[PATCH] drm/amdkfd: convert CRIU event-private allocation to kvcalloc()

[PATCH] drm/amdkfd: convert CRIU event-private allocation to kvcalloc()

[William Theesfeld]

criu_checkpoint_events() allocates the ev_privs[] array, sized by the
runtime count returned from kfd_get_num_events(), using the open-coded
kvzalloc(n * sizeof(*p), ...) form.  Switch to kvcalloc(), which
carries the same zero-on-allocation semantics and adds the standard
size_mul overflow check on the n * sizeof multiplication.

No functional change.

Signed-off-by: William Theesfeld <william@theesfeld.net>
---
 drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_events.c b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
index 44150a71f..9739214e2 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_events.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
@@ -543,7 +543,7 @@ int kfd_criu_checkpoint_events(struct kfd_process *p,
 	if (!num_events)
 		return 0;
 
-	ev_privs = kvzalloc(num_events * sizeof(*ev_privs), GFP_KERNEL);
+	ev_privs = kvcalloc(num_events, sizeof(*ev_privs), GFP_KERNEL);
 	if (!ev_privs)
 		return -ENOMEM;
 
-- 
2.54.0

Re: [PATCH] drm/amdkfd: convert CRIU event-private allocation to kvcalloc()

[Kuehling, Felix]

On 2026-06-01 15:55, William Theesfeld wrote:
> [You don't often get email from william@theesfeld.net. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
>
> criu_checkpoint_events() allocates the ev_privs[] array, sized by the
> runtime count returned from kfd_get_num_events(), using the open-coded
> kvzalloc(n * sizeof(*p), ...) form.  Switch to kvcalloc(), which
> carries the same zero-on-allocation semantics and adds the standard
> size_mul overflow check on the n * sizeof multiplication.
>
> No functional change.
>
> Signed-off-by: William Theesfeld <william@theesfeld.net>

Reviewed-by: Felix Kuehling <felix.kuehling@amd.com>


> ---
>   drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_events.c b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
> index 44150a71f..9739214e2 100644
> --- a/drivers/gpu/drm/amd/amdkfd/kfd_events.c
> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
> @@ -543,7 +543,7 @@ int kfd_criu_checkpoint_events(struct kfd_process *p,
>          if (!num_events)
>                  return 0;
>
> -       ev_privs = kvzalloc(num_events * sizeof(*ev_privs), GFP_KERNEL);
> +       ev_privs = kvcalloc(num_events, sizeof(*ev_privs), GFP_KERNEL);
>          if (!ev_privs)
>                  return -ENOMEM;
>
> --
> 2.54.0
>

Claude review: drm/amdkfd: convert CRIU event-private allocation to kvcalloc()

[Claude Code Review Bot]

Overall Series Review

Subject: drm/amdkfd: convert CRIU event-private allocation to kvcalloc()
Author: William Theesfeld <william@theesfeld.net>
Patches: 2
Reviewed: 2026-06-04T13:42:10.529206

---

This is a straightforward single-patch cleanup that converts an open-coded `kvzalloc(n * sizeof(*p), ...)` to `kvcalloc(n, sizeof(*p), ...)`. The change is correct and follows a well-established kernel hardening pattern — `kvcalloc()` uses `size_mul()` internally to detect multiplication overflow, whereas the open-coded form is vulnerable to silent integer overflow of `num_events * sizeof(*ev_privs)`.

The patch is small, well-scoped, and the commit message accurately describes both the change and its motivation. No functional change.

**Verdict: Looks good.** This is a standard mechanical hardening cleanup.

---
Generated by Claude Code Patch Reviewer

Claude review: drm/amdkfd: convert CRIU event-private allocation to kvcalloc()

[Claude Code Review Bot]

Patch Review

**Status: Clean / No issues**

The change at `drivers/gpu/drm/amd/amdkfd/kfd_events.c:551`:

```c
- ev_privs = kvzalloc(num_events * sizeof(*ev_privs), GFP_KERNEL);
+ ev_privs = kvcalloc(num_events, sizeof(*ev_privs), GFP_KERNEL);
```

**Correctness:**
- `kvcalloc(n, size, flags)` is functionally equivalent to `kvzalloc(n * size, flags)` but with overflow protection. Both zero the allocated memory. The semantics are preserved.
- `num_events` is a `uint32_t` and `sizeof(*ev_privs)` is a `size_t`, so the multiplication *could* overflow on 32-bit platforms with a sufficiently large `num_events` value. In practice `num_events` comes from `kfd_get_num_events()` which counts IDR entries, so it's bounded by resource limits, but the overflow-safe API is still the right thing to use.
- The `kvfree()` at line 603 remains correct for memory allocated by either `kvzalloc` or `kvcalloc`.

**Observation:** Lines 595 and 601 still use `num_events * sizeof(*ev_privs)` in the open-coded form (for `copy_to_user` and the offset bump). These are not allocation calls so `kvcalloc` doesn't apply, but if the author wanted to be thorough about overflow protection, those multiplications could also use `size_mul()`. This is not a blocker — it's a separate concern and arguably overkill for a size that was already validated at allocation time.

**Commit message:** Accurate and well-written. Correctly notes "no functional change."

Reviewed-by: would be appropriate here.

---
Generated by Claude Code Patch Reviewer