Re: [PATCH] lib: cpu_rmap.c Refactor allocation size calculation in kzalloc()

Next message: Sean Christopherson: "[PATCH] KVM: guest_memfd: Define a CLASS to get+put guest_memfd file from a memslot"
Previous message: Andrew Morton: "Re: [PATCH 0/4] mm, swap: misc cleanup and bugfix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Shuah Khan

Date: Tue Oct 07 2025 - 18:23:34 EST

On 9/30/25 03:23, Mehdi Ben Hadj Khelifa wrote:

Wrap allocation size calculation in size_add() and size_mul() to avoid
any potential overflow.

How did you find this problem and how did you test this change?

Signed-off-by: Mehdi Ben Hadj Khelifa <mehdi.benhadjkhelifa@xxxxxxxxx>
---
lib/cpu_rmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/cpu_rmap.c b/lib/cpu_rmap.c
index f03d9be3f06b..18b2146a73d2 100644
--- a/lib/cpu_rmap.c
+++ b/lib/cpu_rmap.c
@@ -36,7 +36,7 @@ struct cpu_rmap *alloc_cpu_rmap(unsigned int size, gfp_t flags)
obj_offset = ALIGN(offsetof(struct cpu_rmap, near[nr_cpu_ids]),
sizeof(void *));
- rmap = kzalloc(obj_offset + size * sizeof(rmap->obj[0]), flags);
+ rmap = kzalloc(size_add(obj_offset, size_mul(size, sizeof(rmap->obj[0]))), flags);
if (!rmap)
return NULL;

thanks,
-- Shuah