On Thu, Mar 07, 2024 at 05:53:47PM +0300, Dan Carpenter wrote: > This check "if (inherit->num_qgroups > PAGE_SIZE)" is confusing and > unnecessary. > > The problem with the check is that static checkers flag it as a > potential mixup of between units of bytes vs number of elements. > Fortunately, the check can safely be deleted because the next check is > correct and applies an even stricter limit: > > if (size != struct_size(inherit, qgroups, inherit->num_qgroups)) > return -EINVAL; > > The "inherit" struct ends in a variable array of __u64 and > "inherit->num_qgroups" is the number of elements in the array. At the > start of the function we check that: > > if (size < sizeof(*inherit) || size > PAGE_SIZE) > return -EINVAL; > > Thus, since we verify that the whole struct fits within one page, that > means that the number of elements in the inherit->qgroups[] array must > be less than PAGE_SIZE. > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Added to for-next, thanks.
