treewide: kmalloc() -> kmalloc_array()
The kmalloc() function has a 2-factor argument form, kmalloc_array(). This
patch replaces cases of:
kmalloc(a * b, gfp)
with:
kmalloc_array(a * b, gfp)
as well as handling cases of:
kmalloc(a * b * c, gfp)
with:
kmalloc(array3_size(a, b, c), gfp)
as it's slightly less ugly than:
kmalloc_array(array_size(a, b), c, gfp)
This does, however, attempt to ignore constant size factors like:
kmalloc(4 * 1024, gfp)
though any constants defined via macros get caught up in the conversion.
Any factors with a sizeof() of "unsigned char", "char", and "u8" were
dropped, since they're redundant.
The tools/ directory was manually excluded, since it has its own
implementation of kmalloc().
The Coccinelle script used for this was:
// Fix redundant parens around sizeof().
@@
type TYPE;
expression THING, E;
@@
(
kmalloc(
- (sizeof(TYPE)) * E
+ sizeof(TYPE) * E
, ...)
|
kmalloc(
- (sizeof(THING)) * E
+ sizeof(THING) * E
, ...)
)
// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
@@
(
kmalloc(
- sizeof(u8) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(__u8) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(char) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(unsigned char) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(u8) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(__u8) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(char) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(unsigned char) * COUNT
+ COUNT
, ...)
)
// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
type TYPE;
expression THING;
identifier COUNT_ID;
constant COUNT_CONST;
@@
(
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (COUNT_ID)
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * COUNT_ID
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (COUNT_CONST)
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * COUNT_CONST
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (COUNT_ID)
+ COUNT_ID, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * COUNT_ID
+ COUNT_ID, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (COUNT_CONST)
+ COUNT_CONST, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * COUNT_CONST
+ COUNT_CONST, sizeof(THING)
, ...)
)
// 2-factor product, only identifiers.
@@
identifier SIZE, COUNT;
@@
- kmalloc
+ kmalloc_array
(
- SIZE * COUNT
+ COUNT, SIZE
, ...)
// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression THING;
identifier STRIDE, COUNT;
type TYPE;
@@
(
kmalloc(
- sizeof(TYPE) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(THING) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
)
// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression THING1, THING2;
identifier COUNT;
type TYPE1, TYPE2;
@@
(
kmalloc(
- sizeof(TYPE1) * sizeof(TYPE2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kmalloc(
- sizeof(THING1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(THING1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
)
// 3-factor product, only identifiers, with redundant parens removed.
@@
identifier STRIDE, SIZE, COUNT;
@@
(
kmalloc(
- (COUNT) * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
)
// Any remaining multi-factor products, first at least 3-factor products,
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
@@
(
kmalloc(C1 * C2 * C3, ...)
|
kmalloc(
- (E1) * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- (E1) * (E2) * E3
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- (E1) * (E2) * (E3)
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- E1 * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
)
// And then all remaining 2 factors products when they're not all constants,
// keeping sizeof() as the second factor argument.
@@
expression THING, E1, E2;
type TYPE;
constant C1, C2, C3;
@@
(
kmalloc(sizeof(THING) * C2, ...)
|
kmalloc(sizeof(TYPE) * C2, ...)
|
kmalloc(C1 * C2 * C3, ...)
|
kmalloc(C1 * C2, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (E2)
+ E2, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * E2
+ E2, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (E2)
+ E2, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * E2
+ E2, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- (E1) * E2
+ E1, E2
, ...)
|
- kmalloc
+ kmalloc_array
(
- (E1) * (E2)
+ E1, E2
, ...)
|
- kmalloc
+ kmalloc_array
(
- E1 * E2
+ E1, E2
, ...)
)
Signed-off-by: Kees Cook <keescook@chromium.org>
Šī revīzija ir iekļauta:
Kees Cook
@@ -890,7 +890,8 @@ ath5k_hw_rfregs_init(struct ath5k_hw *ah,
|
||||
* ah->ah_rf_banks based on ah->ah_rf_banks_size
|
||||
* we set above */
|
||||
if (ah->ah_rf_banks == NULL) {
|
||||
ah->ah_rf_banks = kmalloc(sizeof(u32) * ah->ah_rf_banks_size,
|
||||
ah->ah_rf_banks = kmalloc_array(ah->ah_rf_banks_size,
|
||||
sizeof(u32),
|
||||
GFP_KERNEL);
|
||||
if (ah->ah_rf_banks == NULL) {
|
||||
ATH5K_ERR(ah, "out of memory\n");
|
||||
|
||||
@@ -925,7 +925,7 @@ int ar9003_paprd_create_curve(struct ath_hw *ah,
|
||||
|
||||
memset(caldata->pa_table[chain], 0, sizeof(caldata->pa_table[chain]));
|
||||
|
||||
buf = kmalloc(2 * 48 * sizeof(u32), GFP_KERNEL);
|
||||
buf = kmalloc_array(2 * 48, sizeof(u32), GFP_KERNEL);
|
||||
if (!buf)
|
||||
return -ENOMEM;
|
||||
|
||||
|
||||
@@ -127,13 +127,13 @@ void ath9k_hw_read_array(struct ath_hw *ah, u32 array[][2], int size)
|
||||
u32 *tmp_reg_list, *tmp_data;
|
||||
int i;
|
||||
|
||||
tmp_reg_list = kmalloc(size * sizeof(u32), GFP_KERNEL);
|
||||
tmp_reg_list = kmalloc_array(size, sizeof(u32), GFP_KERNEL);
|
||||
if (!tmp_reg_list) {
|
||||
dev_err(ah->dev, "%s: tmp_reg_list: alloc filed\n", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
tmp_data = kmalloc(size * sizeof(u32), GFP_KERNEL);
|
||||
tmp_data = kmalloc_array(size, sizeof(u32), GFP_KERNEL);
|
||||
if (!tmp_data) {
|
||||
dev_err(ah->dev, "%s tmp_data: alloc filed\n", __func__);
|
||||
goto error_tmp_data;
|
||||
|
||||
@@ -1387,7 +1387,7 @@ wlc_lcnphy_rx_iq_cal(struct brcms_phy *pi,
|
||||
s16 *ptr;
|
||||
struct brcms_phy_lcnphy *pi_lcn = pi->u.pi_lcnphy;
|
||||
|
||||
ptr = kmalloc(sizeof(s16) * 131, GFP_ATOMIC);
|
||||
ptr = kmalloc_array(131, sizeof(s16), GFP_ATOMIC);
|
||||
if (NULL == ptr)
|
||||
return false;
|
||||
if (module == 2) {
|
||||
@@ -2670,7 +2670,7 @@ wlc_lcnphy_tx_iqlo_cal(struct brcms_phy *pi,
|
||||
u16 *values_to_save;
|
||||
struct brcms_phy_lcnphy *pi_lcn = pi->u.pi_lcnphy;
|
||||
|
||||
values_to_save = kmalloc(sizeof(u16) * 20, GFP_ATOMIC);
|
||||
values_to_save = kmalloc_array(20, sizeof(u16), GFP_ATOMIC);
|
||||
if (NULL == values_to_save)
|
||||
return;
|
||||
|
||||
@@ -3678,11 +3678,11 @@ wlc_lcnphy_a1(struct brcms_phy *pi, int cal_type, int num_levels,
|
||||
u16 *phy_c32;
|
||||
phy_c21 = 0;
|
||||
phy_c10 = phy_c13 = phy_c14 = phy_c8 = 0;
|
||||
ptr = kmalloc(sizeof(s16) * 131, GFP_ATOMIC);
|
||||
ptr = kmalloc_array(131, sizeof(s16), GFP_ATOMIC);
|
||||
if (NULL == ptr)
|
||||
return;
|
||||
|
||||
phy_c32 = kmalloc(sizeof(u16) * 20, GFP_ATOMIC);
|
||||
phy_c32 = kmalloc_array(20, sizeof(u16), GFP_ATOMIC);
|
||||
if (NULL == phy_c32) {
|
||||
kfree(ptr);
|
||||
return;
|
||||
|
||||
@@ -23032,7 +23032,7 @@ wlc_phy_loadsampletable_nphy(struct brcms_phy *pi, struct cordic_iq *tone_buf,
|
||||
u16 t;
|
||||
u32 *data_buf = NULL;
|
||||
|
||||
data_buf = kmalloc(sizeof(u32) * num_samps, GFP_ATOMIC);
|
||||
data_buf = kmalloc_array(num_samps, sizeof(u32), GFP_ATOMIC);
|
||||
if (data_buf == NULL)
|
||||
return;
|
||||
|
||||
@@ -23074,7 +23074,8 @@ wlc_phy_gen_load_samples_nphy(struct brcms_phy *pi, u32 f_kHz, u16 max_val,
|
||||
tbl_len = (phy_bw << 1);
|
||||
}
|
||||
|
||||
tone_buf = kmalloc(sizeof(struct cordic_iq) * tbl_len, GFP_ATOMIC);
|
||||
tone_buf = kmalloc_array(tbl_len, sizeof(struct cordic_iq),
|
||||
GFP_ATOMIC);
|
||||
if (tone_buf == NULL)
|
||||
return 0;
|
||||
|
||||
|
||||
@@ -7127,7 +7127,7 @@ static int airo_get_aplist(struct net_device *dev,
|
||||
int i;
|
||||
int loseSync = capable(CAP_NET_ADMIN) ? 1: -1;
|
||||
|
||||
qual = kmalloc(IW_MAX_AP * sizeof(*qual), GFP_KERNEL);
|
||||
qual = kmalloc_array(IW_MAX_AP, sizeof(*qual), GFP_KERNEL);
|
||||
if (!qual)
|
||||
return -ENOMEM;
|
||||
|
||||
|
||||
@@ -3445,8 +3445,9 @@ static int ipw2100_msg_allocate(struct ipw2100_priv *priv)
|
||||
dma_addr_t p;
|
||||
|
||||
priv->msg_buffers =
|
||||
kmalloc(IPW_COMMAND_POOL_SIZE * sizeof(struct ipw2100_tx_packet),
|
||||
GFP_KERNEL);
|
||||
kmalloc_array(IPW_COMMAND_POOL_SIZE,
|
||||
sizeof(struct ipw2100_tx_packet),
|
||||
GFP_KERNEL);
|
||||
if (!priv->msg_buffers)
|
||||
return -ENOMEM;
|
||||
|
||||
@@ -4587,9 +4588,9 @@ static int ipw2100_rx_allocate(struct ipw2100_priv *priv)
|
||||
/*
|
||||
* allocate packets
|
||||
*/
|
||||
priv->rx_buffers = kmalloc(RX_QUEUE_LENGTH *
|
||||
sizeof(struct ipw2100_rx_packet),
|
||||
GFP_KERNEL);
|
||||
priv->rx_buffers = kmalloc_array(RX_QUEUE_LENGTH,
|
||||
sizeof(struct ipw2100_rx_packet),
|
||||
GFP_KERNEL);
|
||||
if (!priv->rx_buffers) {
|
||||
IPW_DEBUG_INFO("can't allocate rx packet buffer table\n");
|
||||
|
||||
|
||||
@@ -3208,13 +3208,13 @@ static int ipw_load_firmware(struct ipw_priv *priv, u8 * data, size_t len)
|
||||
|
||||
IPW_DEBUG_TRACE("<< :\n");
|
||||
|
||||
virts = kmalloc(sizeof(void *) * CB_NUMBER_OF_ELEMENTS_SMALL,
|
||||
GFP_KERNEL);
|
||||
virts = kmalloc_array(CB_NUMBER_OF_ELEMENTS_SMALL, sizeof(void *),
|
||||
GFP_KERNEL);
|
||||
if (!virts)
|
||||
return -ENOMEM;
|
||||
|
||||
phys = kmalloc(sizeof(dma_addr_t) * CB_NUMBER_OF_ELEMENTS_SMALL,
|
||||
GFP_KERNEL);
|
||||
phys = kmalloc_array(CB_NUMBER_OF_ELEMENTS_SMALL, sizeof(dma_addr_t),
|
||||
GFP_KERNEL);
|
||||
if (!phys) {
|
||||
kfree(virts);
|
||||
return -ENOMEM;
|
||||
@@ -3782,7 +3782,7 @@ static int ipw_queue_tx_init(struct ipw_priv *priv,
|
||||
{
|
||||
struct pci_dev *dev = priv->pci_dev;
|
||||
|
||||
q->txb = kmalloc(sizeof(q->txb[0]) * count, GFP_KERNEL);
|
||||
q->txb = kmalloc_array(count, sizeof(q->txb[0]), GFP_KERNEL);
|
||||
if (!q->txb) {
|
||||
IPW_ERROR("vmalloc for auxiliary BD structures failed\n");
|
||||
return -ENOMEM;
|
||||
|
||||
@@ -271,8 +271,9 @@ static void prism2_info_scanresults(local_info_t *local, unsigned char *buf,
|
||||
left -= 4;
|
||||
|
||||
new_count = left / sizeof(struct hfa384x_scan_result);
|
||||
results = kmalloc(new_count * sizeof(struct hfa384x_hostscan_result),
|
||||
GFP_ATOMIC);
|
||||
results = kmalloc_array(new_count,
|
||||
sizeof(struct hfa384x_hostscan_result),
|
||||
GFP_ATOMIC);
|
||||
if (results == NULL)
|
||||
return;
|
||||
|
||||
|
||||
@@ -513,8 +513,8 @@ static int prism2_ioctl_giwaplist(struct net_device *dev,
|
||||
return -EOPNOTSUPP;
|
||||
}
|
||||
|
||||
addr = kmalloc(sizeof(struct sockaddr) * IW_MAX_AP, GFP_KERNEL);
|
||||
qual = kmalloc(sizeof(struct iw_quality) * IW_MAX_AP, GFP_KERNEL);
|
||||
addr = kmalloc_array(IW_MAX_AP, sizeof(struct sockaddr), GFP_KERNEL);
|
||||
qual = kmalloc_array(IW_MAX_AP, sizeof(struct iw_quality), GFP_KERNEL);
|
||||
if (addr == NULL || qual == NULL) {
|
||||
kfree(addr);
|
||||
kfree(qual);
|
||||
|
||||
@@ -732,7 +732,8 @@ static int zd_mac_config_beacon(struct ieee80211_hw *hw, struct sk_buff *beacon,
|
||||
|
||||
/* Alloc memory for full beacon write at once. */
|
||||
num_cmds = 1 + zd_chip_is_zd1211b(&mac->chip) + full_len;
|
||||
ioreqs = kmalloc(num_cmds * sizeof(struct zd_ioreq32), GFP_KERNEL);
|
||||
ioreqs = kmalloc_array(num_cmds, sizeof(struct zd_ioreq32),
|
||||
GFP_KERNEL);
|
||||
if (!ioreqs) {
|
||||
r = -ENOMEM;
|
||||
goto out_nofree;
|
||||
|
||||
Atsaukties uz šo jaunā problēmā
Block a user