> Well, I am not opposed to kvmalloc_array but I would argue that this
> conversion cannot introduce new overflow issues. The code would have
> to be broken already because even though kmalloc_array checks for the
> overflow but vmalloc fallback doesn't...
Yeah I agree, but if some of the places were really wrong, after the
conversion we won't see them anymore.
> If there is a general interest for this API I can add it.
I think it would be better, yes.
OK, fair enough. I will fold the following into the original patch. I
was little bit reluctant to create kvcalloc so I've made the original
callers more talkative and added | __GFP_ZERO.
To be honest I do not
really like how kcalloc...
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index cdc55d5ee4ad..eca16612b1ae 100644
@@ -712,10 +712,7 @@ EXPORT_SYMBOL(xt_check_entry_offsets);
unsigned int *xt_alloc_entry_offsets(unsigned int size)
- if (size < (SIZE_MAX / sizeof(unsigned int)))
- return kvzalloc(size * sizeof(unsigned int), GFP_KERNEL);
- return NULL;
+ return kvmalloc_array(size * sizeof(unsigned int), GFP_KERNEL | __GFP_ZERO);