tech-userlevel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: reallocarr(3)
christos%zoulas.com@localhost (Christos Zoulas) wrote:
> On Feb 7, 5:54pm, jym%NetBSD.org@localhost (Jean-Yves Migeon) wrote:
> -- Subject: Re: reallocarr(3)
>
> | Le 06/02/2015 01:50, Kamil Rytarowski a écrit :
> | > Is it fine to have this function for the kernel too?
> |
> | TBH I think that the kernel should rather rely on generic integer
> | overflow/underflow checks for its allocation APIs, a bit like the size
> | overflow plugin you can find in grsec.
> |
> | pool_cache(9) are generally sufficient enough to handle arrays of
> | object with a fixed size (behind the curtain), adding yet-another
> | allocator would not address the various kmem_alloc/malloc() call sites
> | that already exist in kernel.
> |
> | Of course this opinion is just mine :)
>
> The idiom number-of-elements * size is too common, and instead of
> protecting it by opencoding overflow everywhere, it is simpler to provide
> an allocator that does this internally...
We really do not need another interface in the kernel. If you allocate
kernel memory given the user input, it should be sanity-checked anyway,
i.e. not only for the overflow, unless you think that letting the user
to arbitrarily allocate tons of KVA is a good idea.
Nevermind that this reallocarr{ay,} is a pretty poor interface anyway..
--
Mindaugas
Home |
Main Index |
Thread Index |
Old Index