treewide: Replace kmalloc with kmalloc_obj for non-scalar types

This is the result of running the Coccinelle script from scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to avoid scalar types (which need careful case-by-case checking), and instead replace kmalloc-family calls that allocate struct or union object instances: Single allocations: kmalloc(sizeof(TYPE), ...) are replaced with: kmalloc_obj(TYPE, ...) Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...) are replaced with: kmalloc_objs(TYPE, COUNT, ...) Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...) are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...) (where TYPE may also be *VAR) The resulting allocations no longer return "void *", instead returning "TYPE *". Signed-off-by: Kees Cook <kees@kernel.org>
2026-04-04 20:57:45 -04:00 · 2026-02-20 23:49:23 -08:00
parent d39a1d7486
commit 69050f8d6d
8016 changed files with 20055 additions and 20913 deletions
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -570,7 +570,7 @@ static ssize_t ns_revision_read(struct file *file, char __user *buf,

 static int ns_revision_open(struct inode *inode, struct file *file)
 {
-	struct aa_revision *rev = kzalloc(sizeof(*rev), GFP_KERNEL);
+	struct aa_revision *rev = kzalloc_obj(*rev, GFP_KERNEL);

 	if (!rev)
 		return -ENOMEM;
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -230,7 +230,7 @@ int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule, gfp_t gfp
 		return -EINVAL;
 	}

-	rule = kzalloc(sizeof(struct aa_audit_rule), gfp);
+	rule = kzalloc_obj(struct aa_audit_rule, gfp);

 	if (!rule)
 		return -ENOMEM;
--- a/security/apparmor/label.c
+++ b/security/apparmor/label.c
@@ -61,7 +61,7 @@ struct aa_proxy *aa_alloc_proxy(struct aa_label *label, gfp_t gfp)
 {
 	struct aa_proxy *new;

-	new = kzalloc(sizeof(struct aa_proxy), gfp);
+	new = kzalloc_obj(struct aa_proxy, gfp);
 	if (new) {
 		kref_init(&new->count);
 		rcu_assign_pointer(new->label, aa_get_label(label));
@@ -434,7 +434,7 @@ struct aa_label *aa_label_alloc(int size, struct aa_proxy *proxy, gfp_t gfp)
 	AA_BUG(size < 1);

 	/*  + 1 for null terminator entry on vec */
-	new = kzalloc(struct_size(new, vec, size + 1), gfp);
+	new = kzalloc_flex(*new, vec, size + 1, gfp);
 	AA_DEBUG(DEBUG_LABEL, "%s (%p)\n", __func__, new);
 	if (!new)
 		goto fail;
--- a/security/apparmor/lib.c
+++ b/security/apparmor/lib.c
@@ -125,7 +125,7 @@ bool aa_resize_str_table(struct aa_str_table *t, int newsize, gfp_t gfp)

 	if (t->size == newsize)
 		return true;
-	n = kcalloc(newsize, sizeof(*n), gfp);
+	n = kzalloc_objs(*n, newsize, gfp);
 	if (!n)
 		return false;
 	for (i = 0; i < min(t->size, newsize); i++)
@@ -235,7 +235,7 @@ __counted char *aa_str_alloc(int size, gfp_t gfp)
 {
 	struct counted_str *str;

-	str = kmalloc(struct_size(str, name, size), gfp);
+	str = kmalloc_flex(*str, name, size, gfp);
 	if (!str)
 		return NULL;

--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -2468,7 +2468,7 @@ static int __init aa_setup_dfa_engine(void)
 		goto fail;
 	}
 	nullpdb->dfa = aa_get_dfa(nulldfa);
-	nullpdb->perms = kcalloc(2, sizeof(struct aa_perms), GFP_KERNEL);
+	nullpdb->perms = kzalloc_objs(struct aa_perms, 2, GFP_KERNEL);
 	if (!nullpdb->perms)
 		goto fail;
 	nullpdb->size = 2;
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -301,7 +301,7 @@ struct aa_dfa *aa_dfa_unpack(void *blob, size_t size, int flags)
 	int error = -ENOMEM;
 	char *data = blob;
 	struct table_header *table = NULL;
-	struct aa_dfa *dfa = kzalloc(sizeof(struct aa_dfa), GFP_KERNEL);
+	struct aa_dfa *dfa = kzalloc_obj(struct aa_dfa, GFP_KERNEL);
 	if (!dfa)
 		goto fail;

--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -131,7 +131,7 @@ void aa_pdb_free_kref(struct kref *kref)

 struct aa_policydb *aa_alloc_pdb(gfp_t gfp)
 {
-	struct aa_policydb *pdb = kzalloc(sizeof(struct aa_policydb), gfp);
+	struct aa_policydb *pdb = kzalloc_obj(struct aa_policydb, gfp);

 	if (!pdb)
 		return NULL;
@@ -275,7 +275,7 @@ struct aa_ruleset *aa_alloc_ruleset(gfp_t gfp)
 {
 	struct aa_ruleset *rules;

-	rules = kzalloc(sizeof(*rules), gfp);
+	rules = kzalloc_obj(*rules, gfp);

 	return rules;
 }
@@ -349,7 +349,7 @@ struct aa_profile *aa_alloc_profile(const char *hname, struct aa_proxy *proxy,
 	 * this adds space for a single ruleset in the rules section of the
 	 * label
 	 */
-	profile = kzalloc(struct_size(profile, label.rules, 1), gfp);
+	profile = kzalloc_flex(*profile, label.rules, 1, gfp);
 	if (!profile)
 		return NULL;

--- a/security/apparmor/policy_compat.c
+++ b/security/apparmor/policy_compat.c
@@ -158,7 +158,7 @@ static struct aa_perms *compute_fperms(struct aa_dfa *dfa,

 	state_count = dfa->tables[YYTD_ID_BASE]->td_lolen;
 	/* DFAs are restricted from having a state_count of less than 2 */
-	table = kvcalloc(state_count * 2, sizeof(struct aa_perms), GFP_KERNEL);
+	table = kvzalloc_objs(struct aa_perms, state_count * 2, GFP_KERNEL);
 	if (!table)
 		return NULL;
 	*size = state_count * 2;
@@ -182,7 +182,7 @@ static struct aa_perms *compute_xmatch_perms(struct aa_dfa *xmatch,

 	state_count = xmatch->tables[YYTD_ID_BASE]->td_lolen;
 	/* DFAs are restricted from having a state_count of less than 2 */
-	perms = kvcalloc(state_count, sizeof(struct aa_perms), GFP_KERNEL);
+	perms = kvzalloc_objs(struct aa_perms, state_count, GFP_KERNEL);
 	if (!perms)
 		return NULL;
 	*size = state_count;
@@ -257,7 +257,7 @@ static struct aa_perms *compute_perms(struct aa_dfa *dfa, u32 version,

 	state_count = dfa->tables[YYTD_ID_BASE]->td_lolen;
 	/* DFAs are restricted from having a state_count of less than 2 */
-	table = kvcalloc(state_count, sizeof(struct aa_perms), GFP_KERNEL);
+	table = kvzalloc_objs(struct aa_perms, state_count, GFP_KERNEL);
 	if (!table)
 		return NULL;
 	*size = state_count;
--- a/security/apparmor/policy_ns.c
+++ b/security/apparmor/policy_ns.c
@@ -106,7 +106,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
 {
 	struct aa_ns *ns;

-	ns = kzalloc(sizeof(*ns), GFP_KERNEL);
+	ns = kzalloc_obj(*ns, GFP_KERNEL);
 	AA_DEBUG(DEBUG_POLICY, "%s(%p)\n", __func__, ns);
 	if (!ns)
 		return NULL;
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -145,7 +145,7 @@ struct aa_loaddata *aa_loaddata_alloc(size_t size)
 {
 	struct aa_loaddata *d;

-	d = kzalloc(sizeof(*d), GFP_KERNEL);
+	d = kzalloc_obj(*d, GFP_KERNEL);
 	if (d == NULL)
 		return ERR_PTR(-ENOMEM);
 	d->data = kvzalloc(size, GFP_KERNEL);
@@ -528,8 +528,7 @@ static int unpack_strs_table(struct aa_ext *e, const char *name, bool multi,
 			 * for size check here
 			 */
 			goto fail;
-		table = kcalloc(size, sizeof(struct aa_str_table_ent),
-				GFP_KERNEL);
+		table = kzalloc_objs(struct aa_str_table_ent, size, GFP_KERNEL);
 		if (!table) {
 			error = -ENOMEM;
 			goto fail;
@@ -612,8 +611,8 @@ static bool unpack_secmark(struct aa_ext *e, struct aa_ruleset *rules)
 		if (!aa_unpack_array(e, NULL, &size))
 			goto fail;

-		rules->secmark = kcalloc(size, sizeof(struct aa_secmark),
-					   GFP_KERNEL);
+		rules->secmark = kzalloc_objs(struct aa_secmark, size,
+					      GFP_KERNEL);
 		if (!rules->secmark)
 			goto fail;

@@ -810,7 +809,7 @@ static int unpack_tag_headers(struct aa_ext *e, struct aa_tags_struct *tags)

 	if (!aa_unpack_array(e, "hdrs", &size))
 		goto fail_reset;
-	hdrs = kcalloc(size, sizeof(struct aa_tags_header), GFP_KERNEL);
+	hdrs = kzalloc_objs(struct aa_tags_header, size, GFP_KERNEL);
 	if (!hdrs) {
 		error = -ENOMEM;
 		goto fail_reset;
@@ -923,7 +922,7 @@ static ssize_t unpack_perms_table(struct aa_ext *e, struct aa_perms **perms)
 			goto fail_reset;
 		if (!aa_unpack_array(e, NULL, &size))
 			goto fail_reset;
-		*perms = kcalloc(size, sizeof(struct aa_perms), GFP_KERNEL);
+		*perms = kzalloc_objs(struct aa_perms, size, GFP_KERNEL);
 		if (!*perms) {
 			e->pos = pos;
 			return -ENOMEM;
@@ -1321,7 +1320,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e, char **ns_name)
 	error = -EPROTO;
 	if (aa_unpack_nameX(e, AA_STRUCT, "data")) {
 		info = "out of memory";
-		profile->data = kzalloc(sizeof(*profile->data), GFP_KERNEL);
+		profile->data = kzalloc_obj(*profile->data, GFP_KERNEL);
 		if (!profile->data) {
 			error = -ENOMEM;
 			goto fail;
@@ -1339,7 +1338,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e, char **ns_name)
 		}

 		while (aa_unpack_strdup(e, &key, NULL)) {
-			data = kzalloc(sizeof(*data), GFP_KERNEL);
+			data = kzalloc_obj(*data, GFP_KERNEL);
 			if (!data) {
 				kfree_sensitive(key);
 				error = -ENOMEM;
@@ -1584,7 +1583,7 @@ void aa_load_ent_free(struct aa_load_ent *ent)

 struct aa_load_ent *aa_load_ent_alloc(void)
 {
-	struct aa_load_ent *ent = kzalloc(sizeof(*ent), GFP_KERNEL);
+	struct aa_load_ent *ent = kzalloc_obj(*ent, GFP_KERNEL);
 	if (ent)
 		INIT_LIST_HEAD(&ent->list);
 	return ent;