Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp145680imm; Wed, 12 Sep 2018 20:04:43 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZMOQ6fuOZNJnQ9JJQ66/GSQzGPDmc2MWfORQpoSeFvB9vVYv66LbHv2S2bll9w7L+A9eKJ X-Received: by 2002:a63:ba1c:: with SMTP id k28-v6mr4970153pgf.76.1536807883776; Wed, 12 Sep 2018 20:04:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536807883; cv=none; d=google.com; s=arc-20160816; b=I9zTfh8ihkth3rZ6FA6ZlHwaCcyxy9OWr3qRx1Gg6Ai347wSIwhQPtwAhLRtKTI2u3 Qp5WE0WAl5qLd+jIzn857BoWt9HzHQSLeSil1/XJqfckUcNU2nL9OjI0ShY4J81Zy3f/ xjpQE0KFyezhr1spG+n3jiNMR/Oc+qFJFWmKVxVGKBhjbsJghuYfI0d2yLAtRLVLO7b7 h8FjA+1zNzjTog7VkoUFcegEO/BuWPFJAsQtvBZPBx5va+q1JVO0qBuwrmu7j2xllwSQ sLZ70kEj4+LJQSOKtoSmzF51CTyH5zKjSt2PprWThYCIDeLTLkgVXfOWry8Kwbrkh7mg RN7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=eLmPQD5GpR80LgPhgLp75IjqS3Vhz+sMBw7ukCkyL5A=; b=wQud4UolN2nY7FA08skzSlw0vniwWF0IuwdhpLJt1Gf1fkih+0FkTJBSL17LR52tcC qmXVv7Q3oenjLmv2GukFpWLDqyffwvgJG+woyM8XuqHiFhrVHT0X29VCGl3XZsrTYJLp xbDirz+BQ32j39acGc9W8Ug+a82xuTysvZ50+8NZwVqBuVFwEinCxoAnp6qKK36u8CSz BfOkNMFsj/4CzcGQE6yF2rMBzqzy7R+9lkPFS+UKlmIfeiErQ2VtZO1ujtuchm6QJiVR 9ycNDqsn8qnG6S96PJoJCLUGRMDwDEEDAXgHLJU92Rp+UXi/LkBAU1pQz5C4trFRBol7 PjrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=EzoZsOK9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f8-v6si3028677plm.117.2018.09.12.20.04.28; Wed, 12 Sep 2018 20:04:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=EzoZsOK9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727383AbeIMIJm (ORCPT + 99 others); Thu, 13 Sep 2018 04:09:42 -0400 Received: from mail-lf1-f65.google.com ([209.85.167.65]:35581 "EHLO mail-lf1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726364AbeIMIJm (ORCPT ); Thu, 13 Sep 2018 04:09:42 -0400 Received: by mail-lf1-f65.google.com with SMTP id q13-v6so3500861lfc.2 for ; Wed, 12 Sep 2018 20:02:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=eLmPQD5GpR80LgPhgLp75IjqS3Vhz+sMBw7ukCkyL5A=; b=EzoZsOK9q+YukAR/ACvt8VBoJyeatexCyvHsmDuujjUvgOPwG05UN1nO9prLKxF6Yj jBIdKLVWXO7+ccNbAG6p4JYPXdlc1VXNbRQXb52FN8cDukIQONO/NVz1F2Ju6CSc94i3 L3j8c5jrEYzbc8VnDOjr+Apx+BO25PwIJiFQyA7kYsJUCsqOq3PILhag6yLp8HqSm9hw cl75ylgLER+Dtdmef6RFt3lViumexM8Fib2gcZTAq6MG3x5NUCg3EsSiOVZTF8/yYY2h 9LiKqJ3TCxeujTLfvk8i/VkqBlF/sy02bcgtvugceIUe7F7dvx1MVB8SM5hdvDI6wVno XQaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=eLmPQD5GpR80LgPhgLp75IjqS3Vhz+sMBw7ukCkyL5A=; b=JMvR1VDTq2n4rRVLVPSmo9IKRNlhhzEKT1Fe/Wf0eLFfMuG5e3zyx2hS8BpDW7VYHq jvTmeu3uoauaoBPBMMYAJGCbE9gggGQM5gRkvJXE2AvL3As4zhcZcLnNIAClJ2w2vgsf ItSjxTj6S+u7rvsUzd3iRFVLJYS2YtiJ8LWIxQZJj3a2o0pAp5TokUzbIFyx2DSMYVzb /9P66N70gosTHOqF2aLT4R5ZIOS3ascdph77xyurg4u0J8SkW2qi1eQaOykPsbPNbrT6 afxhSG4qrdIuHKqCU1y8KuYWr/au9j+FzaXoLCsmJVC7x/h0IBk7Et/hUzYgf7/audt2 MkuA== X-Gm-Message-State: APzg51DLteJYCWVfcl/0JBqOTb0SmEY3agi2FeQqZiYk87U51KcVaevv zTuvpSozh3voMGYBoarXJl7x5t88Wjo9FXCOjyyK X-Received: by 2002:a19:5a83:: with SMTP id y3-v6mr3134614lfk.19.1536807733539; Wed, 12 Sep 2018 20:02:13 -0700 (PDT) MIME-Version: 1.0 References: <000000000000038dab0575476b73@google.com> In-Reply-To: From: Paul Moore Date: Wed, 12 Sep 2018 23:02:02 -0400 Message-ID: Subject: Re: [PATCH] selinux: Add __GFP_NOWARN to allocation at str_read() To: penguin-kernel@i-love.sakura.ne.jp Cc: selinux@tycho.nsa.gov, syzbot+ac488b9811036cea7ea0@syzkaller.appspotmail.com, Eric Paris , linux-kernel@vger.kernel.org, peter.enderborg@sony.com, Stephen Smalley , syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 7, 2018 at 12:43 PM Tetsuo Handa wrote: > syzbot is hitting warning at str_read() [1] because len parameter can > become larger than KMALLOC_MAX_SIZE. We don't need to emit warning for > this case. > > [1] https://syzkaller.appspot.com/bug?id=7f2f5aad79ea8663c296a2eedb81978401a908f0 > > Signed-off-by: Tetsuo Handa > Reported-by: syzbot > --- > security/selinux/ss/policydb.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > index e9394e7..f4eadd3 100644 > --- a/security/selinux/ss/policydb.c > +++ b/security/selinux/ss/policydb.c > @@ -1101,7 +1101,7 @@ static int str_read(char **strp, gfp_t flags, void *fp, u32 len) > if ((len == 0) || (len == (u32)-1)) > return -EINVAL; > > - str = kmalloc(len + 1, flags); > + str = kmalloc(len + 1, flags | __GFP_NOWARN); > if (!str) > return -ENOMEM; Thanks for the patch. My eyes are starting to glaze over a bit chasing down all of the different kmalloc() code paths trying to ensure that this always does the right thing based on size of the allocation and the different slab allocators ... are we sure that this will always return NULL when (len + 1) is greater than KMALLOC_MAX_SIZE for the different slab allocator configurations? -- paul moore www.paul-moore.com