| Message ID | ZN5DvRyq6JNz20l1@work (mailing list archive) |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [next] net: sched: cls_u32: Fix allocation in u32_init() | expand |
On Thu, Aug 17, 2023 at 11:57 AM Gustavo A. R. Silva <gustavoars@kernel.org> wrote: > > Replace struct_size() with sizeof(), and avoid allocating 8 too many > bytes. > > The following difference in binary output is expected and reflects the > desired change: > > | net/sched/cls_u32.o > | @@ -6148,7 +6148,7 @@ > | include/linux/slab.h:599 > | 2cf5: mov 0x0(%rip),%rdi # 2cfc <u32_init+0xfc> > | 2cf8: R_X86_64_PC32 kmalloc_caches+0xc > |- 2cfc: mov $0x98,%edx > |+ 2cfc: mov $0x90,%edx > > Fixes: d61491a51f7e ("net/sched: cls_u32: Replace one-element array with flexible-array member") > Reported-by: Alejandro Colomar <alx@kernel.org> > Closes: https://lore.kernel.org/lkml/09b4a2ce-da74-3a19-6961-67883f634d98@kernel.org/ > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> > --- > net/sched/cls_u32.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c > index da4c179a4d41..6663e971a13e 100644 > --- a/net/sched/cls_u32.c > +++ b/net/sched/cls_u32.c > @@ -366,7 +366,7 @@ static int u32_init(struct tcf_proto *tp) > idr_init(&root_ht->handle_idr); > > if (tp_c == NULL) { > - tp_c = kzalloc(struct_size(tp_c, hlist->ht, 1), GFP_KERNEL); > + tp_c = kzalloc(sizeof(*tp_c), GFP_KERNEL); > if (tp_c == NULL) { > kfree(root_ht); > return -ENOBUFS; LGTM. Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> cheers, jamal > 2.34.1 >
On Thu, 17 Aug 2023 09:58:53 -0600 Gustavo A. R. Silva wrote: > Subject: [PATCH][next] net: sched: cls_u32: Fix allocation in u32_init() > Date: Thu, 17 Aug 2023 09:58:53 -0600 > > Replace struct_size() with sizeof(), and avoid allocating 8 too many > bytes. What are you fixing? > The following difference in binary output is expected and reflects the > desired change: > > | net/sched/cls_u32.o > | @@ -6148,7 +6148,7 @@ > | include/linux/slab.h:599 > | 2cf5: mov 0x0(%rip),%rdi # 2cfc <u32_init+0xfc> > | 2cf8: R_X86_64_PC32 kmalloc_caches+0xc > |- 2cfc: mov $0x98,%edx > |+ 2cfc: mov $0x90,%edx Sure, but why are you doing this? And how do you know the change is correct? There are 2 other instances where we allocate 1 entry or +1 entry. Are they not all wrong? Also some walking code seems to walk <= divisor, divisor IIUC being the array bound - 1? Jamal acked so changes are this is right, but I'd really like to understand what's going on, and I shouldn't have to ask you all these questions :S
On Fri, Aug 18, 2023 at 10:38 PM Jakub Kicinski <kuba@kernel.org> wrote: > > On Thu, 17 Aug 2023 09:58:53 -0600 Gustavo A. R. Silva wrote: > > Subject: [PATCH][next] net: sched: cls_u32: Fix allocation in u32_init() > > Date: Thu, 17 Aug 2023 09:58:53 -0600 > > > > Replace struct_size() with sizeof(), and avoid allocating 8 too many > > bytes. > > What are you fixing? > > > The following difference in binary output is expected and reflects the > > desired change: > > > > | net/sched/cls_u32.o > > | @@ -6148,7 +6148,7 @@ > > | include/linux/slab.h:599 > > | 2cf5: mov 0x0(%rip),%rdi # 2cfc <u32_init+0xfc> > > | 2cf8: R_X86_64_PC32 kmalloc_caches+0xc > > |- 2cfc: mov $0x98,%edx > > |+ 2cfc: mov $0x90,%edx > > Sure, but why are you doing this? And how do you know the change is > correct? > > There are 2 other instances where we allocate 1 entry or +1 entry. > Are they not all wrong? > > Also some walking code seems to walk <= divisor, divisor IIUC being > the array bound - 1? > > Jamal acked so changes are this is right, but I'd really like to > understand what's going on, and I shouldn't have to ask you all > these questions :S This is a "bug fix" given that the structure had no zero array construct as was implied by d61491a51f7e . I didnt want to call it out as a bug fix (for -net) because existing code was not harmful but allocated extra memory which this patch gives back. The other instances have a legit need for "flexible array". cheers, jamal > -- > pw-bot: cr
On Mon, 21 Aug 2023 10:35:29 -0400 Jamal Hadi Salim wrote: > > Sure, but why are you doing this? And how do you know the change is > > correct? > > > > There are 2 other instances where we allocate 1 entry or +1 entry. > > Are they not all wrong? > > > > Also some walking code seems to walk <= divisor, divisor IIUC being > > the array bound - 1? > > > > Jamal acked so changes are this is right, but I'd really like to > > understand what's going on, and I shouldn't have to ask you all > > these questions :S > > This is a "bug fix" given that the structure had no zero array > construct as was implied by d61491a51f7e . I didnt want to call it out > as a bug fix (for -net) because existing code was not harmful but > allocated extra memory which this patch gives back. > The other instances have a legit need for "flexible array". Based on the link provided it seems like the Fixes comes in because someone reported compilation issues. But from the thread it seems like the problem only appears when sizeof_struct() is modified. In which case - you're right, Fixes and Reported-by tags should go.
On Mon, Aug 21, 2023 at 11:48:02AM -0700, Jakub Kicinski wrote: > On Mon, 21 Aug 2023 10:35:29 -0400 Jamal Hadi Salim wrote: > > > Sure, but why are you doing this? And how do you know the change is > > > correct? > > > > > > There are 2 other instances where we allocate 1 entry or +1 entry. > > > Are they not all wrong? > > > > > > Also some walking code seems to walk <= divisor, divisor IIUC being > > > the array bound - 1? > > > > > > Jamal acked so changes are this is right, but I'd really like to > > > understand what's going on, and I shouldn't have to ask you all > > > these questions :S > > > > This is a "bug fix" given that the structure had no zero array > > construct as was implied by d61491a51f7e . I didnt want to call it out > > as a bug fix (for -net) because existing code was not harmful but > > allocated extra memory which this patch gives back. > > The other instances have a legit need for "flexible array". > > Based on the link provided it seems like the Fixes comes in because > someone reported compilation issues. But from the thread it seems > like the problem only appears when sizeof_struct() is modified. > In which case - you're right, Fixes and Reported-by tags should go. Gustavo, can you please respin this with an updated commit log and adjusted tags for netdev to pick up?
diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c index da4c179a4d41..6663e971a13e 100644 --- a/net/sched/cls_u32.c +++ b/net/sched/cls_u32.c @@ -366,7 +366,7 @@ static int u32_init(struct tcf_proto *tp) idr_init(&root_ht->handle_idr); if (tp_c == NULL) { - tp_c = kzalloc(struct_size(tp_c, hlist->ht, 1), GFP_KERNEL); + tp_c = kzalloc(sizeof(*tp_c), GFP_KERNEL); if (tp_c == NULL) { kfree(root_ht); return -ENOBUFS;
Replace struct_size() with sizeof(), and avoid allocating 8 too many bytes. The following difference in binary output is expected and reflects the desired change: | net/sched/cls_u32.o | @@ -6148,7 +6148,7 @@ | include/linux/slab.h:599 | 2cf5: mov 0x0(%rip),%rdi # 2cfc <u32_init+0xfc> | 2cf8: R_X86_64_PC32 kmalloc_caches+0xc |- 2cfc: mov $0x98,%edx |+ 2cfc: mov $0x90,%edx Fixes: d61491a51f7e ("net/sched: cls_u32: Replace one-element array with flexible-array member") Reported-by: Alejandro Colomar <alx@kernel.org> Closes: https://lore.kernel.org/lkml/09b4a2ce-da74-3a19-6961-67883f634d98@kernel.org/ Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> --- net/sched/cls_u32.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)