| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Feb 2016 08:06:12 +0100 From: Dmitry Vyukov <dvyukov@...gle.com> To: David Rientjes <rientjes@...gle.com> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Jiri Slaby <jslaby@...e.com>, Peter Hurley <peter@...leysoftware.com>, One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>, LKML <linux-kernel@...r.kernel.org>, syzkaller <syzkaller@...glegroups.com>, Kostya Serebryany <kcc@...gle.com>, Alexander Potapenko <glider@...gle.com> Subject: Re: [PATCH] tty: use __GFP_NOWARN for user-controlled kmalloc On Thu, Feb 4, 2016 at 11:11 PM, David Rientjes <rientjes@...gle.com> wrote: > On Thu, 4 Feb 2016, Dmitry Vyukov wrote: > >> Size of kmalloc() in vc_do_resize() is controlled by user. >> Too large kmalloc() size triggers WARNING message on console. >> >> Use __GFP_NOWARN for this kmalloc() to not scare admins. >> > > Hmm, this is hitting the WARN_ON_ONCE(!(gfp_mask & __GFP_NOWARN)) for > order >= MAX_ORDER. > > vc_do_resize() has > > if (cols > VC_RESIZE_MAXCOL || lines > VC_RESIZE_MAXROW) > return -EINVAL; > > so the appropriate fix would seem to be to reject sizes that would exceed > the page allocator's ability to return contiguous memory (MAX_ORDER) > rather than ever trying the allocation in the first place. Hi David, Please see Alan response to original report here: https://groups.google.com/d/msg/syzkaller/ufjvr5j0URo/lTlpYP0DBQAJ I can't say that I fully understand it.
Powered by blists - more mailing lists