Received: by 2002:ab2:1689:0:b0:1f7:5705:b850 with SMTP id d9csp1048416lqa; Sun, 28 Apr 2024 16:33:30 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU+wet+19tTuViNLA0zxkeSacb8vmt8ofy2MK903/Wh2tWlCp7HHEHkfGU3VLOFnqCEaDixY3EZvvltqQfAfKsm038eW1xj4uaAXPc0Cg== X-Google-Smtp-Source: AGHT+IGPI48d4fasdgRmEFjHAnLeyMf08g9C3lE+9u1EOT4WqhlETktO1oI2ezPYAg9RyWboay+q X-Received: by 2002:a05:620a:c50:b0:790:ec9c:cc7d with SMTP id u16-20020a05620a0c5000b00790ec9ccc7dmr3533957qki.14.1714347210297; Sun, 28 Apr 2024 16:33:30 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714347210; cv=pass; d=google.com; s=arc-20160816; b=PWrN6BrAJHVCS1vXDyJyPVSDZIyVtMBXX+auAmazgqrPMmbUjNgRZMn0Sgysj9cWAQ wGh9L02YwZzGE77AXCEKLq+cixEQEMIIvEOtvWZkuYmEylY6X6QSGP2/MPLN3eNTYE+o zstTDjn0r9B0EzOqC64PTJ/z60GjhTQkUNRAmbsMy98/oHFO5xPDi2L0bfeziXWV1Dqt 3KQvjO++KMW5PVkoutgxfQhY9wx5HgrKUgVGrPKcCpcNSDRUuOwx0URgqGc3yF3x/XRV 7hy357vnW8zzSycLzJkmkQ7K4fS7fVFY2rkHcpxh1bbBxe5RisT+uWJ8EWz5wL6MRipN i+pQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=Ctrf2NTRu/52wNcPKKuuzrfv0/JstMQrnj9zQHxr5yI=; fh=PI3BH4Y0TJS3zbTdjhg77V/xZ+1gpmIOzfOfBz3DWnA=; b=dR1HWkx7ue8aE9hs208MJwuwJO2pjBY0eo/55UZD17hv95fA5qYgkQ2LELoBIpjcVE d3PNEI72xGJqbWdULo+T1EiRRT4AIaCtjU+h3VCX7eu6ZUqT8dTL8a/1qWtWo2oXu+/h IQpTfpoTVKyp3wH+grLevSWMNg8TmPnCgXY/3UMMFepU47iyeWnPbobs2KhB9bBjzOmf lT6krP6SdMupc2jPuhE1gjcptrofu0mT+Sawj/wA2Q6UeWEydTojrflp0r4sBoUyKdko CyQ8ofutOSsq2U0dBmEFujiSuEtDAVK7sOdULcrBEDllcm4LoCiSRV9uY/vxnHxmM4Gq VTRw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=VIdA54SQ; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-161629-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-161629-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id k8-20020ae9f108000000b00790a9403351si7269535qkg.171.2024.04.28.16.33.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 28 Apr 2024 16:33:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-161629-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=VIdA54SQ; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-161629-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-161629-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id EC7021C2090D for ; Sun, 28 Apr 2024 23:33:29 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 06D4A21103; Sun, 28 Apr 2024 23:33:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="VIdA54SQ" Received: from mail-io1-f45.google.com (mail-io1-f45.google.com [209.85.166.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7FD98F59; Sun, 28 Apr 2024 23:33:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.45 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714347199; cv=none; b=S9wEqZkRUgNERSo52v11FSRr9IwO8o0tbjV3r/qFlK7svYecy07fpCyuycp05t6l/FEuFqV1mTXKOrKWgBi5fmqQ+5eIVYdyJ+hRWsF6Uul9QubljJG+hO2m/UG2cO0fZ1cRrTuui669PJe686NXDQOWqOat9pLPSQUvGcRAo0g= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714347199; c=relaxed/simple; bh=xDaba65KckNGBSBw/5AkYIu31Tz1T5W9rXAMjCi+Wyc=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=gMsl+3uZYjHfot8kyAawb5qQG5pPYCZeQ43XT/NlHyr9N+3tOIuh1odvrMJo8Uj4pz7SrH+qyCYVvqR03JAqI3aZIoMjNfUjfQlnzGMqEvfaaY2grEA/2tqoOJgq8Tf6s1AJLOGi+uppbnLmJQTFZyk8lMjqa/EH/oUFLE2iP4g= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=VIdA54SQ; arc=none smtp.client-ip=209.85.166.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-io1-f45.google.com with SMTP id ca18e2360f4ac-7decd9851dfso30234239f.3; Sun, 28 Apr 2024 16:33:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1714347197; x=1714951997; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Ctrf2NTRu/52wNcPKKuuzrfv0/JstMQrnj9zQHxr5yI=; b=VIdA54SQYLagKzpI1tW5MneGbuNCZYOzdcmoosBW4Ctom37oflgfop9u3B6L7kuUq5 70lYiP3JAP/Tpaiksmw5uE56shJIkaucYJ/PK53ztJ8fiptW86gM/Sk+qEPuBMf6TiZR TmCWTb+4Qv7sV42UydImv7IhtnQR08VDEUVy42R5vyewUKcHG/LhTxgfLxN408zlL8Wu XOt08+dImLfW++QvDoT7XMYpzSbwEdQAPsf8vj/YQanSmEVBjGHi0ugGFO022HZdOIff QoU2SVBblUoLWdEe7Yt3amDLv2zOxD/KSScjogPiZD8liuc1KES7ZBPVZtqasJrXkPG7 g8pA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714347197; x=1714951997; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ctrf2NTRu/52wNcPKKuuzrfv0/JstMQrnj9zQHxr5yI=; b=urapqv+JcYnLG7ZtTAUR3OQXopp0SkiM2rK81oUE7b6dWMAMSYDXvTkjoW5C7nvGMD c8PfyqmxMPe4nzR+dzI5m37nLZim4/86K7UJS3HUgyhVG5q3nGEP7bOMZR0G2R1NrG/n DDsRiDICGtTVxNH4aEGfsLqvUiQ5WD0XYYSdGowCZva8ntA8n/1xnbq9NO352wW5R3VX 0u7nw81EXsBsYB6Ca4t8kfJI9IRF4o4r7vyIt7R1qBxOKy4L/M9lAcTNNutRNUhI3WIs APK+XhsHIrPVhqmJKUsTlAo5WdDEuySqn/qjCzB8Fsdxn2nWT6gQTbpWEaXqeqIfKPmV 7h4A== X-Forwarded-Encrypted: i=1; AJvYcCWkLT/3PzdPd94B15HiXZK0XmqAygCSPY4X/7GeS1kg3UdGt3ywqy+h1GZbndlygan2wKagUAAAwv6zyGYPr1bJLx2Ga+/mOhLWo8n78wC0TWEGU1/howCsKSwBfbnX79yDM93pJGFfrWctYhW1vCN9Xq4RjR4iUmYRGmkVZ0hfFkUzx86x6d9qMpke8VcXUTMjOp532Fb6caWaSRrYJp15YA== X-Gm-Message-State: AOJu0YyjFl1xbUEfBLmAmUCWzAc+WDfEp939ZYLI4UJ9xhzlN/jJ6rol L+MAW6AMqC63nJncBSaNq2doluJxpI01T/q3lVCqhjn/2hKCvSaKOXvdq6VuxdYwAOi66aG5Tuc k4arHz5Y2DgXfLIDgsljoTLUXdXw= X-Received: by 2002:a05:6e02:1aaf:b0:36c:4c5b:cd3 with SMTP id l15-20020a056e021aaf00b0036c4c5b0cd3mr2471381ilv.11.1714347196843; Sun, 28 Apr 2024 16:33:16 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: In-Reply-To: From: Xin Long Date: Sun, 28 Apr 2024 19:33:05 -0400 Message-ID: Subject: Re: [PATCH] sctp: prefer struct_size over open coded arithmetic To: Erick Archer Cc: Marcelo Ricardo Leitner , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Kees Cook , "Gustavo A. R. Silva" , Justin Stitt , linux-sctp@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sat, Apr 27, 2024 at 1:23=E2=80=AFPM Erick Archer wrote: > > This is an effort to get rid of all multiplications from allocation > functions in order to prevent integer overflows [1][2]. > > As the "ids" variable is a pointer to "struct sctp_assoc_ids" and this > structure ends in a flexible array: > > struct sctp_assoc_ids { > [...] > sctp_assoc_t gaids_assoc_id[]; > }; > > the preferred way in the kernel is to use the struct_size() helper to > do the arithmetic instead of the calculation "size + size * count" in > the kmalloc() function. > > Also, refactor the code adding the "ids_size" variable to avoid sizing > twice. > > This way, the code is more readable and safer. > > This code was detected with the help of Coccinelle, and audited and > modified manually. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#open= -coded-arithmetic-in-allocator-arguments [1] > Link: https://github.com/KSPP/linux/issues/160 [2] > Signed-off-by: Erick Archer > --- > Hi, > > The Coccinelle script used to detect this code pattern is the following: > > virtual report > > @rule1@ > type t1; > type t2; > identifier i0; > identifier i1; > identifier i2; > identifier ALLOC =3D~ "kmalloc|kzalloc|kmalloc_node|kzalloc_node|vmalloc|= vzalloc|kvmalloc|kvzalloc"; > position p1; > @@ > > i0 =3D sizeof(t1) + sizeof(t2) * i1; > ... > i2 =3D ALLOC@p1(..., i0, ...); > > @script:python depends on report@ > p1 << rule1.p1; > @@ > > msg =3D "WARNING: verify allocation on line %s" % (p1[0].line) > coccilib.report.print_report(p1[0],msg) > > Regards, > Erick > --- > net/sctp/socket.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/net/sctp/socket.c b/net/sctp/socket.c > index e416b6d3d270..64196b1dce1d 100644 > --- a/net/sctp/socket.c > +++ b/net/sctp/socket.c > @@ -7119,6 +7119,7 @@ static int sctp_getsockopt_assoc_ids(struct sock *s= k, int len, > struct sctp_sock *sp =3D sctp_sk(sk); > struct sctp_association *asoc; > struct sctp_assoc_ids *ids; > + size_t ids_size; > u32 num =3D 0; > > if (sctp_style(sk, TCP)) > @@ -7131,11 +7132,11 @@ static int sctp_getsockopt_assoc_ids(struct sock = *sk, int len, > num++; > } > > - if (len < sizeof(struct sctp_assoc_ids) + sizeof(sctp_assoc_t) * = num) > + ids_size =3D struct_size(ids, gaids_assoc_id, num); > + if (len < ids_size) > return -EINVAL; > > - len =3D sizeof(struct sctp_assoc_ids) + sizeof(sctp_assoc_t) * nu= m; > - > + len =3D ids_size; > ids =3D kmalloc(len, GFP_USER | __GFP_NOWARN); > if (unlikely(!ids)) > return -ENOMEM; > -- > 2.25.1 > Acked-by: Xin Long