Re: [PATCH] vhost: use struct_size and size_add to compute flex array sizes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Feb 27, 2023 at 01:41:27PM -0800, Jacob Keller wrote:
> The vhost_get_avail_size and vhost_get_used_size functions compute the size
> of structures with flexible array members with an additional 2 bytes if the
> VIRTIO_RING_F_EVENT_IDX feature flag is set. Convert these functions to use
> struct_size() and size_add() instead of coding the calculation by hand.
> 
> This ensures that the calculations will saturate at SIZE_MAX rather than
> overflowing.
> 
> Signed-off-by: Jacob Keller <jacob.e.keller@xxxxxxxxx>
> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx>
> Cc: Jason Wang <jasowang@xxxxxxxxxx>
> Cc: virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
> Cc: kvm@xxxxxxxxxxxxxxx


Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx>

Will merge, thanks!
> ---
> 
> I found this using a coccinelle patch I developed and submitted at [1].
> 
> [1]: https://lore.kernel.org/all/20230227202428.3657443-1-jacob.e.keller@xxxxxxxxx/
> 
>  drivers/vhost/vhost.c | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> index f11bdbe4c2c5..43fa626d4e44 100644
> --- a/drivers/vhost/vhost.c
> +++ b/drivers/vhost/vhost.c
> @@ -436,8 +436,7 @@ static size_t vhost_get_avail_size(struct vhost_virtqueue *vq,
>  	size_t event __maybe_unused =
>  	       vhost_has_feature(vq, VIRTIO_RING_F_EVENT_IDX) ? 2 : 0;
>  
> -	return sizeof(*vq->avail) +
> -	       sizeof(*vq->avail->ring) * num + event;
> +	return size_add(struct_size(vq->avail, ring, num), event);
>  }
>  
>  static size_t vhost_get_used_size(struct vhost_virtqueue *vq,
> @@ -446,8 +445,7 @@ static size_t vhost_get_used_size(struct vhost_virtqueue *vq,
>  	size_t event __maybe_unused =
>  	       vhost_has_feature(vq, VIRTIO_RING_F_EVENT_IDX) ? 2 : 0;
>  
> -	return sizeof(*vq->used) +
> -	       sizeof(*vq->used->ring) * num + event;
> +	return size_add(struct_size(vq->used, ring, num), event);
>  }
>  
>  static size_t vhost_get_desc_size(struct vhost_virtqueue *vq,
> -- 
> 2.39.1.405.gd4c25cc71f83




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux