From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-f200.google.com (mail-io0-f200.google.com [209.85.223.200]) by kanga.kvack.org (Postfix) with ESMTP id 478B06B0005 for ; Thu, 31 May 2018 20:54:31 -0400 (EDT) Received: by mail-io0-f200.google.com with SMTP id c10-v6so19274490iob.11 for ; Thu, 31 May 2018 17:54:31 -0700 (PDT) Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id p66-v6sor9256097iof.86.2018.05.31.17.54.30 for (Google Transport Security); Thu, 31 May 2018 17:54:30 -0700 (PDT) MIME-Version: 1.0 References: <20180601004233.37822-1-keescook@chromium.org> In-Reply-To: <20180601004233.37822-1-keescook@chromium.org> From: Linus Torvalds Date: Thu, 31 May 2018 19:54:18 -0500 Message-ID: Subject: Re: [PATCH v3 00/16] Provide saturating helpers for allocation Content-Type: text/plain; charset="UTF-8" Sender: owner-linux-mm@kvack.org List-ID: To: Kees Cook Cc: Matthew Wilcox , Rasmus Villemoes , Matthew Wilcox , Linux Kernel Mailing List , linux-mm , Kernel Hardening On Thu, May 31, 2018 at 7:43 PM Kees Cook wrote: > > So, while nothing does: > kmalloc_array(a, b, ...) -> kmalloc(array_size(a, b), ...) > the treewide changes DO perform changes like this: > kmalloc(a * b, ...) -> kmalloc(array_size(a, b), ...) Ugh. I really really still absolutely despise this. Why can't you just have a separate set of coccinelle scripts that do the simple and clean cases? So *before* doing any array_size() conversions, just do kzalloc(a*b, ...) -> kcalloc(a, b, ...) kmalloc(a*b,..) -> kmalloc_array(a,b, ...) and the obvious variations on that (devm_xyz() has all the same helpers). Only after doing the ones that don't have the nice obvious helpers, do the remaining ones with array_size(), ie *alloc(a*b, ..) -> *alloc(array_size(a,b), ...) because that really makes for much less legible code. Hmm? Linus