Merge tag 'kmalloc_obj-v7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull kmalloc_obj updates from Kees Cook:
 "Introduce the kmalloc_obj* family of APIs for switching to type-based
  kmalloc allocations, away from purely size-based allocations.
  Discussed on lkml, with you, and at Linux Plumbers. It's been in -next
  for the entire dev cycle.

  Before the merge window closes, I'd like to send the treewide
  change (generated from the Coccinelle script included here), which
  mechanically converts almost 20k callsites from kmalloc* to
  kmalloc_obj*:

   8007 files changed, 19980 insertions(+), 20838 deletions(-)

  This change needed fixes for mismatched types (since now the return
  type from allocations is a pointer to the requested type, not "void
  *"), and I've been fixing these over the last 4 releases.

  These fixes have mostly been trivial mismatches with const qualifiers
  or accidentally identical sizes (e.g. same object size: "struct kvec"
  vs "struct iovec", or differing pointers to pointers), but I did catch
  one case of too-small allocation.

  Summary:

   - Introduce kmalloc_obj*() family of type-based allocator APIs

   - checkpatch: Suggest kmalloc_obj family for sizeof allocations

   - coccinelle: Add kmalloc_objs conversion script"

* tag 'kmalloc_obj-v7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  coccinelle: Add kmalloc_objs conversion script
  slab: Introduce kmalloc_flex() and family
  compiler_types: Introduce __flex_counter() and family
  checkpatch: Suggest kmalloc_obj family for sizeof allocations
  slab: Introduce kmalloc_obj() and family

1 files changed, 42 insertions, 0 deletions

diff --git a/include/linux/overflow.h b/include/linux/overflow.h
index 736f633b2d5f..6220a2000df8 100644
--- a/include/linux/overflow.h
+++ b/include/linux/overflow.h
@@ -552,4 +552,46 @@ static inline size_t __must_check size_sub(size_t minuend, size_t subtrahend)
 	(__member_size((name)->array) / sizeof(*(name)->array) +			\
 						__must_be_array((name)->array))
 
+/**
+ * typeof_flex_counter() - Return the type of the counter variable of a given
+ *                         flexible array member annotated by __counted_by().
+ * @FAM: Instance of flexible array member within a given struct.
+ *
+ * Returns: "size_t" if no annotation exists.
+ */
+#define typeof_flex_counter(FAM)				\
+	typeof(_Generic(__flex_counter(FAM),			\
+			void *: (size_t)0,			\
+			default: *__flex_counter(FAM)))
+
+/**
+ * overflows_flex_counter_type() - Check if the counter associated with the
+ *				   given flexible array member can represent
+ *				   a value.
+ * @TYPE: Type of the struct that contains the @FAM.
+ * @FAM: Member name of the FAM within @TYPE.
+ * @COUNT: Value to check against the __counted_by annotated @FAM's counter.
+ *
+ * Returns: true if @COUNT can be represented in the @FAM's counter. When
+ * @FAM is not annotated with __counted_by(), always returns true.
+ */
+#define overflows_flex_counter_type(TYPE, FAM, COUNT)		\
+	(!overflows_type(COUNT, typeof_flex_counter(((TYPE *)NULL)->FAM)))
+
+/**
+ * __set_flex_counter() - Set the counter associated with the given flexible
+ *                        array member that has been annoated by __counted_by().
+ * @FAM: Instance of flexible array member within a given struct.
+ * @COUNT: Value to store to the __counted_by annotated @FAM_PTR's counter.
+ *
+ * This is a no-op if no annotation exists. Count needs to be checked with
+ * overflows_flex_counter_type() before using this function.
+ */
+#define __set_flex_counter(FAM, COUNT)				\
+({								\
+	*_Generic(__flex_counter(FAM),				\
+		  void *:  &(size_t){ 0 },			\
+		  default: __flex_counter(FAM)) = (COUNT);	\
+})
+
 #endif /* __LINUX_OVERFLOW_H */