diff options
| author | Kees Cook <kees@kernel.org> | 2026-02-20 23:49:23 -0800 |
|---|---|---|
| committer | Kees Cook <kees@kernel.org> | 2026-02-21 01:02:28 -0800 |
| commit | 69050f8d6d075dc01af7a5f2f550a8067510366f (patch) | |
| tree | bb265f94d9dfa7876c06a5d9f88673d496a15341 /net/netfilter | |
| parent | d39a1d7486d98668dd34aaa6732aad7977c45f5a (diff) | |
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
This is the result of running the Coccinelle script from
scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to
avoid scalar types (which need careful case-by-case checking), and
instead replace kmalloc-family calls that allocate struct or union
object instances:
Single allocations: kmalloc(sizeof(TYPE), ...)
are replaced with: kmalloc_obj(TYPE, ...)
Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...)
are replaced with: kmalloc_objs(TYPE, COUNT, ...)
Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...)
are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...)
(where TYPE may also be *VAR)
The resulting allocations no longer return "void *", instead returning
"TYPE *".
Signed-off-by: Kees Cook <kees@kernel.org>
Diffstat (limited to 'net/netfilter')
54 files changed, 110 insertions, 118 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index cc20e6d56807..c3beef6155b6 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1077,7 +1077,7 @@ static int ip_set_create(struct sk_buff *skb, const struct nfnl_info *info, /* First, and without any locks, allocate and initialize * a normal base set structure. */ - set = kzalloc(sizeof(*set), GFP_KERNEL); + set = kzalloc_obj(*set, GFP_KERNEL); if (!set) return -ENOMEM; spin_lock_init(&set->lock); @@ -1135,7 +1135,7 @@ static int ip_set_create(struct sk_buff *skb, const struct nfnl_info *info, /* Wraparound */ goto cleanup; - list = kvcalloc(i, sizeof(struct ip_set *), GFP_KERNEL); + list = kvzalloc_objs(struct ip_set *, i, GFP_KERNEL); if (!list) goto cleanup; /* nfnl mutex is held, both lists are valid */ @@ -2377,7 +2377,7 @@ ip_set_net_init(struct net *net) if (inst->ip_set_max >= IPSET_INVALID_ID) inst->ip_set_max = IPSET_INVALID_ID - 1; - list = kvcalloc(inst->ip_set_max, sizeof(struct ip_set *), GFP_KERNEL); + list = kvzalloc_objs(struct ip_set *, inst->ip_set_max, GFP_KERNEL); if (!list) return -ENOMEM; inst->is_deleted = false; diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h index 5e4453e9ef8e..181daa9c2019 100644 --- a/net/netfilter/ipset/ip_set_hash_gen.h +++ b/net/netfilter/ipset/ip_set_hash_gen.h @@ -998,7 +998,7 @@ resize: /* Resize is in process and kernel side add, save values */ struct mtype_resize_ad *x; - x = kzalloc(sizeof(struct mtype_resize_ad), GFP_ATOMIC); + x = kzalloc_obj(struct mtype_resize_ad, GFP_ATOMIC); if (!x) /* Don't bother */ goto out; @@ -1086,8 +1086,7 @@ mtype_del(struct ip_set *set, void *value, const struct ip_set_ext *ext, /* Resize is in process and kernel side del, * save values */ - x = kzalloc(sizeof(struct mtype_resize_ad), - GFP_ATOMIC); + x = kzalloc_obj(struct mtype_resize_ad, GFP_ATOMIC); if (x) { x->ad = IPSET_DEL; memcpy(&x->d, value, diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c index 13c7a08aa868..39165c014bd9 100644 --- a/net/netfilter/ipset/ip_set_list_set.c +++ b/net/netfilter/ipset/ip_set_list_set.c @@ -598,7 +598,7 @@ init_list_set(struct net *net, struct ip_set *set, u32 size) { struct list_set *map; - map = kzalloc(sizeof(*map), GFP_KERNEL); + map = kzalloc_obj(*map, GFP_KERNEL); if (!map) return false; diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index 50cc492c7553..e05991ec49f3 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c +++ b/net/netfilter/ipvs/ip_vs_conn.c @@ -1510,8 +1510,8 @@ int __init ip_vs_conn_init(void) */ tab_array_size = array_size(ip_vs_conn_tab_size, sizeof(*ip_vs_conn_tab)); - ip_vs_conn_tab = kvmalloc_array(ip_vs_conn_tab_size, - sizeof(*ip_vs_conn_tab), GFP_KERNEL); + ip_vs_conn_tab = kvmalloc_objs(*ip_vs_conn_tab, ip_vs_conn_tab_size, + GFP_KERNEL); if (!ip_vs_conn_tab) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 068702894377..d38867c52180 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -938,7 +938,7 @@ int ip_vs_stats_init_alloc(struct ip_vs_stats *s) struct ip_vs_stats *ip_vs_stats_alloc(void) { - struct ip_vs_stats *s = kzalloc(sizeof(*s), GFP_KERNEL); + struct ip_vs_stats *s = kzalloc_obj(*s, GFP_KERNEL); if (s && ip_vs_stats_init_alloc(s) >= 0) return s; @@ -1079,7 +1079,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest) return -EINVAL; } - dest = kzalloc(sizeof(struct ip_vs_dest), GFP_KERNEL); + dest = kzalloc_obj(struct ip_vs_dest, GFP_KERNEL); if (dest == NULL) return -ENOMEM; @@ -1421,7 +1421,7 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct ip_vs_service_user_kern *u, ret_hooks = ret; } - svc = kzalloc(sizeof(struct ip_vs_service), GFP_KERNEL); + svc = kzalloc_obj(struct ip_vs_service, GFP_KERNEL); if (svc == NULL) { IP_VS_DBG(1, "%s(): no memory\n", __func__); ret = -ENOMEM; @@ -4439,7 +4439,7 @@ int __net_init ip_vs_control_net_init(struct netns_ipvs *ipvs) INIT_DELAYED_WORK(&ipvs->est_reload_work, est_reload_work_handler); /* procfs stats */ - ipvs->tot_stats = kzalloc(sizeof(*ipvs->tot_stats), GFP_KERNEL); + ipvs->tot_stats = kzalloc_obj(*ipvs->tot_stats, GFP_KERNEL); if (!ipvs->tot_stats) goto out; if (ip_vs_stats_init_alloc(&ipvs->tot_stats->s) < 0) diff --git a/net/netfilter/ipvs/ip_vs_dh.c b/net/netfilter/ipvs/ip_vs_dh.c index bb7aca4601ff..ac1d6f5bfe8a 100644 --- a/net/netfilter/ipvs/ip_vs_dh.c +++ b/net/netfilter/ipvs/ip_vs_dh.c @@ -153,7 +153,7 @@ static int ip_vs_dh_init_svc(struct ip_vs_service *svc) struct ip_vs_dh_state *s; /* allocate the DH table for this service */ - s = kzalloc(sizeof(struct ip_vs_dh_state), GFP_KERNEL); + s = kzalloc_obj(struct ip_vs_dh_state, GFP_KERNEL); if (s == NULL) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c index 77f4f637ff67..06999a17519b 100644 --- a/net/netfilter/ipvs/ip_vs_est.c +++ b/net/netfilter/ipvs/ip_vs_est.c @@ -325,7 +325,7 @@ static int ip_vs_est_add_kthread(struct netns_ipvs *ipvs) id = i; } - kd = kzalloc(sizeof(*kd), GFP_KERNEL); + kd = kzalloc_obj(*kd, GFP_KERNEL); if (!kd) goto out; kd->ipvs = ipvs; @@ -443,7 +443,7 @@ add_est: td = rcu_dereference_protected(kd->ticks[row], 1); if (!td) { - td = kzalloc(sizeof(*td), GFP_KERNEL); + td = kzalloc_obj(*td, GFP_KERNEL); if (!td) { ret = -ENOMEM; goto out; diff --git a/net/netfilter/ipvs/ip_vs_lblc.c b/net/netfilter/ipvs/ip_vs_lblc.c index e6c8ed0c92f6..36d91153712c 100644 --- a/net/netfilter/ipvs/ip_vs_lblc.c +++ b/net/netfilter/ipvs/ip_vs_lblc.c @@ -204,7 +204,7 @@ ip_vs_lblc_new(struct ip_vs_lblc_table *tbl, const union nf_inet_addr *daddr, return en; ip_vs_lblc_del(en); } - en = kmalloc(sizeof(*en), GFP_ATOMIC); + en = kmalloc_obj(*en, GFP_ATOMIC); if (!en) return NULL; @@ -347,7 +347,7 @@ static int ip_vs_lblc_init_svc(struct ip_vs_service *svc) /* * Allocate the ip_vs_lblc_table for this service */ - tbl = kmalloc(sizeof(*tbl), GFP_KERNEL); + tbl = kmalloc_obj(*tbl, GFP_KERNEL); if (tbl == NULL) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_lblcr.c b/net/netfilter/ipvs/ip_vs_lblcr.c index a25cf7bb6185..eba6600decbe 100644 --- a/net/netfilter/ipvs/ip_vs_lblcr.c +++ b/net/netfilter/ipvs/ip_vs_lblcr.c @@ -107,7 +107,7 @@ static void ip_vs_dest_set_insert(struct ip_vs_dest_set *set, } } - e = kmalloc(sizeof(*e), GFP_ATOMIC); + e = kmalloc_obj(*e, GFP_ATOMIC); if (e == NULL) return; @@ -363,7 +363,7 @@ ip_vs_lblcr_new(struct ip_vs_lblcr_table *tbl, const union nf_inet_addr *daddr, en = ip_vs_lblcr_get(af, tbl, daddr); if (!en) { - en = kmalloc(sizeof(*en), GFP_ATOMIC); + en = kmalloc_obj(*en, GFP_ATOMIC); if (!en) return NULL; @@ -510,7 +510,7 @@ static int ip_vs_lblcr_init_svc(struct ip_vs_service *svc) /* * Allocate the ip_vs_lblcr_table for this service */ - tbl = kmalloc(sizeof(*tbl), GFP_KERNEL); + tbl = kmalloc_obj(*tbl, GFP_KERNEL); if (tbl == NULL) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_mh.c b/net/netfilter/ipvs/ip_vs_mh.c index f61f54004c9e..7f5be86bab4d 100644 --- a/net/netfilter/ipvs/ip_vs_mh.c +++ b/net/netfilter/ipvs/ip_vs_mh.c @@ -293,9 +293,8 @@ static int ip_vs_mh_reassign(struct ip_vs_mh_state *s, return -EINVAL; if (svc->num_dests >= 1) { - s->dest_setup = kcalloc(svc->num_dests, - sizeof(struct ip_vs_mh_dest_setup), - GFP_KERNEL); + s->dest_setup = kzalloc_objs(struct ip_vs_mh_dest_setup, + svc->num_dests, GFP_KERNEL); if (!s->dest_setup) return -ENOMEM; } @@ -383,12 +382,12 @@ static int ip_vs_mh_init_svc(struct ip_vs_service *svc) struct ip_vs_mh_state *s; /* Allocate the MH table for this service */ - s = kzalloc(sizeof(*s), GFP_KERNEL); + s = kzalloc_obj(*s, GFP_KERNEL); if (!s) return -ENOMEM; - s->lookup = kcalloc(IP_VS_MH_TAB_SIZE, sizeof(struct ip_vs_mh_lookup), - GFP_KERNEL); + s->lookup = kzalloc_objs(struct ip_vs_mh_lookup, IP_VS_MH_TAB_SIZE, + GFP_KERNEL); if (!s->lookup) { kfree(s); return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c index fd9dbca24c85..a62c1e8fc1da 100644 --- a/net/netfilter/ipvs/ip_vs_proto.c +++ b/net/netfilter/ipvs/ip_vs_proto.c @@ -66,7 +66,7 @@ register_ip_vs_proto_netns(struct netns_ipvs *ipvs, struct ip_vs_protocol *pp) { unsigned int hash = IP_VS_PROTO_HASH(pp->protocol); struct ip_vs_proto_data *pd = - kzalloc(sizeof(struct ip_vs_proto_data), GFP_KERNEL); + kzalloc_obj(struct ip_vs_proto_data, GFP_KERNEL); if (!pd) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_sh.c b/net/netfilter/ipvs/ip_vs_sh.c index 0e85e07e23b9..a4616433b445 100644 --- a/net/netfilter/ipvs/ip_vs_sh.c +++ b/net/netfilter/ipvs/ip_vs_sh.c @@ -229,7 +229,7 @@ static int ip_vs_sh_init_svc(struct ip_vs_service *svc) struct ip_vs_sh_state *s; /* allocate the SH table for this service */ - s = kzalloc(sizeof(struct ip_vs_sh_state), GFP_KERNEL); + s = kzalloc_obj(struct ip_vs_sh_state, GFP_KERNEL); if (s == NULL) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 54dd1514ac45..f83732777228 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c +++ b/net/netfilter/ipvs/ip_vs_sync.c @@ -329,7 +329,7 @@ ip_vs_sync_buff_create(struct netns_ipvs *ipvs, unsigned int len) { struct ip_vs_sync_buff *sb; - if (!(sb=kmalloc(sizeof(struct ip_vs_sync_buff), GFP_ATOMIC))) + if (!(sb=kmalloc_obj(struct ip_vs_sync_buff, GFP_ATOMIC))) return NULL; len = max_t(unsigned int, len + sizeof(struct ip_vs_sync_mesg), @@ -417,7 +417,7 @@ ip_vs_sync_buff_create_v0(struct netns_ipvs *ipvs, unsigned int len) struct ip_vs_sync_buff *sb; struct ip_vs_sync_mesg_v0 *mesg; - if (!(sb=kmalloc(sizeof(struct ip_vs_sync_buff), GFP_ATOMIC))) + if (!(sb=kmalloc_obj(struct ip_vs_sync_buff, GFP_ATOMIC))) return NULL; len = max_t(unsigned int, len + sizeof(struct ip_vs_sync_mesg_v0), @@ -1827,7 +1827,7 @@ int start_sync_thread(struct netns_ipvs *ipvs, struct ipvs_sync_daemon_cfg *c, struct ipvs_master_sync_state *ms; result = -ENOMEM; - ipvs->ms = kcalloc(count, sizeof(ipvs->ms[0]), GFP_KERNEL); + ipvs->ms = kzalloc_objs(ipvs->ms[0], count, GFP_KERNEL); if (!ipvs->ms) goto out; ms = ipvs->ms; @@ -1841,8 +1841,7 @@ int start_sync_thread(struct netns_ipvs *ipvs, struct ipvs_sync_daemon_cfg *c, } } result = -ENOMEM; - ti = kcalloc(count, sizeof(struct ip_vs_sync_thread_data), - GFP_KERNEL); + ti = kzalloc_objs(struct ip_vs_sync_thread_data, count, GFP_KERNEL); if (!ti) goto out; diff --git a/net/netfilter/ipvs/ip_vs_wrr.c b/net/netfilter/ipvs/ip_vs_wrr.c index 99f09cbf2d9b..58c65af9830a 100644 --- a/net/netfilter/ipvs/ip_vs_wrr.c +++ b/net/netfilter/ipvs/ip_vs_wrr.c @@ -109,7 +109,7 @@ static int ip_vs_wrr_init_svc(struct ip_vs_service *svc) /* * Allocate the mark variable for WRR scheduling */ - mark = kmalloc(sizeof(struct ip_vs_wrr_mark), GFP_KERNEL); + mark = kmalloc_obj(struct ip_vs_wrr_mark, GFP_KERNEL); if (mark == NULL) return -ENOMEM; diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c index 4389bfe3050d..3601eb86d025 100644 --- a/net/netfilter/ipvs/ip_vs_xmit.c +++ b/net/netfilter/ipvs/ip_vs_xmit.c @@ -57,7 +57,7 @@ enum { static inline struct ip_vs_dest_dst *ip_vs_dest_dst_alloc(void) { - return kmalloc(sizeof(struct ip_vs_dest_dst), GFP_ATOMIC); + return kmalloc_obj(struct ip_vs_dest_dst, GFP_ATOMIC); } static inline void ip_vs_dest_dst_free(struct ip_vs_dest_dst *dest_dst) diff --git a/net/netfilter/nf_bpf_link.c b/net/netfilter/nf_bpf_link.c index 46e667a50d98..6f3a6411f4af 100644 --- a/net/netfilter/nf_bpf_link.c +++ b/net/netfilter/nf_bpf_link.c @@ -221,7 +221,7 @@ int bpf_nf_link_attach(const union bpf_attr *attr, struct bpf_prog *prog) if (err) return err; - link = kzalloc(sizeof(*link), GFP_USER); + link = kzalloc_obj(*link, GFP_USER); if (!link) return -ENOMEM; diff --git a/net/netfilter/nf_conncount.c b/net/netfilter/nf_conncount.c index 14e62b3263cd..520781335fc8 100644 --- a/net/netfilter/nf_conncount.c +++ b/net/netfilter/nf_conncount.c @@ -632,7 +632,7 @@ struct nf_conncount_data *nf_conncount_init(struct net *net, unsigned int keylen net_get_random_once(&conncount_rnd, sizeof(conncount_rnd)); - data = kmalloc(sizeof(*data), GFP_KERNEL); + data = kmalloc_obj(*data, GFP_KERNEL); if (!data) return ERR_PTR(-ENOMEM); diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index d1f8eb725d42..42da155ab028 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -536,7 +536,7 @@ struct nf_conn *nf_ct_tmpl_alloc(struct net *net, if (tmpl != p) tmpl->proto.tmpl_padto = (char *)tmpl - (char *)p; } else { - tmpl = kzalloc(sizeof(*tmpl), flags); + tmpl = kzalloc_obj(*tmpl, flags); if (!tmpl) return NULL; } @@ -2535,7 +2535,7 @@ void *nf_ct_alloc_hashtable(unsigned int *sizep, int nulls) if (nr_slots > (INT_MAX / sizeof(struct hlist_nulls_head))) return NULL; - hash = kvcalloc(nr_slots, sizeof(struct hlist_nulls_head), GFP_KERNEL); + hash = kvzalloc_objs(struct hlist_nulls_head, nr_slots, GFP_KERNEL); if (hash && nulls) for (i = 0; i < nr_slots; i++) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 662f6bbfa805..cd1ab584fb2f 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -999,7 +999,7 @@ ctnetlink_alloc_filter(const struct nlattr * const cda[], u8 family) return ERR_PTR(-EOPNOTSUPP); #endif - filter = kzalloc(sizeof(*filter), GFP_KERNEL); + filter = kzalloc_obj(*filter, GFP_KERNEL); if (filter == NULL) return ERR_PTR(-ENOMEM); diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c index b894bb7a97ad..94c19bc4edc5 100644 --- a/net/netfilter/nf_conntrack_proto_gre.c +++ b/net/netfilter/nf_conntrack_proto_gre.c @@ -108,7 +108,7 @@ int nf_ct_gre_keymap_add(struct nf_conn *ct, enum ip_conntrack_dir dir, return -EEXIST; } - km = kmalloc(sizeof(*km), GFP_ATOMIC); + km = kmalloc_obj(*km, GFP_ATOMIC); if (!km) return -ENOMEM; memcpy(&km->tuple, t, sizeof(*t)); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index b1966b68c48a..c95a18ca178b 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -741,7 +741,7 @@ nf_flow_offload_rule_alloc(struct net *net, struct nf_flow_rule *flow_rule; int err = -ENOMEM; - flow_rule = kzalloc(sizeof(*flow_rule), GFP_KERNEL); + flow_rule = kzalloc_obj(*flow_rule, GFP_KERNEL); if (!flow_rule) goto err_flow; @@ -1022,7 +1022,7 @@ nf_flow_offload_work_alloc(struct nf_flowtable *flowtable, if (test_and_set_bit(NF_FLOW_HW_PENDING, &flow->flags)) return NULL; - offload = kmalloc(sizeof(struct flow_offload_work), GFP_ATOMIC); + offload = kmalloc_obj(struct flow_offload_work, GFP_ATOMIC); if (!offload) { clear_bit(NF_FLOW_HW_PENDING, &flow->flags); return NULL; diff --git a/net/netfilter/nf_flow_table_xdp.c b/net/netfilter/nf_flow_table_xdp.c index e1252d042699..86ac65e9b579 100644 --- a/net/netfilter/nf_flow_table_xdp.c +++ b/net/netfilter/nf_flow_table_xdp.c @@ -54,7 +54,7 @@ static int nf_flowtable_by_dev_insert(struct nf_flowtable *ft, unsigned long key = (unsigned long)dev; struct flow_offload_xdp_ft *ft_elem; - ft_elem = kzalloc(sizeof(*ft_elem), GFP_KERNEL_ACCOUNT); + ft_elem = kzalloc_obj(*ft_elem, GFP_KERNEL_ACCOUNT); if (!ft_elem) return -ENOMEM; @@ -70,7 +70,7 @@ static int nf_flowtable_by_dev_insert(struct nf_flowtable *ft, } if (!elem) { - elem = kzalloc(sizeof(*elem), GFP_KERNEL_ACCOUNT); + elem = kzalloc_obj(*elem, GFP_KERNEL_ACCOUNT); if (!elem) goto err_unlock; diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 62cf6a30875e..f4d80654dfe6 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c @@ -317,7 +317,7 @@ EXPORT_SYMBOL_GPL(nf_log_buf_add); struct nf_log_buf *nf_log_buf_open(void) { - struct nf_log_buf *m = kmalloc(sizeof(*m), GFP_ATOMIC); + struct nf_log_buf *m = kmalloc_obj(*m, GFP_ATOMIC); if (unlikely(!m)) { local_bh_disable(); diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c index e6b24586d2fe..b4053e5ee07f 100644 --- a/net/netfilter/nf_nat_core.c +++ b/net/netfilter/nf_nat_core.c @@ -1213,7 +1213,7 @@ int nf_nat_register_fn(struct net *net, u8 pf, const struct nf_hook_ops *ops, } for (i = 0; i < ops_count; i++) { - priv = kzalloc(sizeof(*priv), GFP_KERNEL); + priv = kzalloc_obj(*priv, GFP_KERNEL); if (priv) { nat_ops[i].priv = priv; continue; diff --git a/net/netfilter/nf_nat_masquerade.c b/net/netfilter/nf_nat_masquerade.c index 1a506b0c6511..a5a23c03fda9 100644 --- a/net/netfilter/nf_nat_masquerade.c +++ b/net/netfilter/nf_nat_masquerade.c @@ -115,7 +115,7 @@ static void nf_nat_masq_schedule(struct net *net, union nf_inet_addr *addr, if (!try_module_get(THIS_MODULE)) goto err_module; - w = kzalloc(sizeof(*w), gfp_flags); + w = kzalloc_obj(*w, gfp_flags); if (w) { /* We can overshoot MAX_MASQ_WORKER_COUNT, no big deal */ atomic_inc(&masq_worker_count); diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 0c5a4855b97d..6044f1ec6953 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1104,7 +1104,7 @@ __printf(2, 3) int nft_request_module(struct net *net, const char *fmt, } } - req = kmalloc(sizeof(*req), GFP_KERNEL); + req = kmalloc_obj(*req, GFP_KERNEL); if (!req) return -ENOMEM; @@ -1624,7 +1624,7 @@ static int nf_tables_newtable(struct sk_buff *skb, const struct nfnl_info *info, } err = -ENOMEM; - table = kzalloc(sizeof(*table), GFP_KERNEL_ACCOUNT); + table = kzalloc_obj(*table, GFP_KERNEL_ACCOUNT); if (table == NULL) goto err_kzalloc; @@ -2348,7 +2348,7 @@ static struct nft_hook *nft_netdev_hook_alloc(struct net *net, struct nft_hook *hook; int err; - hook = kzalloc(sizeof(struct nft_hook), GFP_KERNEL_ACCOUNT); + hook = kzalloc_obj(struct nft_hook, GFP_KERNEL_ACCOUNT); if (!hook) return ERR_PTR(-ENOMEM); @@ -2369,7 +2369,7 @@ static struct nft_hook *nft_netdev_hook_alloc(struct net *net, if (strncmp(dev->name, hook->ifname, hook->ifnamelen)) continue; - ops = kzalloc(sizeof(struct nf_hook_ops), GFP_KERNEL_ACCOUNT); + ops = kzalloc_obj(struct nf_hook_ops, GFP_KERNEL_ACCOUNT); if (!ops) { err = -ENOMEM; goto err_hook_free; @@ -2716,7 +2716,7 @@ static int nf_tables_addchain(struct nft_ctx *ctx, u8 family, u8 policy, if (err < 0) return err; - basechain = kzalloc(sizeof(*basechain), GFP_KERNEL_ACCOUNT); + basechain = kzalloc_obj(*basechain, GFP_KERNEL_ACCOUNT); if (basechain == NULL) { nft_chain_release_hook(&hook); return -ENOMEM; @@ -2748,7 +2748,7 @@ static int nf_tables_addchain(struct nft_ctx *ctx, u8 family, u8 policy, if (flags & NFT_CHAIN_HW_OFFLOAD) return -EOPNOTSUPP; - chain = kzalloc(sizeof(*chain), GFP_KERNEL_ACCOUNT); + chain = kzalloc_obj(*chain, GFP_KERNEL_ACCOUNT); if (chain == NULL) return -ENOMEM; @@ -4315,9 +4315,8 @@ static int nf_tables_newrule(struct sk_buff *skb, const struct nfnl_info *info, n = 0; size = 0; if (nla[NFTA_RULE_EXPRESSIONS]) { - expr_info = kvmalloc_array(NFT_RULE_MAXEXPRS, - sizeof(struct nft_expr_info), - GFP_KERNEL); + expr_info = kvmalloc_objs(struct nft_expr_info, + NFT_RULE_MAXEXPRS, GFP_KERNEL); if (!expr_info) return -ENOMEM; @@ -6929,7 +6928,7 @@ static int nft_setelem_catchall_insert(const struct net *net, } } - catchall = kmalloc(sizeof(*catchall), GFP_KERNEL_ACCOUNT); + catchall = kmalloc_obj(*catchall, GFP_KERNEL_ACCOUNT); if (!catchall) return -ENOMEM; @@ -8076,7 +8075,7 @@ static struct nft_object *nft_obj_init(const struct nft_ctx *ctx, struct nft_object *obj; int err = -ENOMEM; - tb = kmalloc_array(type->maxattr + 1, sizeof(*tb), GFP_KERNEL); + tb = kmalloc_objs(*tb, type->maxattr + 1, GFP_KERNEL); if (!tb) goto err1; @@ -9145,7 +9144,7 @@ static int nf_tables_newflowtable(struct sk_buff *skb, if (!nft_use_inc(&table->use)) return -EMFILE; - flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL_ACCOUNT); + flowtable = kzalloc_obj(*flowtable, GFP_KERNEL_ACCOUNT); if (!flowtable) { err = -ENOMEM; goto flowtable_alloc; @@ -9465,7 +9464,7 @@ static int nf_tables_dump_flowtable_start(struct netlink_callback *cb) struct nft_flowtable_filter *filter = NULL; if (nla[NFTA_FLOWTABLE_TABLE]) { - filter = kzalloc(sizeof(*filter), GFP_ATOMIC); + filter = kzalloc_obj(*filter, GFP_ATOMIC); if (!filter) return -ENOMEM; @@ -9682,8 +9681,8 @@ static int nft_flowtable_event(unsigned long event, struct net_device *dev, if (!match || (changename && ops)) continue; - ops = kzalloc(sizeof(struct nf_hook_ops), - GFP_KERNEL_ACCOUNT); + ops = kzalloc_obj(struct nf_hook_ops, + GFP_KERNEL_ACCOUNT); if (!ops) return 1; @@ -10453,7 +10452,7 @@ struct nft_trans_gc *nft_trans_gc_alloc(struct nft_set *set, struct net *net = read_pnet(&set->net); struct nft_trans_gc *trans; - trans = kzalloc(sizeof(*trans), gfp); + trans = kzalloc_obj(*trans, gfp); if (!trans) return NULL; @@ -10689,7 +10688,7 @@ static int nf_tables_commit_audit_alloc(struct list_head *adl, if (adp->table == table) return 0; } - adp = kzalloc(sizeof(*adp), GFP_KERNEL); + adp = kzalloc_obj(*adp, GFP_KERNEL); if (!adp) return -ENOMEM; adp->table = table; diff --git a/net/netfilter/nf_tables_offload.c b/net/netfilter/nf_tables_offload.c index fd30e205de84..42f11cb0c0f5 100644 --- a/net/netfilter/nf_tables_offload.c +++ b/net/netfilter/nf_tables_offload.c @@ -11,7 +11,7 @@ static struct nft_flow_rule *nft_flow_rule_alloc(int num_actions) { struct nft_flow_rule *flow; - flow = kzalloc(sizeof(struct nft_flow_rule), GFP_KERNEL); + flow = kzalloc_obj(struct nft_flow_rule, GFP_KERNEL); if (!flow) return NULL; @@ -111,7 +111,7 @@ struct nft_flow_rule *nft_flow_rule_create(struct net *net, expr = nft_expr_first(rule); - ctx = kzalloc(sizeof(struct nft_offload_ctx), GFP_KERNEL); + ctx = kzalloc_obj(struct nft_offload_ctx, GFP_KERNEL); if (!ctx) { err = -ENOMEM; goto err_out; diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 811d02b4c4f7..39c3d54de9f6 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -325,7 +325,7 @@ static int nfnl_err_add(struct list_head *list, struct nlmsghdr *nlh, int err, { struct nfnl_err *nfnl_err; - nfnl_err = kmalloc(sizeof(struct nfnl_err), GFP_KERNEL); + nfnl_err = kmalloc_obj(struct nfnl_err, GFP_KERNEL); if (nfnl_err == NULL) return -ENOMEM; diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c index 505f46a32173..bd3d960a1adb 100644 --- a/net/netfilter/nfnetlink_acct.c +++ b/net/netfilter/nfnetlink_acct.c @@ -260,7 +260,7 @@ static int nfnl_acct_start(struct netlink_callback *cb) if (!tb[NFACCT_FILTER_MASK] || !tb[NFACCT_FILTER_VALUE]) return -EINVAL; - filter = kzalloc(sizeof(struct nfacct_filter), GFP_KERNEL); + filter = kzalloc_obj(struct nfacct_filter, GFP_KERNEL); if (!filter) return -ENOMEM; diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c index 97248963a7d3..1a3d333e45dd 100644 --- a/net/netfilter/nfnetlink_cthelper.c +++ b/net/netfilter/nfnetlink_cthelper.c @@ -192,9 +192,8 @@ nfnl_cthelper_parse_expect_policy(struct nf_conntrack_helper *helper, if (class_max > NF_CT_MAX_EXPECT_CLASSES) return -EOVERFLOW; - expect_policy = kcalloc(class_max, - sizeof(struct nf_conntrack_expect_policy), - GFP_KERNEL); + expect_policy = kzalloc_objs(struct nf_conntrack_expect_policy, + class_max, GFP_KERNEL); if (expect_policy == NULL) return -ENOMEM; @@ -228,7 +227,7 @@ nfnl_cthelper_create(const struct nlattr * const tb[], if (!tb[NFCTH_TUPLE] || !tb[NFCTH_POLICY] || !tb[NFCTH_PRIV_DATA_LEN]) return -EINVAL; - nfcth = kzalloc(sizeof(*nfcth), GFP_KERNEL); + nfcth = kzalloc_obj(*nfcth, GFP_KERNEL); if (nfcth == NULL) return -ENOMEM; helper = &nfcth->helper; @@ -323,8 +322,8 @@ static int nfnl_cthelper_update_policy_all(struct nlattr *tb[], struct nf_conntrack_expect_policy *policy; int i, ret = 0; - new_policy = kmalloc_array(helper->expect_class_max + 1, - sizeof(*new_policy), GFP_KERNEL); + new_policy = kmalloc_objs(*new_policy, helper->expect_class_max + 1, + GFP_KERNEL); if (!new_policy) return -ENOMEM; diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c index 38d75484e531..6b91f9d3161a 100644 --- a/net/netfilter/nfnetlink_cttimeout.c +++ b/net/netfilter/nfnetlink_cttimeout.c @@ -74,8 +74,7 @@ ctnl_timeout_parse_policy(void *timeout, struct nlattr **tb; int ret = 0; - tb = kcalloc(l4proto->ctnl_timeout.nlattr_max + 1, sizeof(*tb), - GFP_KERNEL); + tb = kzalloc_objs(*tb, l4proto->ctnl_timeout.nlattr_max + 1, GFP_KERNEL); if (!tb) return -ENOMEM; diff --git a/net/netfilter/nfnetlink_hook.c b/net/netfilter/nfnetlink_hook.c index 92d869317cba..c2a572d86853 100644 --- a/net/netfilter/nfnetlink_hook.c +++ b/net/netfilter/nfnetlink_hook.c @@ -408,7 +408,7 @@ static int nfnl_hook_dump_start(struct netlink_callback *cb) if (head && IS_ERR(head)) return PTR_ERR(head); - ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); + ctx = kzalloc_obj(*ctx, GFP_KERNEL); if (!ctx) return -ENOMEM; diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index bfcb9cd335bf..b35a90955e2e 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c @@ -179,7 +179,7 @@ instance_create(struct net *net, u_int16_t group_num, goto out_unlock; } - inst = kzalloc(sizeof(*inst), GFP_ATOMIC); + inst = kzalloc_obj(*inst, GFP_ATOMIC); if (!inst) { err = -ENOMEM; goto out_unlock; diff --git a/net/netfilter/nfnetlink_osf.c b/net/netfilter/nfnetlink_osf.c index c0fc431991e8..1ba43e562a5e 100644 --- a/net/netfilter/nfnetlink_osf.c +++ b/net/netfilter/nfnetlink_osf.c @@ -323,7 +323,7 @@ static int nfnl_osf_add_callback(struct sk_buff *skb, !memchr(f->version, 0, MAXGENRELEN)) return -EINVAL; - kf = kmalloc(sizeof(struct nf_osf_finger), GFP_KERNEL); + kf = kmalloc_obj(struct nf_osf_finger, GFP_KERNEL); if (!kf) return -ENOMEM; diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index f1c8049861a6..7f5248b5f1ee 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -178,7 +178,7 @@ instance_create(struct nfnl_queue_net *q, u_int16_t queue_num, u32 portid) unsigned int h; int err; - inst = kzalloc(sizeof(*inst), GFP_KERNEL_ACCOUNT); + inst = kzalloc_obj(*inst, GFP_KERNEL_ACCOUNT); if (!inst) return ERR_PTR(-ENOMEM); diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c index 08f620311b03..27cc983a7cdf 100644 --- a/net/netfilter/nft_compat.c +++ b/net/netfilter/nft_compat.c @@ -815,7 +815,7 @@ nft_match_select_ops(const struct nft_ctx *ctx, goto err; } - ops = kzalloc(sizeof(struct nft_expr_ops), GFP_KERNEL_ACCOUNT); + ops = kzalloc_obj(struct nft_expr_ops, GFP_KERNEL_ACCOUNT); if (!ops) { err = -ENOMEM; goto err; @@ -905,7 +905,7 @@ nft_target_select_ops(const struct nft_ctx *ctx, goto err; } - ops = kzalloc(sizeof(struct nft_expr_ops), GFP_KERNEL_ACCOUNT); + ops = kzalloc_obj(struct nft_expr_ops, GFP_KERNEL_ACCOUNT); if (!ops) { err = -ENOMEM; goto err; diff --git a/net/netfilter/nft_connlimit.c b/net/netfilter/nft_connlimit.c index 657764774a2d..43357f99eb00 100644 --- a/net/netfilter/nft_connlimit.c +++ b/net/netfilter/nft_connlimit.c @@ -71,7 +71,7 @@ static int nft_connlimit_do_init(const struct nft_ctx *ctx, invert = true; } - priv->list = kmalloc(sizeof(*priv->list), GFP_KERNEL_ACCOUNT); + priv->list = kmalloc_obj(*priv->list, GFP_KERNEL_ACCOUNT); if (!priv->list) return -ENOMEM; @@ -220,7 +220,7 @@ static int nft_connlimit_clone(struct nft_expr *dst, const struct nft_expr *src, struct nft_connlimit *priv_dst = nft_expr_priv(dst); struct nft_connlimit *priv_src = nft_expr_priv(src); - priv_dst->list = kmalloc(sizeof(*priv_dst->list), gfp); + priv_dst->list = kmalloc_obj(*priv_dst->list, gfp); if (!priv_dst->list) return -ENOMEM; diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 6f2ae7cad731..8d7f6c8e8aad 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c @@ -894,8 +894,7 @@ nft_ct_timeout_parse_policy(void *timeouts, struct nlattr **tb; int ret = 0; - tb = kcalloc(l4proto->ctnl_timeout.nlattr_max + 1, sizeof(*tb), - GFP_KERNEL); + tb = kzalloc_objs(*tb, l4proto->ctnl_timeout.nlattr_max + 1, GFP_KERNEL); if (!tb) return -ENOMEM; diff --git a/net/netfilter/nft_last.c b/net/netfilter/nft_last.c index de1b6066bfa8..20706be12807 100644 --- a/net/netfilter/nft_last.c +++ b/net/netfilter/nft_last.c @@ -30,7 +30,7 @@ static int nft_last_init(const struct nft_ctx *ctx, const struct nft_expr *expr, u64 last_jiffies; int err; - last = kzalloc(sizeof(*last), GFP_KERNEL_ACCOUNT); + last = kzalloc_obj(*last, GFP_KERNEL_ACCOUNT); if (!last) return -ENOMEM; @@ -107,7 +107,7 @@ static int nft_last_clone(struct nft_expr *dst, const struct nft_expr *src, gfp_ struct nft_last_priv *priv_dst = nft_expr_priv(dst); struct nft_last_priv *priv_src = nft_expr_priv(src); - priv_dst->last = kzalloc(sizeof(*priv_dst->last), gfp); + priv_dst->last = kzalloc_obj(*priv_dst->last, gfp); if (!priv_dst->last) return -ENOMEM; diff --git a/net/netfilter/nft_limit.c b/net/netfilter/nft_limit.c index 21d26b79b460..f3b1f791942b 100644 --- a/net/netfilter/nft_limit.c +++ b/net/netfilter/nft_limit.c @@ -110,7 +110,7 @@ static int nft_limit_init(struct nft_limit_priv *priv, invert = true; } - priv->limit = kmalloc(sizeof(*priv->limit), GFP_KERNEL_ACCOUNT); + priv->limit = kmalloc_obj(*priv->limit, GFP_KERNEL_ACCOUNT); if (!priv->limit) return -ENOMEM; @@ -158,7 +158,7 @@ static int nft_limit_clone(struct nft_limit_priv *priv_dst, priv_dst->burst = priv_src->burst; priv_dst->invert = priv_src->invert; - priv_dst->limit = kmalloc(sizeof(*priv_dst->limit), gfp); + priv_dst->limit = kmalloc_obj(*priv_dst->limit, gfp); if (!priv_dst->limit) return -ENOMEM; diff --git a/net/netfilter/nft_numgen.c b/net/netfilter/nft_numgen.c index bd058babfc82..0a39e51ec9b7 100644 --- a/net/netfilter/nft_numgen.c +++ b/net/netfilter/nft_numgen.c @@ -66,7 +66,7 @@ static int nft_ng_inc_init(const struct nft_ctx *ctx, if (priv->offset + priv->modulus - 1 < priv->offset) return -EOVERFLOW; - priv->counter = kmalloc(sizeof(*priv->counter), GFP_KERNEL_ACCOUNT); + priv->counter = kmalloc_obj(*priv->counter, GFP_KERNEL_ACCOUNT); if (!priv->counter) return -ENOMEM; diff --git a/net/netfilter/nft_quota.c b/net/netfilter/nft_quota.c index cb6c0e04ff67..2390a993aed9 100644 --- a/net/netfilter/nft_quota.c +++ b/net/netfilter/nft_quota.c @@ -96,7 +96,7 @@ static int nft_quota_do_init(const struct nlattr * const tb[], return -EOPNOTSUPP; } - priv->consumed = kmalloc(sizeof(*priv->consumed), GFP_KERNEL_ACCOUNT); + priv->consumed = kmalloc_obj(*priv->consumed, GFP_KERNEL_ACCOUNT); if (!priv->consumed) return -ENOMEM; @@ -248,7 +248,7 @@ static int nft_quota_clone(struct nft_expr *dst, const struct nft_expr *src, gfp priv_dst->quota = priv_src->quota; priv_dst->flags = priv_src->flags; - priv_dst->consumed = kmalloc(sizeof(*priv_dst->consumed), gfp); + priv_dst->consumed = kmalloc_obj(*priv_dst->consumed, gfp); if (!priv_dst->consumed) return -ENOMEM; diff --git a/net/netfilter/nft_set_pipapo.c b/net/netfilter/nft_set_pipapo.c index 18e1903b1d3d..6341b5bcb4cf 100644 --- a/net/netfilter/nft_set_pipapo.c +++ b/net/netfilter/nft_set_pipapo.c @@ -652,7 +652,7 @@ static int pipapo_realloc_mt(struct nft_pipapo_field *f, if (rules_alloc > (INT_MAX / sizeof(*new_mt))) return -ENOMEM; - new_mt = kvmalloc_array(rules_alloc, sizeof(*new_mt), GFP_KERNEL_ACCOUNT); + new_mt = kvmalloc_objs(*new_mt, rules_alloc, GFP_KERNEL_ACCOUNT); if (!new_mt) return -ENOMEM; @@ -1413,7 +1413,7 @@ static struct nft_pipapo_match *pipapo_clone(struct nft_pipapo_match *old) struct nft_pipapo_match *new; int i; - new = kmalloc(struct_size(new, f, old->field_count), GFP_KERNEL_ACCOUNT); + new = kmalloc_flex(*new, f, old->field_count, GFP_KERNEL_ACCOUNT); if (!new) return NULL; @@ -1460,9 +1460,8 @@ static struct nft_pipapo_match *pipapo_clone(struct nft_pipapo_match *old) if (src->rules_alloc > (INT_MAX / sizeof(*src->mt))) goto out_mt; - dst->mt = kvmalloc_array(src->rules_alloc, - sizeof(*src->mt), - GFP_KERNEL_ACCOUNT); + dst->mt = kvmalloc_objs(*src->mt, src->rules_alloc, + GFP_KERNEL_ACCOUNT); if (!dst->mt) goto out_mt; @@ -2237,7 +2236,7 @@ static int nft_pipapo_init(const struct nft_set *set, if (field_count > NFT_PIPAPO_MAX_FIELDS) return -EINVAL; - m = kmalloc(struct_size(m, f, field_count), GFP_KERNEL); + m = kmalloc_flex(*m, f, field_count, GFP_KERNEL); if (!m) return -ENOMEM; diff --git a/net/netfilter/nft_set_rbtree.c b/net/netfilter/nft_set_rbtree.c index 644d4b916705..3f02e4478216 100644 --- a/net/netfilter/nft_set_rbtree.c +++ b/net/netfilter/nft_set_rbtree.c @@ -586,8 +586,8 @@ static int nft_array_intervals_alloc(struct nft_array *array, u32 max_intervals) { struct nft_array_interval *intervals; - intervals = kvcalloc(max_intervals, sizeof(struct nft_array_interval), - GFP_KERNEL_ACCOUNT); + intervals = kvzalloc_objs(struct nft_array_interval, max_intervals, + GFP_KERNEL_ACCOUNT); if (!intervals) return -ENOMEM; @@ -604,7 +604,7 @@ static struct nft_array *nft_array_alloc(u32 max_intervals) { struct nft_array *array; - array = kzalloc(sizeof(*array), GFP_KERNEL_ACCOUNT); + array = kzalloc_obj(*array, GFP_KERNEL_ACCOUNT); if (!array) return NULL; diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 48105ea3df15..f5d720c9ee32 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -1742,7 +1742,7 @@ xt_hook_ops_alloc(const struct xt_table *table, nf_hookfn *fn) if (!num_hooks) return ERR_PTR(-EINVAL); - ops = kcalloc(num_hooks, sizeof(*ops), GFP_KERNEL); + ops = kzalloc_objs(*ops, num_hooks, GFP_KERNEL); if (ops == NULL) return ERR_PTR(-ENOMEM); @@ -1775,7 +1775,7 @@ int xt_register_template(const struct xt_table *table, } ret = -ENOMEM; - t = kzalloc(sizeof(*t), GFP_KERNEL); + t = kzalloc_obj(*t, GFP_KERNEL); if (!t) goto out_unlock; @@ -1993,7 +1993,7 @@ static int __init xt_init(void) } } - xt = kcalloc(NFPROTO_NUMPROTO, sizeof(struct xt_af), GFP_KERNEL); + xt = kzalloc_objs(struct xt_af, NFPROTO_NUMPROTO, GFP_KERNEL); if (!xt) return -ENOMEM; diff --git a/net/netfilter/xt_IDLETIMER.c b/net/netfilter/xt_IDLETIMER.c index d73957592c9d..746abeee6775 100644 --- a/net/netfilter/xt_IDLETIMER.c +++ b/net/netfilter/xt_IDLETIMER.c @@ -135,7 +135,7 @@ static int idletimer_tg_create(struct idletimer_tg_info *info) { int ret; - info->timer = kzalloc(sizeof(*info->timer), GFP_KERNEL); + info->timer = kzalloc_obj(*info->timer, GFP_KERNEL); if (!info->timer) { ret = -ENOMEM; goto out; @@ -184,7 +184,7 @@ static int idletimer_tg_create_v1(struct idletimer_tg_info_v1 *info) { int ret; - info->timer = kmalloc(sizeof(*info->timer), GFP_KERNEL); + info->timer = kmalloc_obj(*info->timer, GFP_KERNEL); if (!info->timer) { ret = -ENOMEM; goto out; diff --git a/net/netfilter/xt_LED.c b/net/netfilter/xt_LED.c index 90dcf088071a..6b21810e1b97 100644 --- a/net/netfilter/xt_LED.c +++ b/net/netfilter/xt_LED.c @@ -111,7 +111,7 @@ static int led_tg_check(const struct xt_tgchk_param *par) } err = -ENOMEM; - ledinternal = kzalloc(sizeof(struct xt_led_info_internal), GFP_KERNEL); + ledinternal = kzalloc_obj(struct xt_led_info_internal, GFP_KERNEL); if (!ledinternal) goto exit_mutex_only; diff --git a/net/netfilter/xt_RATEEST.c b/net/netfilter/xt_RATEEST.c index 4f49cfc27831..d75b1e101a5b 100644 --- a/net/netfilter/xt_RATEEST.c +++ b/net/netfilter/xt_RATEEST.c @@ -139,7 +139,7 @@ static int xt_rateest_tg_checkentry(const struct xt_tgchk_param *par) } ret = -ENOMEM; - est = kzalloc(sizeof(*est), GFP_KERNEL); + est = kzalloc_obj(*est, GFP_KERNEL); if (!est) goto err1; diff --git a/net/netfilter/xt_TEE.c b/net/netfilter/xt_TEE.c index a5ebd5640457..c6044ea31d16 100644 --- a/net/netfilter/xt_TEE.c +++ b/net/netfilter/xt_TEE.c @@ -106,7 +106,7 @@ static int tee_tg_check(const struct xt_tgchk_param *par) if (info->oif[sizeof(info->oif)-1] != '\0') return -EINVAL; - priv = kzalloc(sizeof(*priv), GFP_KERNEL); + priv = kzalloc_obj(*priv, GFP_KERNEL); if (priv == NULL) return -ENOMEM; diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 3b507694e81e..64ed12a32906 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c @@ -293,7 +293,7 @@ static int htable_create(struct net *net, struct hashlimit_cfg3 *cfg, if (size < 16) size = 16; } - hinfo = kvmalloc(struct_size(hinfo, hash, size), GFP_KERNEL); + hinfo = kvmalloc_flex(*hinfo, hash, size, GFP_KERNEL); if (hinfo == NULL) return -ENOMEM; *out_hinfo = hinfo; diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c index 8b4fd27857f2..203f8bb28132 100644 --- a/net/netfilter/xt_limit.c +++ b/net/netfilter/xt_limit.c @@ -115,7 +115,7 @@ static int limit_mt_check(const struct xt_mtchk_param *par) return -ERANGE; } - priv = kmalloc(sizeof(*priv), GFP_KERNEL); + priv = kmalloc_obj(*priv, GFP_KERNEL); if (priv == NULL) return -ENOMEM; diff --git a/net/netfilter/xt_quota.c b/net/netfilter/xt_quota.c index 4452cc93b990..7952a4ef4c51 100644 --- a/net/netfilter/xt_quota.c +++ b/net/netfilter/xt_quota.c @@ -50,7 +50,7 @@ static int quota_mt_check(const struct xt_mtchk_param *par) if (q->flags & ~XT_QUOTA_MASK) return -EINVAL; - q->master = kmalloc(sizeof(*q->master), GFP_KERNEL); + q->master = kmalloc_obj(*q->master, GFP_KERNEL); if (q->master == NULL) return -ENOMEM; diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c index 588a5e6ad899..c9a1cc591171 100644 --- a/net/netfilter/xt_recent.c +++ b/net/netfilter/xt_recent.c @@ -188,7 +188,7 @@ recent_entry_init(struct recent_table *t, const union nf_inet_addr *addr, } nstamps_max += 1; - e = kmalloc(struct_size(e, stamps, nstamps_max), GFP_ATOMIC); + e = kmalloc_flex(*e, stamps, nstamps_max, GFP_ATOMIC); if (e == NULL) return NULL; memcpy(&e->addr, addr, sizeof(e->addr)); @@ -391,7 +391,7 @@ static int recent_mt_check(const struct xt_mtchk_param *par, goto out; } - t = kvzalloc(struct_size(t, iphash, ip_list_hash_size), GFP_KERNEL); + t = kvzalloc_flex(*t, iphash, ip_list_hash_size, GFP_KERNEL); if (t == NULL) { ret = -ENOMEM; goto out; diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c index b26c1dcfc27b..e80ddc317ca5 100644 --- a/net/netfilter/xt_statistic.c +++ b/net/netfilter/xt_statistic.c @@ -58,7 +58,7 @@ static int statistic_mt_check(const struct xt_mtchk_param *par) info->flags & ~XT_STATISTIC_MASK) return -EINVAL; - info->master = kzalloc(sizeof(*info->master), GFP_KERNEL); + info->master = kzalloc_obj(*info->master, GFP_KERNEL); if (info->master == NULL) return -ENOMEM; atomic_set(&info->master->count, info->u.nth.count); |