| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iKL9-3RTBhtyg5gxOLfXZVyJoCK0A_K9ui5Ew-KdNtFhw@mail.gmail.com> Date: Tue, 5 Sep 2023 14:34:11 +0200 From: Eric Dumazet <edumazet@...gle.com> To: David Laight <David.Laight@...lab.com> Cc: Kyle Zeng <zengyhkyle@...il.com>, "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "eric.dumazet@...il.com" <eric.dumazet@...il.com>, syzbot <syzkaller@...glegroups.com>, Kees Cook <keescook@...omium.org>, Vlastimil Babka <vbabka@...e.cz> Subject: Re: [PATCH net] net: deal with integer overflows in kmalloc_reserve() On Tue, Sep 5, 2023 at 2:27 PM Eric Dumazet <edumazet@...gle.com> wrote: > > On Tue, Sep 5, 2023 at 10:36 AM David Laight <David.Laight@...lab.com> wrote: > > > > From: Eric Dumazet > > > Sent: 05 September 2023 04:42 > > ... > > > Again, I do not want this patch, I want to fix the root cause(s). > > > > > > It makes no sense to allow dev->mtu to be as big as 0x7fffffff and > > > ultimately allow size to be bigger than 0x80000000 > > > > kmem_alloc_reserve() also needs fixing. > > Yes, this is what I said. Please provide a patch ? Oops, I thought you were speaking about kmalloc_size_roundup() kmalloc_reserve() is fine, all overflows must be taken care of before reaching it.
Powered by blists - more mailing lists