From: Kees Cook <kees@kernel.org>
To: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Cc: Vlastimil Babka <vbabka@suse.cz>,
Jonathan Corbet <corbet@lwn.net>,
Andrew Morton <akpm@linux-foundation.org>,
Christoph Lameter <cl@gentwo.org>,
David Rientjes <rientjes@google.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Harry Yoo <harry.yoo@oracle.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
workflows@vger.kernel.org, linux-doc@vger.kernel.org,
linux-mm@kvack.org, linux-hardening@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Randy Dunlap <rdunlap@infradead.org>,
Miguel Ojeda <ojeda@kernel.org>,
Przemek Kitszel <przemyslaw.kitszel@intel.com>,
Matthew Wilcox <willy@infradead.org>,
John Hubbard <jhubbard@nvidia.com>, Joe Perches <joe@perches.com>,
Christoph Lameter <cl@linux.com>, Marco Elver <elver@google.com>,
Vegard Nossum <vegard.nossum@oracle.com>,
Pekka Enberg <penberg@kernel.org>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Bill Wendling <morbo@google.com>,
Justin Stitt <justinstitt@google.com>,
Jann Horn <jannh@google.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Sasha Levin <sashal@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Nick Desaulniers <nick.desaulniers+lkml@gmail.com>,
Jakub Kicinski <kuba@kernel.org>,
Yafang Shao <laoar.shao@gmail.com>,
Tony Ambardar <tony.ambardar@gmail.com>,
Alexander Lobakin <aleksander.lobakin@intel.com>,
Jan Hendrik Farr <kernel@jfarr.cc>,
Alexander Potapenko <glider@google.com>,
linux-kernel@vger.kernel.org, llvm@lists.linux.dev
Subject: Re: [PATCH v6 4/5] slab: Introduce kmalloc_flex() and family
Date: Tue, 24 Feb 2026 15:45:13 -0800 [thread overview]
Message-ID: <202602241541.65DBBD8CB@keescook> (raw)
In-Reply-To: <675ec547-dac8-465f-b3c9-a0f97c5bdef7@lucifer.local>
On Tue, Feb 24, 2026 at 10:26:36AM +0000, Lorenzo Stoakes wrote:
> Annnd now I typed that I realise that Linus fixed this up in mainline and I was
> working with a stale version of this file :))
>
> Anyway, I see that the comment isn't fixed up, so I think that's something we
> should patch, like:
>
> * Returns: true if @COUNT can be represented in the @FAM's counter. When
> * @FAM is not annotated with __counted_by(), always returns true.
>
> ->
>
> * Returns: true if @COUNT cannot be represented in the @FAM's counter. When
> * @FAM is not annotated with __counted_by(), always returns false.
Yeah, I'm working on fixing this up correctly. I think Linux is right
that we need to put the overflow checking entirely within the counter
setting. That way the checks will only happen for the cases where
counted_by is actually in use.
I am, however, still pondering that the size check (as I _intended_
it, not as it actually manifested), would catch negative sizes (i.e.
negative can't be represented in a size_t -- the default type when the
counter type is unknown) and refuse to allocate, though honestly the
allocator would probably also refuse to allocate them since they would
be very very large when cast back to size_t for the allocation itself.
--
Kees Cook
next prev parent reply other threads:[~2026-02-24 23:45 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-03 23:30 [PATCH v6 0/5] asdf Kees Cook
2025-12-03 23:30 ` [PATCH v6 1/5] slab: Introduce kmalloc_obj() and family Kees Cook
2026-01-08 14:01 ` Vlastimil Babka
2026-01-08 17:15 ` Kees Cook
2026-01-09 17:31 ` Kees Cook
2026-01-09 17:32 ` Vlastimil Babka
2026-02-19 7:57 ` Dan Carpenter
2026-02-19 8:01 ` Dan Carpenter
2026-02-19 8:24 ` Dan Carpenter
2025-12-03 23:30 ` [PATCH v6 2/5] checkpatch: Suggest kmalloc_obj family for sizeof allocations Kees Cook
2025-12-03 23:30 ` [PATCH v6 3/5] compiler_types: Introduce __flex_counter() and family Kees Cook
2025-12-04 8:54 ` Peter Zijlstra
2025-12-04 20:25 ` Kees Cook
2025-12-03 23:30 ` [PATCH v6 4/5] slab: Introduce kmalloc_flex() " Kees Cook
2026-01-08 14:06 ` Vlastimil Babka
2026-01-08 17:12 ` Kees Cook
2026-01-08 17:40 ` Kees Cook
2026-01-09 17:12 ` Vlastimil Babka
2026-02-24 10:26 ` Lorenzo Stoakes
2026-02-24 11:11 ` David Laight
2026-02-24 23:45 ` Kees Cook [this message]
2025-12-03 23:30 ` [PATCH v6 5/5] coccinelle: Add kmalloc_objs conversion script Kees Cook
2025-12-11 14:15 ` Markus Elfring
2025-12-11 22:02 ` Kees Cook
2025-12-16 21:56 ` [cocci] " Julia Lawall
2026-02-22 4:13 ` Eric Biggers
2026-02-22 7:12 ` Kees Cook
2026-02-22 9:31 ` Julia Lawall
2025-12-04 6:07 ` [PATCH v6 0/5] asdf Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202602241541.65DBBD8CB@keescook \
--to=kees@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=aleksander.lobakin@intel.com \
--cc=cl@gentwo.org \
--cc=cl@linux.com \
--cc=corbet@lwn.net \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=gustavoars@kernel.org \
--cc=harry.yoo@oracle.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=jannh@google.com \
--cc=jhubbard@nvidia.com \
--cc=joe@perches.com \
--cc=justinstitt@google.com \
--cc=kernel@jfarr.cc \
--cc=kuba@kernel.org \
--cc=laoar.shao@gmail.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=llvm@lists.linux.dev \
--cc=lorenzo.stoakes@oracle.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=ojeda@kernel.org \
--cc=penberg@kernel.org \
--cc=peterz@infradead.org \
--cc=przemyslaw.kitszel@intel.com \
--cc=rdunlap@infradead.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=sashal@kernel.org \
--cc=tony.ambardar@gmail.com \
--cc=torvalds@linux-foundation.org \
--cc=vbabka@suse.cz \
--cc=vegard.nossum@oracle.com \
--cc=willy@infradead.org \
--cc=workflows@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox