1. Patchew
  2. linux
  3. View series

[PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type

Kees Cook posted 1 patch 9 months, 2 weeks ago 
net/ipv4/fib_semantics.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type
Posted by Kees Cook 9 months, 2 weeks ago 
In preparation for making the kmalloc family of allocators type aware,
we need to make sure that the returned type from the allocation matches
the type of the variable being assigned. (Before, the allocator would
always return "void *", which can be implicitly cast to any pointer type.)

This was allocating many sizeof(struct hlist_head *) when it actually
wanted sizeof(struct hlist_head). Luckily these are the same size.
Adjust the allocation type to match the assignment.

Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: "David S. Miller" <davem@davemloft.net>
Cc: David Ahern <dsahern@kernel.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Simon Horman <horms@kernel.org>
Cc: <netdev@vger.kernel.org>
---
 net/ipv4/fib_semantics.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
index f68bb9e34c34..37d12b0bc6be 100644
--- a/net/ipv4/fib_semantics.c
+++ b/net/ipv4/fib_semantics.c
@@ -365,7 +365,7 @@ static struct hlist_head *fib_info_laddrhash_bucket(const struct net *net,
 static struct hlist_head *fib_info_hash_alloc(unsigned int hash_bits)
 {
 	/* The second half is used for prefsrc */
-	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head *),
+	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head),
 			GFP_KERNEL);
 }
 
-- 
2.34.1
Re: [PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type
Posted by David Ahern 9 months, 2 weeks ago 
On 4/25/25 11:05 PM, Kees Cook wrote:
> In preparation for making the kmalloc family of allocators type aware,
> we need to make sure that the returned type from the allocation matches
> the type of the variable being assigned. (Before, the allocator would
> always return "void *", which can be implicitly cast to any pointer type.)
> 
> This was allocating many sizeof(struct hlist_head *) when it actually
> wanted sizeof(struct hlist_head). Luckily these are the same size.
> Adjust the allocation type to match the assignment.
> 
> Signed-off-by: Kees Cook <kees@kernel.org>
> ---
> Cc: "David S. Miller" <davem@davemloft.net>
> Cc: David Ahern <dsahern@kernel.org>
> Cc: Eric Dumazet <edumazet@google.com>
> Cc: Jakub Kicinski <kuba@kernel.org>
> Cc: Paolo Abeni <pabeni@redhat.com>
> Cc: Simon Horman <horms@kernel.org>
> Cc: <netdev@vger.kernel.org>
> ---
>  net/ipv4/fib_semantics.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
> index f68bb9e34c34..37d12b0bc6be 100644
> --- a/net/ipv4/fib_semantics.c
> +++ b/net/ipv4/fib_semantics.c
> @@ -365,7 +365,7 @@ static struct hlist_head *fib_info_laddrhash_bucket(const struct net *net,
>  static struct hlist_head *fib_info_hash_alloc(unsigned int hash_bits)
>  {
>  	/* The second half is used for prefsrc */
> -	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head *),
> +	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head),
>  			GFP_KERNEL);
>  }
>  

Reviewed-by: David Ahern <dsahern@kernel.org>

Fixes: fa336adc100e ("ipv4: fib: Allocate fib_info_hash[] and
fib_info_laddrhash[] by kvcalloc().)
Re: [PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type
Posted by Kuniyuki Iwashima 9 months, 2 weeks ago 
Thanks for CC me, David.

From: David Ahern <dsahern@kernel.org>
Date: Mon, 28 Apr 2025 16:50:53 -0600
> On 4/25/25 11:05 PM, Kees Cook wrote:
> > In preparation for making the kmalloc family of allocators type aware,
> > we need to make sure that the returned type from the allocation matches
> > the type of the variable being assigned. (Before, the allocator would
> > always return "void *", which can be implicitly cast to any pointer type.)
> > 
> > This was allocating many sizeof(struct hlist_head *) when it actually
> > wanted sizeof(struct hlist_head). Luckily these are the same size.
> > Adjust the allocation type to match the assignment.
> > 
> > Signed-off-by: Kees Cook <kees@kernel.org>
> > ---
> > Cc: "David S. Miller" <davem@davemloft.net>
> > Cc: David Ahern <dsahern@kernel.org>
> > Cc: Eric Dumazet <edumazet@google.com>
> > Cc: Jakub Kicinski <kuba@kernel.org>
> > Cc: Paolo Abeni <pabeni@redhat.com>
> > Cc: Simon Horman <horms@kernel.org>
> > Cc: <netdev@vger.kernel.org>
> > ---
> >  net/ipv4/fib_semantics.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
> > index f68bb9e34c34..37d12b0bc6be 100644
> > --- a/net/ipv4/fib_semantics.c
> > +++ b/net/ipv4/fib_semantics.c
> > @@ -365,7 +365,7 @@ static struct hlist_head *fib_info_laddrhash_bucket(const struct net *net,
> >  static struct hlist_head *fib_info_hash_alloc(unsigned int hash_bits)
> >  {
> >  	/* The second half is used for prefsrc */
> > -	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head *),
> > +	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head),
> >  			GFP_KERNEL);
> >  }
> >  
> 
> Reviewed-by: David Ahern <dsahern@kernel.org>
> 
> Fixes: fa336adc100e ("ipv4: fib: Allocate fib_info_hash[] and
> fib_info_laddrhash[] by kvcalloc().)

I agree this should target net.git as the last statement
will be false with LOCKDEP.

Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>

Thanks!
Re: [PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type
Posted by Kees Cook 9 months, 2 weeks ago 

On April 28, 2025 5:43:05 PM PDT, Kuniyuki Iwashima <kuniyu@amazon.com> wrote:
>Thanks for CC me, David.
>
>From: David Ahern <dsahern@kernel.org>
>Date: Mon, 28 Apr 2025 16:50:53 -0600
>> On 4/25/25 11:05 PM, Kees Cook wrote:
>> > In preparation for making the kmalloc family of allocators type aware,
>> > we need to make sure that the returned type from the allocation matches
>> > the type of the variable being assigned. (Before, the allocator would
>> > always return "void *", which can be implicitly cast to any pointer type.)
>> > 
>> > This was allocating many sizeof(struct hlist_head *) when it actually
>> > wanted sizeof(struct hlist_head). Luckily these are the same size.
>> > Adjust the allocation type to match the assignment.
>> > 
>> > Signed-off-by: Kees Cook <kees@kernel.org>
>> > ---
>> > Cc: "David S. Miller" <davem@davemloft.net>
>> > Cc: David Ahern <dsahern@kernel.org>
>> > Cc: Eric Dumazet <edumazet@google.com>
>> > Cc: Jakub Kicinski <kuba@kernel.org>
>> > Cc: Paolo Abeni <pabeni@redhat.com>
>> > Cc: Simon Horman <horms@kernel.org>
>> > Cc: <netdev@vger.kernel.org>
>> > ---
>> >  net/ipv4/fib_semantics.c | 2 +-
>> >  1 file changed, 1 insertion(+), 1 deletion(-)
>> > 
>> > diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
>> > index f68bb9e34c34..37d12b0bc6be 100644
>> > --- a/net/ipv4/fib_semantics.c
>> > +++ b/net/ipv4/fib_semantics.c
>> > @@ -365,7 +365,7 @@ static struct hlist_head *fib_info_laddrhash_bucket(const struct net *net,
>> >  static struct hlist_head *fib_info_hash_alloc(unsigned int hash_bits)
>> >  {
>> >  	/* The second half is used for prefsrc */
>> > -	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head *),
>> > +	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head),
>> >  			GFP_KERNEL);
>> >  }
>> >  
>> 
>> Reviewed-by: David Ahern <dsahern@kernel.org>
>> 
>> Fixes: fa336adc100e ("ipv4: fib: Allocate fib_info_hash[] and
>> fib_info_laddrhash[] by kvcalloc().)
>
>I agree this should target net.git as the last statement
>will be false with LOCKDEP.

Which will be false with lockdep? Unless I'm missing it, I think hlist_head is always pointer sized:

struct hlist_head {
	struct hlist_node *first;
};

>
>Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>

Thanks!

-- 
Kees Cook
Re: [PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type
Posted by Kuniyuki Iwashima 9 months, 2 weeks ago 
From: Kees Cook <kees@kernel.org>
Date: Mon, 28 Apr 2025 20:52:59 -0700
> On April 28, 2025 5:43:05 PM PDT, Kuniyuki Iwashima <kuniyu@amazon.com> wrote:
> >Thanks for CC me, David.
> >
> >From: David Ahern <dsahern@kernel.org>
> >Date: Mon, 28 Apr 2025 16:50:53 -0600
> >> On 4/25/25 11:05 PM, Kees Cook wrote:
> >> > In preparation for making the kmalloc family of allocators type aware,
> >> > we need to make sure that the returned type from the allocation matches
> >> > the type of the variable being assigned. (Before, the allocator would
> >> > always return "void *", which can be implicitly cast to any pointer type.)
> >> > 
> >> > This was allocating many sizeof(struct hlist_head *) when it actually
> >> > wanted sizeof(struct hlist_head). Luckily these are the same size.
> >> > Adjust the allocation type to match the assignment.
> >> > 
> >> > Signed-off-by: Kees Cook <kees@kernel.org>
> >> > ---
> >> > Cc: "David S. Miller" <davem@davemloft.net>
> >> > Cc: David Ahern <dsahern@kernel.org>
> >> > Cc: Eric Dumazet <edumazet@google.com>
> >> > Cc: Jakub Kicinski <kuba@kernel.org>
> >> > Cc: Paolo Abeni <pabeni@redhat.com>
> >> > Cc: Simon Horman <horms@kernel.org>
> >> > Cc: <netdev@vger.kernel.org>
> >> > ---
> >> >  net/ipv4/fib_semantics.c | 2 +-
> >> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >> > 
> >> > diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
> >> > index f68bb9e34c34..37d12b0bc6be 100644
> >> > --- a/net/ipv4/fib_semantics.c
> >> > +++ b/net/ipv4/fib_semantics.c
> >> > @@ -365,7 +365,7 @@ static struct hlist_head *fib_info_laddrhash_bucket(const struct net *net,
> >> >  static struct hlist_head *fib_info_hash_alloc(unsigned int hash_bits)
> >> >  {
> >> >  	/* The second half is used for prefsrc */
> >> > -	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head *),
> >> > +	return kvcalloc((1 << hash_bits) * 2, sizeof(struct hlist_head),
> >> >  			GFP_KERNEL);
> >> >  }
> >> >  
> >> 
> >> Reviewed-by: David Ahern <dsahern@kernel.org>
> >> 
> >> Fixes: fa336adc100e ("ipv4: fib: Allocate fib_info_hash[] and
> >> fib_info_laddrhash[] by kvcalloc().)
> >
> >I agree this should target net.git as the last statement
> >will be false with LOCKDEP.
> 
> Which will be false with lockdep? Unless I'm missing it, I think hlist_head is always pointer sized:

Oh sorry, now I'm not sure why I mentioned lockdep...
maybe confused with other code :/



> 
> struct hlist_head {
> 	struct hlist_node *first;
> };
Re: [PATCH] ipv4: fib: Fix fib_info_hash_alloc() allocation type
Posted by Simon Horman 9 months, 2 weeks ago 
On Fri, Apr 25, 2025 at 11:05:30PM -0700, Kees Cook wrote:
> In preparation for making the kmalloc family of allocators type aware,
> we need to make sure that the returned type from the allocation matches
> the type of the variable being assigned. (Before, the allocator would
> always return "void *", which can be implicitly cast to any pointer type.)
> 
> This was allocating many sizeof(struct hlist_head *) when it actually
> wanted sizeof(struct hlist_head). Luckily these are the same size.
> Adjust the allocation type to match the assignment.
> 
> Signed-off-by: Kees Cook <kees@kernel.org>

Thanks, your analysis matches my understanding of the code.

Reviewed-by: Simon Horman <horms@kernel.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.