lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 20 Dec 2021 08:20:02 -0800
From:   Yonghong Song <yhs@...com>
To:     Xiu Jianfeng <xiujianfeng@...wei.com>, <ast@...nel.org>,
        <daniel@...earbox.net>, <andrii@...nel.org>, <kafai@...com>,
        <songliubraving@...com>, <john.fastabend@...il.com>,
        <kpsingh@...nel.org>
CC:     <netdev@...r.kernel.org>, <bpf@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH bpf-next] bpf: Use struct_size() helper



On 12/20/21 3:30 AM, Xiu Jianfeng wrote:
> In an effort to avoid open-coded arithmetic in the kernel, use the
> struct_size() helper instead of open-coded calculation.
> 
> Link: https://github.com/KSPP/linux/issues/160
> Signed-off-by: Xiu Jianfeng <xiujianfeng@...wei.com>

Ack with a minor comments below.

Acked-by: Yonghong Song <yhs@...com>

> ---
>   kernel/bpf/local_storage.c   | 3 +--
>   kernel/bpf/reuseport_array.c | 6 +-----
>   2 files changed, 2 insertions(+), 7 deletions(-)
> 
> diff --git a/kernel/bpf/local_storage.c b/kernel/bpf/local_storage.c
> index 035e9e3a7132..23f7f9d08a62 100644
> --- a/kernel/bpf/local_storage.c
> +++ b/kernel/bpf/local_storage.c
> @@ -163,8 +163,7 @@ static int cgroup_storage_update_elem(struct bpf_map *map, void *key,
>   		return 0;
>   	}
>   
> -	new = bpf_map_kmalloc_node(map, sizeof(struct bpf_storage_buffer) +
> -				   map->value_size,
> +	new = bpf_map_kmalloc_node(map, struct_size(new, data, map->value_size),
>   				   __GFP_ZERO | GFP_ATOMIC | __GFP_NOWARN,
>   				   map->numa_node);
>   	if (!new)
> diff --git a/kernel/bpf/reuseport_array.c b/kernel/bpf/reuseport_array.c
> index 93a55391791a..556a769b5b80 100644
> --- a/kernel/bpf/reuseport_array.c
> +++ b/kernel/bpf/reuseport_array.c
> @@ -152,16 +152,12 @@ static struct bpf_map *reuseport_array_alloc(union bpf_attr *attr)
>   {
>   	int numa_node = bpf_map_attr_numa_node(attr);
>   	struct reuseport_array *array;
> -	u64 array_size;
>   
>   	if (!bpf_capable())
>   		return ERR_PTR(-EPERM);
>   
> -	array_size = sizeof(*array);
> -	array_size += (u64)attr->max_entries * sizeof(struct sock *);

We have u64 type conversion here while struct_size used type 'size_t'. 
So we won't have problems for 64bit system. But for 32bit system, we may
have a slight different behavior here as the current code can return a
u64 value and the struct_size(...) returns a size_t type value with max 
value SIZE_MAX.

In __bpf_map_area_alloc() we have a check:
         if (size >= SIZE_MAX)
                 return NULL;
so we should be fine for 32bit system.

> -
>   	/* allocate all map elements and zero-initialize them */
> -	array = bpf_map_area_alloc(array_size, numa_node);
> +	array = bpf_map_area_alloc(struct_size(array, ptrs, attr->max_entries), numa_node);
>   	if (!array)
>   		return ERR_PTR(-ENOMEM);
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ