Received: by 10.213.65.68 with SMTP id h4csp102425imn; Mon, 12 Mar 2018 08:02:30 -0700 (PDT) X-Google-Smtp-Source: AG47ELtQHhjEb3KLB/m+SQqXBTmmBAsenXnuqo/h1aDwi0doJ5t4roJSAcLUkoQeUZmcX0TmPhf0 X-Received: by 10.101.96.73 with SMTP id b9mr6916880pgv.339.1520866950271; Mon, 12 Mar 2018 08:02:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520866950; cv=none; d=google.com; s=arc-20160816; b=hqI1x1VlceP4d+YahAS3ZyFbFlH2LjnOsVZ3YE3yi4L3Dkn5frueJM72LBYYpEFHpv cmuAgawJEJ9e1E3/36Ti4gYYT6tAxRMam54+6pieIySGS/kDaNkX+xPxqktChfWnitnF WU6T+p5iXVC9UsEurAxVIBXlBFFglfLgoPAbJFALnrwt1WhhvscYxRkYIFW8cIwE+DS2 4HNib/ZwuGIg0uA8mJIPUxeyAIHcJePWL1jPbzEu7MQmwSjgRFXQASNjmkAspoXMDuTY XdgtT5ATxm0oJthXHJL2PTXDso8qkkvTCxeT1qQA/+gjIydOiwMW5/ufPBPt68+WFKPa BJNQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=CpnJHZZTxWFHr1nmpSstlHqa72G3hT2YWnf+HkdIzOg=; b=NmfkN+CYiHUwglkvbvuLaei3//I7ThDFyvyAf3DNg7ZihMddXHfDb1tczkDyXpEwj4 Ksn+eJ5268zb8+ATGGLHOpsg91E4GkWhax3JW5wIf2ovVJJs9umjYVLwXwX9FBHdCinl tvIGs/6VFN9JxP1Cu/rIG+eXLRiMP+Tumfpcj1l3W+Sa33gpa/ZUp3TIRlPig24ehaWE LjN/4j82LPYMlJ92DeRr8bVM1d8dpp2K0hUWAATrn6NndGHg4Gub6AzJFLJdGp3t4ytO LfnKxy7WLiUBjg4/XFDOXc5GJC7DFKHrr7ylnI133pCRTpSllw5whrK4bRXOKzx42cYj 1H9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=PFYC2W/Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l3-v6si6170791plt.146.2018.03.12.08.02.04; Mon, 12 Mar 2018 08:02:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=PFYC2W/Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751431AbeCLPAn (ORCPT + 99 others); Mon, 12 Mar 2018 11:00:43 -0400 Received: from mail-lf0-f50.google.com ([209.85.215.50]:44355 "EHLO mail-lf0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751238AbeCLPAl (ORCPT ); Mon, 12 Mar 2018 11:00:41 -0400 Received: by mail-lf0-f50.google.com with SMTP id v9-v6so23699396lfa.11 for ; Mon, 12 Mar 2018 08:00:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rasmusvillemoes.dk; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=CpnJHZZTxWFHr1nmpSstlHqa72G3hT2YWnf+HkdIzOg=; b=PFYC2W/Yf1DNVYZMJmN4z//Vgn2MOITynH1LzArJgLBH0vDmoy6lLahLo4pyDC+hoS rZYq1lU2tOvyDpI/ml2swIzCyW8Lj3xMDsO6yZsqC0s87ZVRgsi1kMzTFtS2n2QG00JD 37J3t0ZgW7cIP6DydD6U8Pj+e3Apa3XSNZ1sk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=CpnJHZZTxWFHr1nmpSstlHqa72G3hT2YWnf+HkdIzOg=; b=MyBn/oz5/Zlof9IRm3wN3rXKVkhK4t6iFD/lUHLgs5Vj7mT0GZDw8JlVXKINgL9Cc+ rG0uBd0UZ+ZrCZl6oEkomU9jmBZI57f4F7KBxwGBfKCux8XXjljc2crhPZ3eBvJBXs2Y ISzDA2VKBLl9lZDSJZl/QktRWzPhTSvjUG+E488KT18qxV4kqApr61xA+o8rJTrpfW2t ByI1Z9sSL8lBJajEyHtx18lDh36evczPlCVOj/bQdxwxXUlhlQD9hMpIB6S1JRZC8sZt PiXzRtHb4QaIBRkEO3JKo0n/sup1KDdShUk86UoczS6Q2YuAI+vZkLhpGvPZQQb4vHXM 0eGw== X-Gm-Message-State: AElRT7EoKjdIyltDHdKWOg4oejBFOHqgLKwIJhEvYbI08pOUBUcpJV0y K9TTMXcnfMYk3KFFD2fCEv0mQg== X-Received: by 10.46.2.202 with SMTP id y71mr5183084lje.39.1520866839673; Mon, 12 Mar 2018 08:00:39 -0700 (PDT) Received: from [172.16.11.22] ([81.216.59.226]) by smtp.gmail.com with ESMTPSA id 26sm1807372ljt.86.2018.03.12.08.00.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Mar 2018 08:00:38 -0700 (PDT) Subject: Re: [PATCH 1/4] gpio: Remove VLA from gpiolib To: Laura Abbott , Linus Walleij , Kees Cook Cc: linux-gpio@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Lukas Wunner , Mathias Duckeck , Nandor Han , Semi Malinen , Patrice Chotard References: <20180310001021.6437-1-labbott@redhat.com> <20180310001021.6437-2-labbott@redhat.com> From: Rasmus Villemoes Message-ID: Date: Mon, 12 Mar 2018 16:00:36 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <20180310001021.6437-2-labbott@redhat.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2018-03-10 01:10, Laura Abbott wrote: > /* collect all inputs belonging to the same chip */ > first = i; > - memset(mask, 0, sizeof(mask)); > + memset(mask, 0, sizeof(*mask)); see below > @@ -2887,14 +2909,30 @@ void gpiod_set_array_value_complex(bool raw, bool can_sleep, > > while (i < array_size) { > struct gpio_chip *chip = desc_array[i]->gdev->chip; > - unsigned long mask[BITS_TO_LONGS(chip->ngpio)]; > - unsigned long bits[BITS_TO_LONGS(chip->ngpio)]; > + unsigned long *mask; > + unsigned long *bits; > int count = 0; > > + mask = kmalloc_array(BITS_TO_LONGS(chip->ngpio), > + sizeof(*mask), > + can_sleep ? GFP_KERNEL : GFP_ATOMIC); > + > + if (!mask) > + return; > + > + bits = kmalloc_array(BITS_TO_LONGS(chip->ngpio), > + sizeof(*bits), > + can_sleep ? GFP_KERNEL : GFP_ATOMIC); > + > + if (!bits) { > + kfree(mask); > + return; > + } > + > if (!can_sleep) > WARN_ON(chip->can_sleep); > > - memset(mask, 0, sizeof(mask)); > + memset(mask, 0, sizeof(*mask)); Hm, it seems you're now only clearing the first word of mask, not the entire allocation. Why not just use kcalloc() instead of kmalloc_array to have it automatically cleared? Other random thoughts: maybe two allocations for each loop iteration is a bit much. Maybe do a first pass over the array and collect the maximal chip->ngpio, do the memory allocation and freeing outside the loop (then you'd of course need to preserve the memset() with appropriate length computed). And maybe even just do one allocation, making bits point at the second half. Does the set function need to be updated to return an int to be able to inform the caller that memory allocation failed? Rasmus