selinux: add __GFP_NOWARN to hashtab_init() allocations From: Paul Moore As reported by syzbot, hashtab_init() can be affected by abnormally large policy loads which would cause the kernel's allocator to emit a warning in some configurations. Since the SELinux hashtab_init() code handles the case where the allocation fails, due to a large request or some other reason, we can safely add the __GFP_NOWARN flag to squelch these abnormally large allocation warnings. Reported-by: syzbot+bc2c99c2929c3d219fb3@syzkaller.appspotmail.com Signed-off-by: Paul Moore --- security/selinux/ss/hashtab.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 383fd2d70878..1382eb3bfde1 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c @@ -40,7 +40,8 @@ int hashtab_init(struct hashtab *h, u32 nel_hint) h->htable = NULL; if (size) { - h->htable = kcalloc(size, sizeof(*h->htable), GFP_KERNEL); + h->htable = kcalloc(size, sizeof(*h->htable), + GFP_KERNEL | __GFP_NOWARN); if (!h->htable) return -ENOMEM; h->size = size;