Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1093180imm; Thu, 13 Sep 2018 12:33:21 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZDOYiNO7mitKsI0NY0SJo5Tt0y5P5Ffj7AK3NecXXt0BiJqFKyrTTURAGu90ERJMgY2hdk X-Received: by 2002:a63:225f:: with SMTP id t31-v6mr8364443pgm.275.1536867201304; Thu, 13 Sep 2018 12:33:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536867201; cv=none; d=google.com; s=arc-20160816; b=SuTJwsZGJppIUiB8d/VdUQhxw63r8aG9k0f75cVtG1cR4I1qzOS1JfZPnwq/T14Isr MMxAkDuT7nxvDuHJ4sgoiwyGSUjlBJfVEBpZxKQO8NLWsLyibgOTuhKvBhSGN9J9uHML awB7lqqoyZd0HTT/yEBfXEeewpGVZbfnmN1Nc0zHjD+oxxC45kMKXespNb9VMR0GcD5q 0JwPYiHC3lkliieuS0uP2PakiCpnuP28VGbCK41qQcV4Y4dDiV8sVl7uLDK4Py484Y/G kUE4LtCkjxLNU6SpcVUsj4xQ/gXcZnC5cyqHV6xdEA7vVuVPjX0LoTiPGrl2n6WWh4sp TSaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=d57+uZPpR/VzDByvk2rw5mRfBpWJoXIMQ6scAv85B9I=; b=H5nieT/NEt+tHHlHWUNk0VanANoV9cFVVDx+t4jtQ4RrzuYyw3K2Nq4sVaPkR/dQ2c GxKbBoWeVIVX6Dhy5puvFMXflmJrToGCALh/+E+6X67uZmshF63W+YJpRdkozG/sTkw3 5Cm3CsYyKWd/AhcFNBpkQdb9c2OoJ4c4VmXuND2le4iGwx6cnGKHtEFN7hz2SKcNzsBd 3OKWehjUVPW9IowP+f0dN/BOwkPIzYTbM9TYNpQ1wg13omz5XjKwK/Uc3/KtxQKFkR6N PGHxs6adqr0UjCPOvoGYEko31QM2IoeOJI3wsNIhh4fxp+UrRdvz4WLVS4lWsjr8uCCp qfcg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=bJZ4KnH1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h126-v6si5024735pfe.72.2018.09.13.12.33.05; Thu, 13 Sep 2018 12:33:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=bJZ4KnH1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727772AbeINAeU (ORCPT + 99 others); Thu, 13 Sep 2018 20:34:20 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:36426 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727383AbeINAeT (ORCPT ); Thu, 13 Sep 2018 20:34:19 -0400 Received: by mail-lj1-f196.google.com with SMTP id v26-v6so5576983ljj.3 for ; Thu, 13 Sep 2018 12:23:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=d57+uZPpR/VzDByvk2rw5mRfBpWJoXIMQ6scAv85B9I=; b=bJZ4KnH1c95BXh90ik4ertRPQureyrK2RLPkVSMtbK0fVGf3U5z4dhFclo1FrttfvZ tR1MYrfJqaU5PLdA/ffCU7zr1SwzS4kKdNTkahxJmFmXgNdX5IFwytF1UHa7MCls4wCK VDd4QNMiviM8m6/dJuBwUozCF7C7hijObeINAVQrrh7KmJOano5nqPdTDYmdlVSnHq6/ iTrqo/+5QB7ZPolQ59yoAgBlqWgS6NrS3U2x0M6U5oUc+y2XuxC2cXJ6rPZsHykazjmS ZO12aqTAZLR+GYcNs+/HTfqdp0xM1VpcluhrAs5VX2ZJl+HpU5fFc0hAGZ2VLZPlTI5j Z40w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=d57+uZPpR/VzDByvk2rw5mRfBpWJoXIMQ6scAv85B9I=; b=tWZGd6W+gx39hIIExsIArIjtHJtIxFvo3CqhvKt7qP/WjVnUbDXUBA4UfuGXTc5KNT 2ctoiqYoI7xux0NvkYT7xytKch0fW2Y9wdAY5ZC4qSIUblGUL/Zc3xmoQmZcfCB7hQ5j ywBclN7RzVUUVUo41xFypLAV8KQPGNQCzgIN07tTw8IRkWIAYmt5VEBj1arUwIAD67v+ TiM9wUWuQEJE9RX7lzo+5c5Til4RgOxMJ2T5/PIeokfcqxvkzI/rTkLXJdE8321qhBT/ mNKiUT48y2FRc3wSsjPidMErgbnhhn3m/4UdB8fv7j39w7CAUAY1awopI8bTedBL3Us/ pB4Q== X-Gm-Message-State: APzg51AYw7VWYOaig2guYhDgoWgI72a9EDUM8Yle3YaRagb274paVtlJ a2CE0/M+Ubcho/ml0unipPb7uz9grCZTYFelBWin X-Received: by 2002:a2e:8743:: with SMTP id q3-v6mr5564739ljj.139.1536866606273; Thu, 13 Sep 2018 12:23:26 -0700 (PDT) MIME-Version: 1.0 References: <000000000000038dab0575476b73@google.com> In-Reply-To: From: Paul Moore Date: Thu, 13 Sep 2018 15:23:15 -0400 Message-ID: Subject: Re: [PATCH] selinux: Add __GFP_NOWARN to allocation at str_read() To: penguin-kernel@i-love.sakura.ne.jp Cc: selinux@tycho.nsa.gov, syzbot+ac488b9811036cea7ea0@syzkaller.appspotmail.com, Eric Paris , linux-kernel@vger.kernel.org, peter.enderborg@sony.com, Stephen Smalley , syzkaller-bugs@googlegroups.com, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 13, 2018 at 2:26 AM Tetsuo Handa wrote: > On 2018/09/13 12:02, Paul Moore wrote: > > On Fri, Sep 7, 2018 at 12:43 PM Tetsuo Handa > > wrote: > >> syzbot is hitting warning at str_read() [1] because len parameter can > >> become larger than KMALLOC_MAX_SIZE. We don't need to emit warning for > >> this case. > >> > >> [1] https://syzkaller.appspot.com/bug?id=7f2f5aad79ea8663c296a2eedb81978401a908f0 > >> > >> Signed-off-by: Tetsuo Handa > >> Reported-by: syzbot > >> --- > >> security/selinux/ss/policydb.c | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > >> index e9394e7..f4eadd3 100644 > >> --- a/security/selinux/ss/policydb.c > >> +++ b/security/selinux/ss/policydb.c > >> @@ -1101,7 +1101,7 @@ static int str_read(char **strp, gfp_t flags, void *fp, u32 len) > >> if ((len == 0) || (len == (u32)-1)) > >> return -EINVAL; > >> > >> - str = kmalloc(len + 1, flags); > >> + str = kmalloc(len + 1, flags | __GFP_NOWARN); > >> if (!str) > >> return -ENOMEM; > > > > Thanks for the patch. > > > > My eyes are starting to glaze over a bit chasing down all of the > > different kmalloc() code paths trying to ensure that this always does > > the right thing based on size of the allocation and the different slab > > allocators ... are we sure that this will always return NULL when (len > > + 1) is greater than KMALLOC_MAX_SIZE for the different slab allocator > > configurations? > > Yes, for (len + 1) cannot become 0 (which causes kmalloc() to return > ZERO_SIZE_PTR) due to (len == (u32)-1) check above. > > The only concern would be whether you want allocation failure messages. > I assumed you don't need it because we are returning -ENOMEM to the caller. I'm not to worried about the failure messages, returning -ENOMEM should be sufficient in this case. -- paul moore www.paul-moore.com