lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 4 Dec 2017 12:26:32 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     Dmitry Vyukov <dvyukov@...gle.com>
Cc:     Eric Biggers <ebiggers3@...il.com>,
        syzbot 
        <bot+2797c18fc195e3e240c3c3e7837a14130e157fb0@...kaller.appspotmail.com>,
        Alexey Dobriyan <adobriyan@...il.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Arnd Bergmann <arnd@...db.de>, dave.jiang@...el.com,
        LKML <linux-kernel@...r.kernel.org>,
        syzkaller-bugs@...glegroups.com, Al Viro <viro@...iv.linux.org.uk>,
        linux-block@...r.kernel.org
Subject: Re: WARNING in kmalloc_slab (3)

On Mon, Dec 04, 2017 at 09:18:05AM +0100, Dmitry Vyukov wrote:
> On Mon, Dec 4, 2017 at 9:14 AM, Dan Carpenter <dan.carpenter@...cle.com> wrote:
> > On Sun, Dec 03, 2017 at 12:16:08PM -0800, Eric Biggers wrote:
> >> Looks like BLKTRACESETUP doesn't limit the '.buf_nr' parameter, allowing anyone
> >> who can open a block device to cause an extremely large kmalloc.  Here's a
> >> simplified reproducer:
> >>
> >
> > There are lots of places which allow people to allocate as much as they
> > want.  With Syzcaller, you might want to just hard code a __GFP_NOWARN
> > in to disable it.
> 
> Hi,
> 
> Hard code it where?

My idea was to just make warn_alloc() a no-op.

> 
> User-controllable allocation are supposed to use __GFP_NOWARN.

No that's not right.  What we don't want is unprivileged users to use
all the memory and we don't want unprivileged users to spam
/var/log/messages.  But you have to have slightly elevated permissions
to open block devices right?  The warning is helpful.  Admins should
"don't do that" if they don't want the warning.

The kernel really isn't designed to work with Oops on Warn.  I try to
tell people simple thinks like not printing a warning when
copy_from_user() fails because I don't want /var/log/messages to get
spammed.  But there are lots and lots of places which generate warnings.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ