| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 19 May 2018 09:45:20 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: gor@...ux.ibm.com
Cc: Al Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Heiko Carstens <heiko.carstens@...ibm.com>
Subject: Re: [PATCH] procfs: fix mmap() for /proc/vmcore
On Sat, May 19, 2018 at 4:39 AM Vasily Gorbik <gor@...ux.ibm.com> wrote:
> Would work, but file_mmap_size_max first checks
> if (S_ISREG(inode->i_mode))
> return inode->i_sb->s_maxbytes;
> before
> if (file->f_mode & FMODE_UNSIGNED_OFFSET)
> return 0;
> so, as it is this patch does not fix the issue.
Right you are.
We could easily reverse the order of those two checks, but since clearly
the s_maxbytes case hadn't gotten as much coverage as I thought it had,
let's just simplify file_mmap_size_max() instead, and just make the limit
be MAX_LFS_FILESIZE for regular files too, the way we already do for block
devices (instead of trying to figure out the size of the block device).
That way we won't be introducing changes to s_maxbytes late in the rc
series, and we'll only affect the new logic.
Plus regular files was never what that logic really was introduced to
protect against anyway. It's the random ad-hoc mmap implementations in
drivers that it really aimed to protect.
So for now, I've committed the minimal fixlet that doesn't affect any
existing code (just the new max file size logic), and maybe this can be
revisited for 4.18.
Linus
Download attachment "0001-mmap-relax-file-size-limit-for-regular-files.patch" of type "application/x-patch" (2055 bytes)
Powered by blists - more mailing lists