linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] slab: Saturate to SIZE_MAX for allocation size overflows
@ 2026-02-25  1:40 Kees Cook
  2026-02-25  2:36 ` Harry Yoo
  2026-02-25  3:59 ` Matthew Wilcox
  0 siblings, 2 replies; 4+ messages in thread
From: Kees Cook @ 2026-02-25  1:40 UTC (permalink / raw)
  To: Vlastimil Babka
  Cc: Kees Cook, Vlastimil Babka, Andrew Morton, Christoph Lameter,
	David Rientjes, Roman Gushchin, Harry Yoo, linux-mm,
	linux-kernel, linux-hardening

Instead of silently returning NULL on size overflows from array
allocations, saturate the request to SIZE_MAX so the error will be
surfaced to the allocator (and still return NULL).

Suggested-by: Vlastimil Babka <vbabka@suse.cz>
Link: https://lore.kernel.org/lkml/a144cd1e-8bfc-4380-8f1b-071db0af0b2c@suse.cz/
Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Vlastimil Babka <vbabka@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Christoph Lameter <cl@gentwo.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Roman Gushchin <roman.gushchin@linux.dev>
Cc: Harry Yoo <harry.yoo@oracle.com>
Cc: <linux-mm@kvack.org>
---
 include/linux/slab.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/linux/slab.h b/include/linux/slab.h
index a5a5e4108ae5..8453c81c75c3 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -1105,7 +1105,7 @@ static inline __alloc_size(1, 2) void *kmalloc_array_noprof(size_t n, size_t siz
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(n, size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 	return kmalloc_noprof(bytes, flags);
 }
 #define kmalloc_array(...)			alloc_hooks(kmalloc_array_noprof(__VA_ARGS__))
@@ -1135,7 +1135,7 @@ static inline __realloc_size(2, 3) void * __must_check krealloc_array_noprof(voi
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(new_n, new_size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 
 	return krealloc_noprof(p, bytes, flags);
 }
@@ -1175,7 +1175,7 @@ static inline __alloc_size(1, 2) void *kmalloc_array_node_noprof(size_t n, size_
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(n, size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 	if (__builtin_constant_p(n) && __builtin_constant_p(size))
 		return kmalloc_node_noprof(bytes, flags, node);
 	return __kmalloc_node_noprof(PASS_BUCKET_PARAMS(bytes, NULL), flags, node);
@@ -1223,7 +1223,7 @@ kvmalloc_array_node_noprof(size_t n, size_t size, gfp_t flags, int node)
 	size_t bytes;
 
 	if (unlikely(check_mul_overflow(n, size, &bytes)))
-		return NULL;
+		bytes = SIZE_MAX;
 
 	return kvmalloc_node_align_noprof(bytes, 1, flags, node);
 }
-- 
2.34.1



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-02-25  7:16 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-25  1:40 [PATCH] slab: Saturate to SIZE_MAX for allocation size overflows Kees Cook
2026-02-25  2:36 ` Harry Yoo
2026-02-25  3:59 ` Matthew Wilcox
2026-02-25  7:15   ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox