[PATCH] slab: Saturate to SIZE_MAX for allocation size overflows

[Kees Cook]

Instead of silently returning NULL on size overflows from array
allocations, saturate the request to SIZE_MAX so the error will be
surfaced to the allocator (and still return NULL).

Suggested-by: Vlastimil Babka <vbabka@xxxxxxx>
Link: https://lore.kernel.org/lkml/a144cd1e-8bfc-4380-8f1b-071db0af0b2c@xxxxxxx/
Signed-off-by: Kees Cook <kees@xxxxxxxxxx>
---
Cc: Vlastimil Babka <vbabka@xxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Christoph Lameter <cl@xxxxxxxxxx>
Cc: David Rientjes <rientjes@xxxxxxxxxx>
Cc: Roman Gushchin <roman.gushchin@xxxxxxxxx>
Cc: Harry Yoo <harry.yoo@xxxxxxxxxx>
Cc: <linux-mm@xxxxxxxxx>
---
 include/linux/slab.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/linux/slab.h b/include/linux/slab.h
index a5a5e4108ae5..8453c81c75c3 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -1105,7 +1105,7 @@ static inline __alloc_size(1, 2) void *kmalloc_array_noprof(size_t n, size_t siz
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(n, size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 	return kmalloc_noprof(bytes, flags);
 }
 #define kmalloc_array(...)			alloc_hooks(kmalloc_array_noprof(__VA_ARGS__))
@@ -1135,7 +1135,7 @@ static inline __realloc_size(2, 3) void * __must_check krealloc_array_noprof(voi
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(new_n, new_size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 
 	return krealloc_noprof(p, bytes, flags);
 }
@@ -1175,7 +1175,7 @@ static inline __alloc_size(1, 2) void *kmalloc_array_node_noprof(size_t n, size_
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(n, size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 	if (__builtin_constant_p(n) && __builtin_constant_p(size))
 		return kmalloc_node_noprof(bytes, flags, node);
 	return __kmalloc_node_noprof(PASS_BUCKET_PARAMS(bytes, NULL), flags, node);
@@ -1223,7 +1223,7 @@ kvmalloc_array_node_noprof(size_t n, size_t size, gfp_t flags, int node)
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(n, size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 
 	return kvmalloc_node_align_noprof(bytes, 1, flags, node);
 }
-- 
2.34.1