| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Dec 2017 13:45:09 -0800
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: Phil Sutter <phil@....cc>
Cc: netdev@...r.kernel.org, davem@...emloft.net, daniel@...earbox.net,
alexei.starovoitov@...il.com, jiri@...nulli.us,
oss-drivers@...ronome.com, Sabrina Dubroca <sd@...asysnail.net>
Subject: Re: [PATCH net-next v2 7/8] netdevsim: add SR-IOV functionality
On Fri, 1 Dec 2017 22:36:52 +0100, Phil Sutter wrote:
> On Fri, Dec 01, 2017 at 12:14:07PM -0800, Jakub Kicinski wrote:
> > On Fri, 1 Dec 2017 14:43:06 +0100, Phil Sutter wrote:
> > > On Thu, Nov 30, 2017 at 05:35:39PM -0800, Jakub Kicinski wrote:
> > > [...]
> > > > +static int nsim_vfs_enable(struct netdevsim *ns, unsigned int num_vfs)
> > > > +{
> > > > + ns->vfconfigs = kcalloc(num_vfs, sizeof(struct nsim_vf_config),
> > > > + GFP_KERNEL);
> > > > + if (!ns->vfconfigs)
> > > > + return -ENOMEM;
> > > > + ns->num_vfs = num_vfs;
> > > > +
> > > > + return 0;
> > > > +}
> > > > +
> > > > +static void nsim_vfs_disable(struct netdevsim *ns)
> > > > +{
> > > > + kfree(ns->vfconfigs);
> > > > + ns->vfconfigs = NULL;
> > > > + ns->num_vfs = 0;
> > > > +}
> > >
> > > Why not something like:
> > >
> > > | static int nsim_vfs_set(struct netdevsim *ns, unsigned int num_vfs)
> > > | {
> > > | void *ptr = krealloc(ns->vfconfigs,
> > > | num_vfs * sizeof(struct nsim_vf_config),
> > > | GFP_KERNEL);
> > > |
> > > | if (!ptr)
> > > | return -ENOMEM;
> > > |
> > > | ns->vfconfigs = ptr;
> > > | ns->num_vfs = num_vfs;
> > > | return 0;
> > > | }
> >
> > Um. It either frees or allocates, never reallocates so I felt realloc
> > is misleading. ZERO_SIZE_PTR is less clearly a NULL than a NULL. I
> > will have to specify __GFP_ZERO. It's not a calloc so there could be
> > potentially some overflows?
>
> I don't understand: How can overflows happen if I use malloc() instead
> of calloc()?
The multiplication may overflow. That's why we have kmalloc_array().
Note this explicit check in kmalloc_array() (which is also called by
kcalloc):
if (size != 0 && n > SIZE_MAX / size)
return NULL;
Where:
#define SIZE_MAX (~(size_t)0)
> > > > + ret = count;
> > > > +exit_unlock:
> > > > + rtnl_unlock();
> > > > +
> > > > + return ret;
> > > > +}
> > >
> > > [...]
> > >
> > > > +static void nsim_free(struct net_device *dev)
> > > > +{
> > > > + struct netdevsim *ns = netdev_priv(dev);
> > > > +
> > > > + device_unregister(&ns->dev);
> > > > }
> > >
> > > Shouldn't this also kfree(ns->vfconfigs)?
> >
> > It's in uninit, I will move it to release.
>
> Oh, I missed that. If you're certain this won't lead to memleaks, no
> objection from my side. :)
OK, I will respin v3 with the free moved :)
Powered by blists - more mailing lists