Re: [PATCH v3] scsi: csiostor: Use kcalloc() instead of kzalloc()

From: Finn Thain
Date: Wed May 01 2024 - 20:47:16 EST

Next message: Dave Chinner: "Re: [PATCH v3 08/21] xfs: Introduce FORCEALIGN inode flag"
Previous message: Bagas Sanjaya: "Re: [PATCH v4 1/1] Documentation/core-api: Add swiotlb documentation"
In reply to: James Bottomley: "Re: [PATCH v3] scsi: csiostor: Use kcalloc() instead of kzalloc()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 1 May 2024, James Bottomley wrote:

> > The code itself is fine unless you have a 32-bit system with a
> > malicious card, so yeah, near zero risk.
>
> Well, no actually zero: we assume plugged in hardware to operate
> correctly (had this argument in the driver hardening thread a while
> ago), but in this particular case you'd have to have a card with a very
> high number of ports, which would cause kernel allocations to fail long
> before anything could introduce an overflow of sizeof(struct csio_lnode
> *) * hw->num_lns.
>

Then it should be safe to add an equivalent assertion. E.g.
BUG_ON(hw->num_lns > X) where X was derived either from knowledge of the
hardware or from some known-safe kalloc() limit. Though I wonder whether
BUG_ON() is the best way to encode preconditions for the benfit of static
checkers...

Next message: Dave Chinner: "Re: [PATCH v3 08/21] xfs: Introduce FORCEALIGN inode flag"
Previous message: Bagas Sanjaya: "Re: [PATCH v4 1/1] Documentation/core-api: Add swiotlb documentation"
In reply to: James Bottomley: "Re: [PATCH v3] scsi: csiostor: Use kcalloc() instead of kzalloc()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]