| Message ID | 20241123200527.7830-2-raag.jadav@intel.com |
|---|---|
| State | New |
| Headers | show |
| Series | Introduce devm_kmemdup_array() helper | expand |
Hi Raag, On Sun, Nov 24, 2024 at 01:35:23AM +0530, Raag Jadav wrote: > Introduce '_array' variant of devm_kmemdup() for the users which lack > multiplication overflow check. I am not sure that this new helper is needed. Unlike allocators for brand new objects, such as kmalloc_array(), devm_kmemdup() makes a copy of already existing object, which is supposed to be a valid object and therefore will have a reasonable size. So there should be no chance for hitting this overflow unless the caller is completely confused and calls devm_kmemdup() with random arguments (in which case all bets are off). > > Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> > Signed-off-by: Raag Jadav <raag.jadav@intel.com> > --- > include/linux/device.h | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/include/linux/device.h b/include/linux/device.h > index b4bde8d22697..c31f48d0dde0 100644 > --- a/include/linux/device.h > +++ b/include/linux/device.h > @@ -358,6 +358,16 @@ char *devm_kstrdup(struct device *dev, const char *s, gfp_t gfp) __malloc; > const char *devm_kstrdup_const(struct device *dev, const char *s, gfp_t gfp); > void *devm_kmemdup(struct device *dev, const void *src, size_t len, gfp_t gfp) > __realloc_size(3); > +static inline void *devm_kmemdup_array(struct device *dev, const void *src, > + size_t n, size_t size, gfp_t flags) > +{ > + size_t bytes; > + > + if (unlikely(check_mul_overflow(n, size, &bytes))) > + return NULL; > + > + return devm_kmemdup(dev, src, bytes, flags); > +} > > unsigned long devm_get_free_pages(struct device *dev, > gfp_t gfp_mask, unsigned int order); > -- > 2.35.3 > Thanks.
diff --git a/include/linux/device.h b/include/linux/device.h index b4bde8d22697..c31f48d0dde0 100644 --- a/include/linux/device.h +++ b/include/linux/device.h @@ -358,6 +358,16 @@ char *devm_kstrdup(struct device *dev, const char *s, gfp_t gfp) __malloc; const char *devm_kstrdup_const(struct device *dev, const char *s, gfp_t gfp); void *devm_kmemdup(struct device *dev, const void *src, size_t len, gfp_t gfp) __realloc_size(3); +static inline void *devm_kmemdup_array(struct device *dev, const void *src, + size_t n, size_t size, gfp_t flags) +{ + size_t bytes; + + if (unlikely(check_mul_overflow(n, size, &bytes))) + return NULL; + + return devm_kmemdup(dev, src, bytes, flags); +} unsigned long devm_get_free_pages(struct device *dev, gfp_t gfp_mask, unsigned int order);
Introduce '_array' variant of devm_kmemdup() for the users which lack multiplication overflow check. Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Raag Jadav <raag.jadav@intel.com> --- include/linux/device.h | 10 ++++++++++ 1 file changed, 10 insertions(+)