| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Sep 2023 08:36:00 +0000 From: David Laight <David.Laight@...LAB.COM> To: 'Eric Dumazet' <edumazet@...gle.com>, Kyle Zeng <zengyhkyle@...il.com> CC: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "eric.dumazet@...il.com" <eric.dumazet@...il.com>, syzbot <syzkaller@...glegroups.com>, Kees Cook <keescook@...omium.org>, Vlastimil Babka <vbabka@...e.cz> Subject: RE: [PATCH net] net: deal with integer overflows in kmalloc_reserve() From: Eric Dumazet > Sent: 05 September 2023 04:42 ... > Again, I do not want this patch, I want to fix the root cause(s). > > It makes no sense to allow dev->mtu to be as big as 0x7fffffff and > ultimately allow size to be bigger than 0x80000000 kmem_alloc_reserve() also needs fixing. It's purpose is to find the size that kmem_alloc() will allocated so that the full size can be allocated rather than later finding out the allocated size. The latter has issues with the compiler (etc) tracking the sizes of allocates. So it must never return a smaller size. Whether the path that returns 0 can happen or not the correct error return is the original size. The later kmalloc() will then probably fail and be checked for. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
Powered by blists - more mailing lists