On Tue, Jun 04, 2024 at 04:13:32PM -0600, Tycho Andersen wrote: > On Tue, Jun 04, 2024 at 04:02:28PM +0100, Simon Horman wrote: > > On Fri, May 31, 2024 at 12:14:56PM -0700, Kees Cook wrote: > > > + for (idx = 0; idx < ARRAY_SIZE(kmalloc_caches[KMALLOC_NORMAL]); idx++) { > > > + char *short_size, *cache_name; > > > + unsigned int cache_useroffset, cache_usersize; > > > + unsigned int size; > > > + > > > + if (!kmalloc_caches[KMALLOC_NORMAL][idx]) > > > + continue; > > > + > > > + size = kmalloc_caches[KMALLOC_NORMAL][idx]->object_size; > > > + if (!size) > > > + continue; > > > + > > > + short_size = strchr(kmalloc_caches[KMALLOC_NORMAL][idx]->name, '-'); > > > + if (WARN_ON(!short_size)) > > > + goto fail; > > > + > > > + cache_name = kasprintf(GFP_KERNEL, "%s-%s", name, short_size + 1); > > > + if (WARN_ON(!cache_name)) > > > + goto fail; > > > + > > > + if (useroffset >= size) { > > > + cache_useroffset = 0; > > > + cache_usersize = 0; > > > + } else { > > > + cache_useroffset = useroffset; > > > + cache_usersize = min(size - cache_useroffset, usersize); > > > + } > > > + (*b)[idx] = kmem_cache_create_usercopy(cache_name, size, > > > + align, flags, cache_useroffset, > > > + cache_usersize, ctor); > > > + kfree(cache_name); > > > + if (WARN_ON(!(*b)[idx])) > > > + goto fail; > > > + } > > > + > > > + return b; > > > + > > > +fail: > > > + for (idx = 0; idx < ARRAY_SIZE(kmalloc_caches[KMALLOC_NORMAL]); idx++) { > > > + if ((*b)[idx]) > > > + kmem_cache_destroy((*b)[idx]); > > > > nit: I don't think it is necessary to guard this with a check for NULL. > > Isn't it? What if a kasprintf() fails halfway through the loop? He means that kmem_cache_destroy() already checks for NULL. Quite right! void kmem_cache_destroy(struct kmem_cache *s) { int err = -EBUSY; bool rcu_set; if (unlikely(!s) || !kasan_check_byte(s)) return; -- Kees Cook