[PATCH v7 6/8] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

Yafang Shao laoar.shao at gmail.com
Mon Aug 26 13:13:16 UTC 2024


On Mon, Aug 26, 2024 at 5:25 PM Alejandro Colomar <alx at kernel.org> wrote:
>
> Hi Yafang,
>
> On Sat, Aug 17, 2024 at 10:58:02AM GMT, Alejandro Colomar wrote:
> > Hi Yafang,
> >
> > On Sat, Aug 17, 2024 at 10:56:22AM GMT, Yafang Shao wrote:
> > > These three functions follow the same pattern. To deduplicate the code,
> > > let's introduce a common helper __kmemdup_nul().
> > >
> > > Suggested-by: Andrew Morton <akpm at linux-foundation.org>
> > > Signed-off-by: Yafang Shao <laoar.shao at gmail.com>
> > > Cc: Simon Horman <horms at kernel.org>
> > > Cc: Matthew Wilcox <willy at infradead.org>
> > > ---
> > >  mm/util.c | 67 +++++++++++++++++++++----------------------------------
> > >  1 file changed, 26 insertions(+), 41 deletions(-)
> > >
> > > diff --git a/mm/util.c b/mm/util.c
> > > index 4542d8a800d9..310c7735c617 100644
> > > --- a/mm/util.c
> > > +++ b/mm/util.c
> > > @@ -45,33 +45,40 @@ void kfree_const(const void *x)
> > >  EXPORT_SYMBOL(kfree_const);
> > >
> > >  /**
> > > - * kstrdup - allocate space for and copy an existing string
> > > - * @s: the string to duplicate
> > > + * __kmemdup_nul - Create a NUL-terminated string from @s, which might be unterminated.
> > > + * @s: The data to copy
> > > + * @len: The size of the data, including the null terminator
> > >   * @gfp: the GFP mask used in the kmalloc() call when allocating memory
> > >   *
> > > - * Return: newly allocated copy of @s or %NULL in case of error
> > > + * Return: newly allocated copy of @s with NUL-termination or %NULL in
> > > + * case of error
> > >   */
> > > -noinline
> > > -char *kstrdup(const char *s, gfp_t gfp)
> > > +static __always_inline char *__kmemdup_nul(const char *s, size_t len, gfp_t gfp)
> > >  {
> > > -   size_t len;
> > >     char *buf;
> > >
> > > -   if (!s)
> > > +   buf = kmalloc_track_caller(len, gfp);
> > > +   if (!buf)
> > >             return NULL;
> > >
> > > -   len = strlen(s) + 1;
> > > -   buf = kmalloc_track_caller(len, gfp);
> > > -   if (buf) {
> > > -           memcpy(buf, s, len);
> > > -           /* During memcpy(), the string might be updated to a new value,
> > > -            * which could be longer than the string when strlen() is
> > > -            * called. Therefore, we need to add a null termimator.
> > > -            */
> > > -           buf[len - 1] = '\0';
> > > -   }
> > > +   memcpy(buf, s, len);
> > > +   /* Ensure the buf is always NUL-terminated, regardless of @s. */
> > > +   buf[len - 1] = '\0';
> > >     return buf;
> > >  }
> > > +
> > > +/**
> > > + * kstrdup - allocate space for and copy an existing string
> > > + * @s: the string to duplicate
> > > + * @gfp: the GFP mask used in the kmalloc() call when allocating memory
> > > + *
> > > + * Return: newly allocated copy of @s or %NULL in case of error
> > > + */
> > > +noinline
> > > +char *kstrdup(const char *s, gfp_t gfp)
> > > +{
> > > +   return s ? __kmemdup_nul(s, strlen(s) + 1, gfp) : NULL;
> > > +}
> > >  EXPORT_SYMBOL(kstrdup);
> > >
> > >  /**
> > > @@ -106,19 +113,7 @@ EXPORT_SYMBOL(kstrdup_const);
> > >   */
> > >  char *kstrndup(const char *s, size_t max, gfp_t gfp)
> > >  {
> > > -   size_t len;
> > > -   char *buf;
> > > -
> > > -   if (!s)
> > > -           return NULL;
> > > -
> > > -   len = strnlen(s, max);
> > > -   buf = kmalloc_track_caller(len+1, gfp);
> > > -   if (buf) {
> > > -           memcpy(buf, s, len);
> > > -           buf[len] = '\0';
> > > -   }
> > > -   return buf;
> > > +   return s ? __kmemdup_nul(s, strnlen(s, max) + 1, gfp) : NULL;
> > >  }
> > >  EXPORT_SYMBOL(kstrndup);
> > >
> > > @@ -192,17 +187,7 @@ EXPORT_SYMBOL(kvmemdup);
> > >   */
> > >  char *kmemdup_nul(const char *s, size_t len, gfp_t gfp)
> > >  {
> > > -   char *buf;
> > > -
> > > -   if (!s)
> > > -           return NULL;
> > > -
> > > -   buf = kmalloc_track_caller(len + 1, gfp);
> > > -   if (buf) {
> > > -           memcpy(buf, s, len);
> > > -           buf[len] = '\0';
> > > -   }
> > > -   return buf;
> > > +   return s ? __kmemdup_nul(s, len + 1, gfp) : NULL;
> > >  }
> > >  EXPORT_SYMBOL(kmemdup_nul);
> >
> > I like the idea of the patch, but it's plagued with all those +1 and -1.
> > I think that's due to a bad choice of value being passed by.  If you
> > pass the actual length of the string (as suggested in my reply to the
> > previous patch) you should end up with a cleaner set of APIs.
> >
> > The only remaining +1 is for kmalloc_track_caller(), which I ignore what
> > it does.
> >
> >       char *
> >       __kmemdup_nul(const char *s, size_t len, gfp_t gfp)
> >       {
> >               char *buf;
> >
> >               buf = kmalloc_track_caller(len + 1, gfp);
> >               if (!buf)
> >                       return NULL;
> >
> >               strcpy(mempcpy(buf, s, len), "");
>
> Changing these strcpy(, "") to the usual; ='\0' or =0, but I'd still
> recommend the rest of the changes, that is, changing the value passed in
> len, to remove several +1 and -1s.
>
> What do you think?

I will update it. Thanks for your suggestion.

-- 
Regards
Yafang



More information about the Linux-security-module-archive mailing list