btrfs: use kmalloc_array() for open-coded arithmetic in kmalloc()

As pointed out in the documentation, calling 'kmalloc' with open-coded
arithmetic can lead to unfortunate overflows and this particular way of
using it has been deprecated. Instead, it's preferred to use
'kmalloc_array' in cases where it might apply so an overflow check is
performed.

Note this is an API cleanup and is not fixing any overflows because in
all cases the multipliers are bounded small numbers derived from number
of items in leaves/nodes.

Signed-off-by: Miquel Sabaté Solà <mssola@mssola.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/delayed-inode.c b/fs/btrfs/delayed-inode.c
index 6adfe62cd0c4dd777c7ec7e96ccf1288a9ee96c7..81577a0c601f583aa5044421aff0bac32efdeb54 100644 (file)
--- a/fs/btrfs/delayed-inode.c
+++ b/fs/btrfs/delayed-inode.c
@@ -738,8 +738,8 @@ static int btrfs_insert_delayed_item(struct btrfs_trans_handle *trans,
                u32 *ins_sizes;
                int i = 0;
 
-               ins_data = kmalloc(batch.nr * sizeof(u32) +
-                                  batch.nr * sizeof(struct btrfs_key), GFP_NOFS);
+               ins_data = kmalloc_array(batch.nr,
+                                        sizeof(u32) + sizeof(struct btrfs_key), GFP_NOFS);
                if (!ins_data) {
                        ret = -ENOMEM;
                        goto out;

diff --git a/fs/btrfs/tree-log.c b/fs/btrfs/tree-log.c
index ac7805d40ab24a4f2511f63a29334add3eedaeb9..78d59b63748bace586a13f270d459a86e0f9249d 100644 (file)
--- a/fs/btrfs/tree-log.c
+++ b/fs/btrfs/tree-log.c
@@ -4054,8 +4054,7 @@ static int flush_dir_items_batch(struct btrfs_trans_handle *trans,
                struct btrfs_key *ins_keys;
                u32 *ins_sizes;
 
-               ins_data = kmalloc(count * sizeof(u32) +
-                                  count * sizeof(struct btrfs_key), GFP_NOFS);
+               ins_data = kmalloc_array(count, sizeof(u32) + sizeof(struct btrfs_key), GFP_NOFS);
                if (!ins_data)
                        return -ENOMEM;
 
@@ -4818,8 +4817,7 @@ static noinline int copy_items(struct btrfs_trans_handle *trans,
 
        src = src_path->nodes[0];
 
-       ins_data = kmalloc(nr * sizeof(struct btrfs_key) +
-                          nr * sizeof(u32), GFP_NOFS);
+       ins_data = kmalloc_array(nr, sizeof(struct btrfs_key) + sizeof(u32), GFP_NOFS);
        if (!ins_data)
                return -ENOMEM;
 
@@ -6524,8 +6522,7 @@ static int log_delayed_insertion_items(struct btrfs_trans_handle *trans,
        if (!first)
                return 0;
 
-       ins_data = kmalloc(max_batch_size * sizeof(u32) +
-                          max_batch_size * sizeof(struct btrfs_key), GFP_NOFS);
+       ins_data = kmalloc_array(max_batch_size, sizeof(u32) + sizeof(struct btrfs_key), GFP_NOFS);
        if (!ins_data)
                return -ENOMEM;
        ins_sizes = (u32 *)ins_data;