Re: [PATCH RFC v2] slab: introduce kmalloc_array
From: Dan Carpenter
Date: Mon Feb 13 2012 - 14:43:12 EST
On Mon, Feb 13, 2012 at 10:01:42AM -0600, Christoph Lameter wrote:
> Well I think the best is just not do any of this. One can already do
> k[zm]alloc(x * sizeof(struct whatever)). Do x*x for 2 dimensions etc etc.
> No need to change the API.
>
The point was that there are a bunch of places where we have had
integer overflows caused by doing kmalloc(x * sizeof(struct whatever)).
For kzalloc(x * sizeof(struct whatever)), you just write it like
kcalloc(x, sizeof(struct whatever)) and avoid the overflow, but we
don't have a non-zeroing version of kcalloc() to do that.
Probably once we have the kmalloc_array() and people start using it,
we get a bunch of overflow checking automatically and it's a kernel
hardenning thing. As well we could remove the duplicative checking
so it's a cleanup.
> If you add these variants then please think
> about the necessity to add other variants (like the kmalloc_node() NUMA
> call) etc in the future.
>
We don't have a kcalloc_node(), so I don't think this is likely to
be a big issue.
regards,
dan carpenter
Attachment:
signature.asc
Description: Digital signature