| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240816001805.GA232957@quokka> Date: Fri, 16 Aug 2024 10:18:05 +1000 From: Peter Hutterer <peter.hutterer@...-t.net> To: Dmitry Torokhov <dmitry.torokhov@...il.com> Cc: linux-input@...r.kernel.org, Jeff LaBundy <jeff@...undy.com>, Benjamin Tissoires <bentiss@...nel.org>, linux-kernel@...r.kernel.org, Hans de Goede <hdegoede@...hat.com> Subject: Re: [PATCH] Input: evdev - limit amount of data for writes On Thu, Aug 15, 2024 at 11:41:53AM -0700, Dmitry Torokhov wrote: > Limit amount of data that can be written into an evdev instance at > a given time to 4096 bytes (170 input events) to avoid holding > evdev->mutex for too long and starving other users. > > Signed-off-by: Dmitry Torokhov <dmitry.torokhov@...il.com> I'd expect anything coming near 170 input events is going to trigger SYN_DROPPED anyway, so: Reviewed-by: Peter Hutterer <peter.hutterer@...-t.net> thanks. Cheers, Peter > --- > drivers/input/evdev.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c > index a8ce3d140722..eb4906552ac8 100644 > --- a/drivers/input/evdev.c > +++ b/drivers/input/evdev.c > @@ -498,6 +498,13 @@ static ssize_t evdev_write(struct file *file, const char __user *buffer, > struct input_event event; > int retval = 0; > > + /* > + * Limit amount of data we inject into the input subsystem so that > + * we do not hold evdev->mutex for too long. 4096 bytes corresponds > + * to 170 input events. > + */ > + count = min(count, 4096); > + > if (count != 0 && count < input_event_size()) > return -EINVAL; > > -- > 2.46.0.184.g6999bdac58-goog > > > -- > Dmitry
Powered by blists - more mailing lists