Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp201285pxj;
        Fri, 14 May 2021 01:12:42 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzX6jZiiIqNQWTMqRSSW12IC5HKJZXsJTpGpjTBy7XZiOiFJa8w1xsUPff2pkeNUdMYEskg
X-Received: by 2002:a17:906:d7ac:: with SMTP id pk12mr1573831ejb.143.1620979961758;
        Fri, 14 May 2021 01:12:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1620979961; cv=none;
        d=google.com; s=arc-20160816;
        b=kcWCgnAfxTw2dm1mcQWBXYWQKzgB7jxaDF0BPjOuQkc01Pc6JJxDXvoiUKWjyWgDoc
         cqE6BzqhP35IAUsr0sAxUyNGAqw14XCavZ/HIctjcmFdpsEuiJpBS9ykIe5H9n4bq8jj
         gXsVlN+l8n9G8rtKbmLnH630wlR8ThkDN3vGA6BlTj2/tdMgWv9rJnDTtA6eb62j+aBT
         4ssF/FhcUr4fjV8n0uS4zGDRlLsCMHfcNxk5hiGGra6IOJWoxYhQ6M0NgkVezl7ympk5
         se+sqPXioO+E+oNbWq+z88hYunbrNU+94IHdjAhzsd+xp+2lAV0IxiMiivAbpvH4zD53
         qfqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-disposition:mime-version:message-id
         :subject:cc:to:from:date:dkim-signature;
        bh=EoGKy144ncYZn+a4q9RSPsgVa8+hO20OAwpQI5EppXQ=;
        b=w/R87ZUYrNfKbQDNyaxdISTioqbRzmGGrY1/LkpDDzd5wplO1IRoE8meV6ysCPkdKD
         JdH16OkvW819ACu086YjTPqg9mVgRZYasCA/t0Z7JTVbenUcvsUja3U+DJJjuhh99qAt
         Qtfi3Q0XNTpKdnmtoLbPd408ketAuL9DXmQhO+dMRxpWtNpmkeqSk7XJPsaV+WUv3JLH
         5QOVjbkcnxU0rY3MKJHiU4oUlrfPQfIuIa06rSHzJ09iyWc2hkH1IQVIPfXWenD2u7yG
         XhQCYz+B68j9gCNsOiNsql3AOZ6z9uPxrnejYabVburS+HfrSNdCecku4STjz3JcF5Wc
         4gnQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UlNmGjy+;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id y15si5738564edd.343.2021.05.14.01.12.18;
        Fri, 14 May 2021 01:12:41 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UlNmGjy+;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230289AbhEMWtt (ORCPT <rfc822;longbowk@gmail.com> + 99 others);
        Thu, 13 May 2021 18:49:49 -0400
Received: from mail.kernel.org ([198.145.29.99]:47260 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230168AbhEMWts (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 May 2021 18:49:48 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 38FD9613CD;
        Thu, 13 May 2021 22:48:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1620946118;
        bh=zjDn79+oCEcXN7/ywRSvtSC+DVZKzNYOS/1XNPve5xk=;
        h=Date:From:To:Cc:Subject:From;
        b=UlNmGjy+Sr9KgC8Jul/5pxK7lQ0Ewhr04wTCFE0VpWtnTelzSfXWoUgoSVRCCmtf+
         FjcJtomzJWOJbRL22GadqACRdFcahUhlPtcKwiCNkkwACllCMz9xEf30u8ErqooM+q
         21Pl8jDgT1Bk2cOt9uN65TeS/rT9b3jFdRDUDDMBkLSnuXC7szI4G4/KOcnNANi4cj
         f4fPvbmR6/DvXLj1Bkl3lHknyRh3lmABpt8/Dmbzx4OUPXNB8XNkGL+hiRuWTbHTnR
         R4FTbTtGyhyfw9bw5aC8yxC+xgItBG81ASwRWWdHMDO8o0sTICpllveNuKPTaj33YU
         MSK2RiJYBFMLg==
Date:   Thu, 13 May 2021 17:49:14 -0500
From:   "Gustavo A. R. Silva" <gustavoars@kernel.org>
To:     "K. Y. Srinivasan" <kys@microsoft.com>,
        Haiyang Zhang <haiyangz@microsoft.com>,
        Stephen Hemminger <sthemmin@microsoft.com>,
        Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>
Cc:     linux-hyperv@vger.kernel.org, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org,
        "Gustavo A. R. Silva" <gustavoars@kernel.org>,
        linux-hardening@vger.kernel.org
Subject: [PATCH][next] net: mana: Use struct_size() in kzalloc()
Message-ID: <20210513224914.GA216478@embeddedor>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Make use of the struct_size() helper instead of an open-coded version,
in order to avoid any potential type mistakes or integer overflows
that, in the worst scenario, could lead to heap overflows.

This code was detected with the help of Coccinelle and, audited and
fixed manually.

Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 drivers/net/ethernet/microsoft/mana/mana_en.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/microsoft/mana/mana_en.c b/drivers/net/ethernet/microsoft/mana/mana_en.c
index 04d067243457..46aee2c49f1b 100644
--- a/drivers/net/ethernet/microsoft/mana/mana_en.c
+++ b/drivers/net/ethernet/microsoft/mana/mana_en.c
@@ -1387,8 +1387,7 @@ static struct mana_rxq *mana_create_rxq(struct mana_port_context *apc,
 
 	gc = gd->gdma_context;
 
-	rxq = kzalloc(sizeof(*rxq) +
-		      RX_BUFFERS_PER_QUEUE * sizeof(struct mana_recv_buf_oob),
+	rxq = kzalloc(struct_size(rxq, rx_oobs, RX_BUFFERS_PER_QUEUE),
 		      GFP_KERNEL);
 	if (!rxq)
 		return NULL;
-- 
2.27.0