diff mbox series

[v3] keys: Use struct_size and size_add helper with alloc

Message ID 20220525012617.6915-1-guozihua@huawei.com (mailing list archive)
State New, archived
Headers show
Series [v3] keys: Use struct_size and size_add helper with alloc | expand

Commit Message

Guozihua (Scott) May 25, 2022, 1:26 a.m. UTC
Use struct_size helper for calculating size of flexible struct, following
the best practice.

Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
adding 1 should be fine here.

Link: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
Signed-off-by: GUO Zihua <guozihua@huawei.com>

---

v3:
    Update commit message format according to Jarkko's feedback.
v2:
    Update the commit message, removing the part about "potential issue"
    following Jarkko's suggestion.

---
 security/keys/encrypted-keys/encrypted.c | 7 +++++--
 security/keys/user_defined.c             | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

Comments

Jarkko Sakkinen May 26, 2022, 1:06 a.m. UTC | #1
On Wed, 2022-05-25 at 09:26 +0800, GUO Zihua wrote:
> Use struct_size helper for calculating size of flexible struct, following
> the best practice.
> 
> Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
                                               ~~~~~

> adding 1 should be fine here.

Where? '1' is without a context. I don't really know how to interpret
this sentence.

> 
> Link: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
> Signed-off-by: GUO Zihua <guozihua@huawei.com>
> 
> ---
> 
> v3:
>     Update commit message format according to Jarkko's feedback.
> v2:
>     Update the commit message, removing the part about "potential issue"
>     following Jarkko's suggestion.
> 
> ---
>  security/keys/encrypted-keys/encrypted.c | 7 +++++--
>  security/keys/user_defined.c             | 2 +-
>  2 files changed, 6 insertions(+), 3 deletions(-)
> 
> diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
> index e05cfc2e49ae..37349580e855 100644
> --- a/security/keys/encrypted-keys/encrypted.c
> +++ b/security/keys/encrypted-keys/encrypted.c
> @@ -613,6 +613,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
>         long dlen;
>         int i;
>         int ret;
> +       size_t epayload_datalen = 0;
>  
>         ret = kstrtol(datalen, 10, &dlen);
>         if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
> @@ -667,8 +668,10 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
>         if (ret < 0)
>                 return ERR_PTR(ret);
>  
> -       epayload = kzalloc(sizeof(*epayload) + payload_datalen +
> -                          datablob_len + HASH_SIZE + 1, GFP_KERNEL);
> +       epayload_datalen = size_add(payload_datalen, datablob_len);
> +       epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);
> +       epayload = kzalloc(struct_size(epayload, payload_data,
> +                               epayload_datalen), GFP_KERNEL);
>         if (!epayload)
>                 return ERR_PTR(-ENOMEM);
>  
> diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
> index 749e2a4dcb13..334fed36e9f3 100644
> --- a/security/keys/user_defined.c
> +++ b/security/keys/user_defined.c
> @@ -64,7 +64,7 @@ int user_preparse(struct key_preparsed_payload *prep)
>         if (datalen <= 0 || datalen > 32767 || !prep->data)
>                 return -EINVAL;
>  
> -       upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
> +       upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
>         if (!upayload)
>                 return -ENOMEM;
>  

BR, Jarkko
Guozihua (Scott) May 26, 2022, 2:16 a.m. UTC | #2
On 2022/5/26 9:06, Jarkko Sakkinen wrote:
> On Wed, 2022-05-25 at 09:26 +0800, GUO Zihua wrote:
>> Use struct_size helper for calculating size of flexible struct, following
>> the best practice.
>>
>> Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
>                                                 ~~~~~
> 
>> adding 1 should be fine here.
> 
> Where? '1' is without a context. I don't really know how to interpret
> this sentence.

Hi Jarkko,

The original code computes the size for kzalloc with open-coded 
HASH_SIZE + 1. Although the best practice for size computation suggest 
that we should be using size_add(). I figure it's a bit redundant here 
as the purpose of size_add() is to avoid size overflow and adding 32 
with 1 will not trigger a size overflow.

Maybe I should just use size_add() anyway? Please lemme know and I'll 
update the patch or the commit message.
> 
>>
>> Link: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
>> Signed-off-by: GUO Zihua <guozihua@huawei.com>
>>
>> ---
>>
>> v3:
>>      Update commit message format according to Jarkko's feedback.
>> v2:
>>      Update the commit message, removing the part about "potential issue"
>>      following Jarkko's suggestion.
>>
>> ---
>>   security/keys/encrypted-keys/encrypted.c | 7 +++++--
>>   security/keys/user_defined.c             | 2 +-
>>   2 files changed, 6 insertions(+), 3 deletions(-)
>>
>> diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
>> index e05cfc2e49ae..37349580e855 100644
>> --- a/security/keys/encrypted-keys/encrypted.c
>> +++ b/security/keys/encrypted-keys/encrypted.c
>> @@ -613,6 +613,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
>>          long dlen;
>>          int i;
>>          int ret;
>> +       size_t epayload_datalen = 0;
>>   
>>          ret = kstrtol(datalen, 10, &dlen);
>>          if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
>> @@ -667,8 +668,10 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
>>          if (ret < 0)
>>                  return ERR_PTR(ret);
>>   
>> -       epayload = kzalloc(sizeof(*epayload) + payload_datalen +
>> -                          datablob_len + HASH_SIZE + 1, GFP_KERNEL);
>> +       epayload_datalen = size_add(payload_datalen, datablob_len);
>> +       epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);

BTW, the "here" is here.

>> +       epayload = kzalloc(struct_size(epayload, payload_data,
>> +                               epayload_datalen), GFP_KERNEL);
>>          if (!epayload)
>>                  return ERR_PTR(-ENOMEM);
>>   
>> diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
>> index 749e2a4dcb13..334fed36e9f3 100644
>> --- a/security/keys/user_defined.c
>> +++ b/security/keys/user_defined.c
>> @@ -64,7 +64,7 @@ int user_preparse(struct key_preparsed_payload *prep)
>>          if (datalen <= 0 || datalen > 32767 || !prep->data)
>>                  return -EINVAL;
>>   
>> -       upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
>> +       upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
>>          if (!upayload)
>>                  return -ENOMEM;
>>   
> 
> BR, Jarkko
diff mbox series

Patch

diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index e05cfc2e49ae..37349580e855 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -613,6 +613,7 @@  static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
 	long dlen;
 	int i;
 	int ret;
+	size_t epayload_datalen = 0;
 
 	ret = kstrtol(datalen, 10, &dlen);
 	if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
@@ -667,8 +668,10 @@  static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
 	if (ret < 0)
 		return ERR_PTR(ret);
 
-	epayload = kzalloc(sizeof(*epayload) + payload_datalen +
-			   datablob_len + HASH_SIZE + 1, GFP_KERNEL);
+	epayload_datalen = size_add(payload_datalen, datablob_len);
+	epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);
+	epayload = kzalloc(struct_size(epayload, payload_data,
+				epayload_datalen), GFP_KERNEL);
 	if (!epayload)
 		return ERR_PTR(-ENOMEM);
 
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 749e2a4dcb13..334fed36e9f3 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -64,7 +64,7 @@  int user_preparse(struct key_preparsed_payload *prep)
 	if (datalen <= 0 || datalen > 32767 || !prep->data)
 		return -EINVAL;
 
-	upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
+	upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
 	if (!upayload)
 		return -ENOMEM;