tables = n_tables;
> >
> > Should utn->n_tables be initialized before first use of
> > struct_size(utn, entries, n_tables)?
> >
>
> It can't be.
> struct_size() is used to compute the memory size to allocate.
>
> Before the kzalloc() call, utn does not exist, so we can't write
> anything to utn->n_tables. It is undefined at this point.
>
> It is initialized the line just after, after the allocation, but before
> any use.

Of course, sorry. I confused __counted_by's reference to a field
member in the struct, with the normal argument passing of struct_size
and flex_array_size.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ