lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 30 Mar 2012 13:42:35 -0700
From:	Greg KH <gregkh@...uxfoundation.org>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	Sasha Levin <levinsasha928@...il.com>, arnd@...db.de,
	viro@...iv.linux.org.uk, davej@...hat.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kmsg: Use vmalloc instead of kmalloc when writing

On Fri, Mar 30, 2012 at 10:35:46PM +0200, Thomas Gleixner wrote:
> On Fri, 30 Mar 2012, Greg KH wrote:
> > On Fri, Mar 30, 2012 at 07:37:37PM +0300, Sasha Levin wrote:
> > > On Fri, Mar 30, 2012 at 6:30 PM, Greg KH <gregkh@...uxfoundation.org> wrote:
> > > > On Fri, Mar 30, 2012 at 01:04:27PM -0400, Sasha Levin wrote:
> > > >> There are no size checks in kmsg_write(), and we try allocating enough
> > > >> memory to store everything userspace gave us, which may be too much for
> > > >> kmalloc to allocate.
> > > >
> > > > Really?  Have you seen this fail?  As only root can do this, is this
> > > > really a problem?
> > > 
> > > Only root, and a whole bunch of management software that dumps data
> > > into /dev/kmsg (systemd and friends).
> > 
> > Running as root, do any of these cause problems by asking for too much
> > memory here? 
> 
> Running as root is not a guarantee for correctness. So the syscall
> should cope with bogus requests from user space and not rely on the
> sanity of anything. Looking at the main users which polute dmesg I'm
> inclined to assume insanity in the first place.
> 
> As Sasha pointed out there is either the variant to use vmalloc and
> grant any write size or limit the size to something sensible. Though
> given the users of this, coming up with something sensible might be a
> problem.
> 
> > Is this something that needs to be addressed now, and in
> > stable kernels, or can it wait for 3.5?
> 
> Yes, it want's to be addressed now and it want's to be in stable as
> well. syscalls which have no bound checking are evil, no matter what.

So, should we cap the size at something "super large" then as well?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ