| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20211202140343.0fd5dbc41513b1c95661ff8f@linux-foundation.org>
Date: Thu, 2 Dec 2021 14:03:43 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: Kees Cook <keescook@...omium.org>
Cc: Leon Romanovsky <leon@...nel.org>,
Matthew Wilcox <willy@...radead.org>,
Bixuan Cui <cuibixuan@...ux.alibaba.com>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
w@....eu
Subject: Re: [PATCH -next] mm: delete oversized WARN_ON() in kvmalloc()
calls
On Thu, 2 Dec 2021 13:23:13 -0800 Kees Cook <keescook@...omium.org> wrote:
> > > I think we have two cases:
> > >
> > > - limiting kvmalloc allocations to INT_MAX
> > > - issuing a WARN when that limit is exceeded
> > >
> > > The argument for the having the WARN is "that amount should never be
> > > allocated so we want to find the pathological callers".
> > >
> > > But if the actual issue is that >INT_MAX is _acceptable_, then we have
> > > to do away with the entire check, not just the WARN.
> >
> > First we need to get rid from WARN_ON(), which is completely safe thing to do.
> >
> > Removal of the check can be done in second step as it will require audit
> > of whole kvmalloc* path.
>
> If those are legit sizes, I'm fine with dropping the WARN. (But I still
> think if they're legit sizes, we must also drop the INT_MAX limit.)
Can we suppress the WARN if the caller passed __GFP_NOWARN?
Powered by blists - more mailing lists