Re: [PATCH] slab: Saturate to SIZE_MAX for allocation size overflows

Next message: Sebastian Andrzej Siewior: "Re: [PATCH bpf v1 1/2] net/bpf: fix null-ptr-deref in xdp_master_redirect() for bonding"
Previous message: Thomas Fourier: "[PATCH v2] drm/msm: Fix dma_free_attrs() buffer size"
In reply to: Kees Cook: "Re: [PATCH] slab: Saturate to SIZE_MAX for allocation size overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Vlastimil Babka (SUSE)

Date: Thu Feb 26 2026 - 05:02:57 EST

On 2/25/26 08:15, Kees Cook wrote:
> On Wed, Feb 25, 2026 at 03:59:08AM +0000, Matthew Wilcox wrote:
>> On Tue, Feb 24, 2026 at 05:40:02PM -0800, Kees Cook wrote:
>> > +++ b/include/linux/slab.h
>> > @@ -1105,7 +1105,7 @@ static inline __alloc_size(1, 2) void *kmalloc_array_noprof(size_t n, size_t siz
>> > size_t bytes;
>> >
>> > if (unlikely(check_mul_overflow(n, size, &bytes)))
>> > - return NULL;
>> > + bytes = SIZE_MAX;
>> > return kmalloc_noprof(bytes, flags);
>>
>> Wouldn't this be better written as:
>>
>> return kmalloc_noprof(size_mul(n, size), flags);
>>
>> (etc)
>
> Sure, I can convert them all that way if that's preferred?

Yeah I think it's better than effectively open-code the same thing?