virt: acrn: Prefer array_size and struct_size over open coded arithmetic

As noted in the "Deprecated Interfaces, Language Features, Attributes,
and Conventions" documentation [1], size calculations (especially
multiplication) should not be performed in memory allocator (or similar)
function arguments due to the risk of them overflowing. This could lead
to values wrapping around and a smaller allocation being made than the
caller was expecting. Using those allocations could lead to linear
overflows of heap memory and other misbehaviors.

So, use the array_size() helper to do the arithmetic instead of the
argument "count * size" in the vzalloc() function.

Also, take the opportunity to add a flexible array member of struct
vm_memory_region_op to the vm_memory_region_batch structure. And then,
change the code accordingly and use the struct_size() helper to do the
arithmetic instead of the argument "size + size * count" in the kzalloc
function.

This code was detected with the help of Coccinelle and audited and fixed
manually.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments

Acked-by: Fei Li <fei1.li@intel.com>
Signed-off-by: Len Baker <len.baker@gmx.com>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
This commit is contained in:
Len Baker 2021-10-29 19:27:46 +02:00 committed by Gustavo A. R. Silva
parent cc68c613d6
commit 746f1b0ac5
2 changed files with 10 additions and 9 deletions

View File

@ -48,6 +48,7 @@ struct vm_memory_region_op {
* @reserved: Reserved. * @reserved: Reserved.
* @regions_num: The number of vm_memory_region_op. * @regions_num: The number of vm_memory_region_op.
* @regions_gpa: Physical address of a vm_memory_region_op array. * @regions_gpa: Physical address of a vm_memory_region_op array.
* @regions_op: Flexible array of vm_memory_region_op.
* *
* HC_VM_SET_MEMORY_REGIONS uses this structure to manage EPT mappings of * HC_VM_SET_MEMORY_REGIONS uses this structure to manage EPT mappings of
* multiple memory regions of a User VM. A &struct vm_memory_region_batch * multiple memory regions of a User VM. A &struct vm_memory_region_batch
@ -55,10 +56,11 @@ struct vm_memory_region_op {
* ACRN Hypervisor. * ACRN Hypervisor.
*/ */
struct vm_memory_region_batch { struct vm_memory_region_batch {
u16 vmid; u16 vmid;
u16 reserved[3]; u16 reserved[3];
u32 regions_num; u32 regions_num;
u64 regions_gpa; u64 regions_gpa;
struct vm_memory_region_op regions_op[];
}; };
/** /**

View File

@ -192,7 +192,7 @@ int acrn_vm_ram_map(struct acrn_vm *vm, struct acrn_vm_memmap *memmap)
/* Get the page number of the map region */ /* Get the page number of the map region */
nr_pages = memmap->len >> PAGE_SHIFT; nr_pages = memmap->len >> PAGE_SHIFT;
pages = vzalloc(nr_pages * sizeof(struct page *)); pages = vzalloc(array_size(nr_pages, sizeof(*pages)));
if (!pages) if (!pages)
return -ENOMEM; return -ENOMEM;
@ -244,16 +244,15 @@ int acrn_vm_ram_map(struct acrn_vm *vm, struct acrn_vm_memmap *memmap)
} }
/* Prepare the vm_memory_region_batch */ /* Prepare the vm_memory_region_batch */
regions_info = kzalloc(sizeof(*regions_info) + regions_info = kzalloc(struct_size(regions_info, regions_op,
sizeof(*vm_region) * nr_regions, nr_regions), GFP_KERNEL);
GFP_KERNEL);
if (!regions_info) { if (!regions_info) {
ret = -ENOMEM; ret = -ENOMEM;
goto unmap_kernel_map; goto unmap_kernel_map;
} }
/* Fill each vm_memory_region_op */ /* Fill each vm_memory_region_op */
vm_region = (struct vm_memory_region_op *)(regions_info + 1); vm_region = regions_info->regions_op;
regions_info->vmid = vm->vmid; regions_info->vmid = vm->vmid;
regions_info->regions_num = nr_regions; regions_info->regions_num = nr_regions;
regions_info->regions_gpa = virt_to_phys(vm_region); regions_info->regions_gpa = virt_to_phys(vm_region);