| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAF6CsJzAzieEumnunohi9VrBZ8D+1rqG0wLO9EW2vLKUZS4keg@mail.gmail.com> Date: Thu, 15 Jan 2026 16:51:35 +0530 From: Anubhav Kokane <dev.anubhavk@...il.com> To: Andy Shevchenko <andy.shevchenko@...il.com> Cc: Andy Shevchenko <andriy.shevchenko@...el.com>, hansg@...nel.org, mchehab@...nel.org, andy@...nel.org, sakari.ailus@...ux.intel.com, gregkh@...uxfoundation.org, linux-media@...r.kernel.org, linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org Subject: Re: [PATCH] staging: media: atomisp: refactor sizeof(struct type) to sizeof(*ptr) Hello Andy, I appreciate you taking time to explain to me the refactor using kcalloc. After reviewing the requirements of the task, I realized that this is beyond my current understanding of the kernel. As this is my first contribution, I would prefer to build up more foundational knowledge before tackling a refactor of this scope. I am stepping back from this patch for now and working on simpler contributions while I learn more about kernel development. If this issue is still open after I have gained more experience, I would be interested in revisiting it. Thank you for your time and the learning opportunity. Best regards, Anubhav On Tue, Jan 13, 2026 at 9:38 PM Anubhav Kokane <dev.anubhavk@...il.com> wrote: > > On Tue, Jan 13, 2026 at 4:16 PM Andy Shevchenko > <andy.shevchenko@...il.com> wrote: > > > I looked into implementing kcalloc() as suggested. But the issue is struct > > > atomisp_s3a_buf (and the other buffers) are defined as list nodes with > > > struct list_head list embedded in them. > > > > Yes, and how does it affect the allocation? > > > > > The driver relies on adding these > > > individually to asd->s3a_stats and freeing them individually using kfree() > > > in multiple cleanup paths (including error path here). > > > > Is it the issue? Instead of incrementing by a pointer size, you will > > increment an address by a structure size, this is how + operator works > > in C from the beginning (or close enough to that time). > > > > > Switching to kcalloc() would mean the s3a_buf is no longer a standalone > > > object but a slice of an array. This would lead to invalid or double frees > > > if the existing code tries kfree() on this array element. > > > > How? As I showed above you need to carefully move and replace > > individual handling by a common one. So, instead of allocation per > > item it will be an allocation per bucket. > > > > > Addressing this requires a larger refactor of the buffer management logic > > > across the driver, > > > > Exactly! And that's what I think is the best way moving forward. You > > will kill two birds with one stone: fixing the issue at hand and > > improving the memory allocations in the driver in this area a lot. > > > > > would you prefer I stick to the sizeof(*ptr) hardening for > > > now to fix the checkpatch warning? > > > > See above. As now I think this is unneeded churn as the idea would > > still be the same — moving towards kcalloc(). > > Hi Andy, > > Thanks for the explanation regarding the pointer arithmetic and bucket > allocation. > > I understand the approach now, will work on refactoring the allocation > to use kcalloc() and updating the cleanup paths to handle the array > correctly. > > I'll send a v2 once I have verified the changes, though it might take me > a little time to ensure the cleanup logic is robust. > > Regards, > Anubhav
Powered by blists - more mailing lists