Re: [PATCH net-next] udp_tunnel: Use flex array to simplify code

From: Willem de Bruijn
Date: Mon Sep 25 2023 - 16:51:09 EST

Next message: Jack Brennen: "[PATCH] modpost: Optimize symbol search from linear to binary search"
Previous message: Frank Li: "[PATCH v2 7/7] arm64: dts: imx8qm-mek: enable 8qm lpuart2 and lpuart3"
In reply to: Christophe JAILLET: "Re: [PATCH net-next] udp_tunnel: Use flex array to simplify code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 25, 2023 at 6:26 PM Christophe JAILLET
<christophe.jaillet@xxxxxxxxxx> wrote:
>
> Le 24/09/2023 à 18:00, Willem de Bruijn a écrit :
> > Christophe JAILLET wrote:
> >> 'n_tables' is small, UDP_TUNNEL_NIC_MAX_TABLES = 4 as a maximum. So there
> >> is no real point to allocate the 'entries' pointers array with a dedicate
> >> memory allocation.
> >>
> >> Using a flexible array for struct udp_tunnel_nic->entries avoids the
> >> overhead of an additional memory allocation.
> >>
> >> This also saves an indirection when the array is accessed.
> >>
> >> Finally, __counted_by() can be used for run-time bounds checking if
> >> configured and supported by the compiler.
> >>
> >> Signed-off-by: Christophe JAILLET <christophe.jaillet@xxxxxxxxxx>

Reviewed-by: Willem de Bruijn <willemb@xxxxxxxxxx>

> >> ---
> >> net/ipv4/udp_tunnel_nic.c | 11 ++---------
> >> 1 file changed, 2 insertions(+), 9 deletions(-)
> >>
> >> diff --git a/net/ipv4/udp_tunnel_nic.c b/net/ipv4/udp_tunnel_nic.c
> >> index 029219749785..b6d2d16189c0 100644
> >> --- a/net/ipv4/udp_tunnel_nic.c
> >> +++ b/net/ipv4/udp_tunnel_nic.c
> >> @@ -47,7 +47,7 @@ struct udp_tunnel_nic {
> >>
> >> unsigned int n_tables;
> >> unsigned long missed;
> >> - struct udp_tunnel_nic_table_entry **entries;
> >> + struct udp_tunnel_nic_table_entry *entries[] __counted_by(n_tables);
> >> };
> >>
> >> /* We ensure all work structs are done using driver state, but not the code.
> >> @@ -725,16 +725,12 @@ udp_tunnel_nic_alloc(const struct udp_tunnel_nic_info *info,
> >> struct udp_tunnel_nic *utn;
> >> unsigned int i;
> >>
> >> - utn = kzalloc(sizeof(*utn), GFP_KERNEL);
> >> + utn = kzalloc(struct_size(utn, entries, n_tables), GFP_KERNEL);
> >> if (!utn)
> >> return NULL;
> >> utn->n_tables = n_tables;
> >
> > Should utn->n_tables be initialized before first use of
> > struct_size(utn, entries, n_tables)?
> >
>
> It can't be.
> struct_size() is used to compute the memory size to allocate.
>
> Before the kzalloc() call, utn does not exist, so we can't write
> anything to utn->n_tables. It is undefined at this point.
>
> It is initialized the line just after, after the allocation, but before
> any use.

Of course, sorry. I confused __counted_by's reference to a field
member in the struct, with the normal argument passing of struct_size
and flex_array_size.

Next message: Jack Brennen: "[PATCH] modpost: Optimize symbol search from linear to binary search"
Previous message: Frank Li: "[PATCH v2 7/7] arm64: dts: imx8qm-mek: enable 8qm lpuart2 and lpuart3"
In reply to: Christophe JAILLET: "Re: [PATCH net-next] udp_tunnel: Use flex array to simplify code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]