perf/x86/rapl: Prefer struct_size() over open coded arithmetic

This is an effort to get rid of all multiplications from allocation
functions in order to prevent integer overflows:

  https://www.kernel.org/doc/html/latest/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments
  https://github.com/KSPP/linux/issues/160

As the "rapl_pmus" variable is a pointer to "struct rapl_pmus" and
this structure ends in a flexible array:

  struct rapl_pmus {
	[...]
	struct rapl_pmu *pmus[] __counted_by(maxdie);
  };

the preferred way in the kernel is to use the struct_size() helper to
do the arithmetic instead of the calculation "size + count * size" in
the kzalloc() function.

This way, the code is more readable and safer.

Signed-off-by: Erick Archer <[email protected]>
Signed-off-by: Ingo Molnar <[email protected]>
Reviewed-by: Gustavo A. R. Silva <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Link: https://lore.kernel.org/r/[email protected]

diff --git a/arch/x86/events/rapl.c b/arch/x86/events/rapl.c
index fb2b1961e5a33a190ab21ce6ea7d27026ffbc18e..8ef08b5d55a7540f775cb4d0df2b197fd8922e08 100644 (file)
--- a/arch/x86/events/rapl.c
+++ b/arch/x86/events/rapl.c
@@ -675,10 +675,8 @@ static const struct attribute_group *rapl_attr_update[] = {
 static int __init init_rapl_pmus(void)
 {
        int maxdie = topology_max_packages() * topology_max_dies_per_package();
-       size_t size;
 
-       size = sizeof(*rapl_pmus) + maxdie * sizeof(struct rapl_pmu *);
-       rapl_pmus = kzalloc(size, GFP_KERNEL);
+       rapl_pmus = kzalloc(struct_size(rapl_pmus, pmus, maxdie), GFP_KERNEL);
        if (!rapl_pmus)
                return -ENOMEM;