On Fri, Apr 06, 2018 at 10:06:31PM -0700, Kees Cook wrote:
> I saw all the other int and size_t conversions to unsigned int. What
> about ksize(), slab_ksize() and related functions too? It looks like
> many callers are already expecting unsigned int anyway...
>
> net/core/skbuff.c: unsigned int size = frag_size ? : ksize(data);
>
> Though some are "int", ew:
>
> int pskb_expand_head(struct sk_buff *skb, int nhead, int ntail,
> gfp_t gfp_mask)
> {
> int i, osize = skb_end_offset(skb);
> int size = osize + nhead + ntail;
> ...
> size = SKB_WITH_OVERHEAD(ksize(data));
slab_ksize() can be changed.
As for ksize(). That path through page allocator is scary.
SLAB can be made unsigned int as well.
