lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Zr5L8TUzkJcB9HcF@google.com>
Date: Thu, 15 Aug 2024 11:41:53 -0700
From: Dmitry Torokhov <dmitry.torokhov@...il.com>
To: linux-input@...r.kernel.org
Cc: Jeff LaBundy <jeff@...undy.com>,
	Benjamin Tissoires <bentiss@...nel.org>,
	linux-kernel@...r.kernel.org, Hans de Goede <hdegoede@...hat.com>,
	Peter Hutterer <peter.hutterer@...-t.net>
Subject: [PATCH] Input: evdev - limit amount of data for writes

Limit amount of data that can be written into an evdev instance at
a given time to 4096 bytes (170 input events) to avoid holding
evdev->mutex for too long and starving other users.

Signed-off-by: Dmitry Torokhov <dmitry.torokhov@...il.com>
---
 drivers/input/evdev.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c
index a8ce3d140722..eb4906552ac8 100644
--- a/drivers/input/evdev.c
+++ b/drivers/input/evdev.c
@@ -498,6 +498,13 @@ static ssize_t evdev_write(struct file *file, const char __user *buffer,
 	struct input_event event;
 	int retval = 0;
 
+	/*
+	 * Limit amount of data we inject into the input subsystem so that
+	 * we do not hold evdev->mutex for too long. 4096 bytes corresponds
+	 * to 170 input events.
+	 */
+	count = min(count, 4096);
+
 	if (count != 0 && count < input_event_size())
 		return -EINVAL;
 
-- 
2.46.0.184.g6999bdac58-goog


-- 
Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ