Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp4515958ybg; Mon, 8 Jun 2020 09:43:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwQD/zPPIIxaf+85nxeULUqFtFbYfvIh1va12TIYwMSnwjlE9MyQGifUI27LiAXE5kJ45UK X-Received: by 2002:a17:906:4756:: with SMTP id j22mr14999197ejs.490.1591634609878; Mon, 08 Jun 2020 09:43:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591634609; cv=none; d=google.com; s=arc-20160816; b=FTcL/mmZmM/QsIEcQUColo43YzOIK09QADqQmhVwYxG9wWBnpv60fuO09J73YbOGp2 NIHZjfGJl8kmFZYSthXAL8Lk/ALct09WoIfpxo/dRionLJO16aDnDydqkOvSBgHxN201 kOO4fvF5y+DK5TJ6mgVxqVcShzNcZSxkNf+OkyA2XYTa/8XzeEwkatav3jxV/uWGmYhr k6dG5CXmQO/GhE8LJiAxG0EbtoDH1Dr6UTv0LpAoN4l6J/l9hwN2DKuJdQ0JeCFwgxmR NfgxvHBXQEEo/3jHI/sNDdXyaJPJulaJN11hTFnjq8o2DsQ7S8A7rm069U3P9IuGHWUa UQoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=VXzlhx30X7rf3m2Vi+T5KVUT4esolO+EOHVouc1TbaY=; b=YnUXaTBUtMzXM+dX4MAL9Xqy6O94X3QoA7PAOpalEfbEFJQ93oE1YY0JCDpmQsf/8f YsS9dEa1DoE4jroP+IdfkJzvL1Uhp6k3HCsvAiP4DbXPn+gaxqMZMaGJR5lUdBS+V5sG XwDudaqNprUVO9m+u2ft9BDDnjcVjgRfDfFI5FhdHQHXkmlk3POJ9FphdVpc3pU70r1S dZLC8pJ8hFFsdZZ36m0q+cCsfvN+wY8EwhqPXD5s/P4OnGN8WrjTMYgL6yQ4KVGk+Lm5 9jk/CnZRP3Bg6WwvmyMKFwpLtA9Hxz6shosfyIzWWfCxLRjVwV2dPvPWoKTBGz4artEo NSKA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=YPKkBvSO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j16si8810733ejy.355.2020.06.08.09.43.05; Mon, 08 Jun 2020 09:43:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=YPKkBvSO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730604AbgFHQkc (ORCPT + 99 others); Mon, 8 Jun 2020 12:40:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34352 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730333AbgFHQkb (ORCPT ); Mon, 8 Jun 2020 12:40:31 -0400 Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6A888C08C5C2; Mon, 8 Jun 2020 09:40:30 -0700 (PDT) Received: by mail-lj1-x243.google.com with SMTP id i27so10391241ljb.12; Mon, 08 Jun 2020 09:40:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VXzlhx30X7rf3m2Vi+T5KVUT4esolO+EOHVouc1TbaY=; b=YPKkBvSOmmqBhlgVH5HqQJW7p9iFA6BTKYMB42brXkJ1VgkQPa+ve/DHD+TwqrXvFs p1W4clgqNvfTYzq1/O49zXX88wY5kGDAtkMGp/P7uhNbcxlmgQlDpuyuLmQ3SUJMvIcu O0QXtdRVC/4W9ig3ijwD0QFOpW0azbQBidSWayuoUeyLnM9UZqwQ/TJtAmBqG+j4E+mf /43QlQtmM+YZNo8Rc4MzgKGwhGt1AU1DRoVkobQKVN67V894cJM1phpluQPmC1Cl+10j cc7oXMWP/QLQ/gsD1p0ALFig+b+SYDHdwj6NzTM4/S0+pnjxqiNXET5ebYfQiue5Sir7 +CEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VXzlhx30X7rf3m2Vi+T5KVUT4esolO+EOHVouc1TbaY=; b=V5gFK3Ad8jjiB2LR5RXUYd9gr589wMV1kClRfeybSENLs1dMzW/yWqqMgr9q5I4AZw +oXCtYmHG5tyRPfd8sOj8hkjVKu3rJ8lbCpryPVY3CM3Cj6K+Az9l4yQ/73lCjRhmoBK lFoVDnOoQ3w2POKCYlxbuZ3BiJz+/9S3PWrJThL7X6XOsjyziEQwasllyyXALB4CITDI OvjnNR+DnyRUylTy+piAsZ41oZp4lP2Zvq26dKnydyNPOV9RnGw/XFjRe1ZP5xhlV4SE wgjDTXH+kKqPh/PExcxAlymf53USsz+58eatXrupF/NUuPaA2WV1e6CXn0E+523of2oH 2m2w== X-Gm-Message-State: AOAM532VpnR8h5v4gTnkLBlGeHqFIgJoAip2892vSbhvJyiF/akehhWA AJrS5upwtX+yMxOc8hhgdpOMSYbZCal61Cl7X9A= X-Received: by 2002:a2e:2f07:: with SMTP id v7mr6660513ljv.51.1591634428763; Mon, 08 Jun 2020 09:40:28 -0700 (PDT) MIME-Version: 1.0 References: <20200424064338.538313-1-hch@lst.de> <20200424064338.538313-6-hch@lst.de> <1fc7ce08-26a7-59ff-e580-4e6c22554752@oracle.com> <20200608065120.GA17859@lst.de> <20200608130503.GA22898@lst.de> In-Reply-To: <20200608130503.GA22898@lst.de> From: Alexei Starovoitov Date: Mon, 8 Jun 2020 09:40:17 -0700 Message-ID: Subject: Re: WARNING: CPU: 1 PID: 52 at mm/page_alloc.c:4826 __alloc_pages_nodemask (Re: [PATCH 5/5] sysctl: pass kernel pointers to ->proc_handler) To: Christoph Hellwig , Stanislav Fomichev Cc: Vegard Nossum , Kees Cook , Iurii Zaikin , Alexei Starovoitov , Daniel Borkmann , LKML , Al Viro , bpf , Andrey Ignatov Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 8, 2020 at 6:05 AM Christoph Hellwig wrote: > > On Mon, Jun 08, 2020 at 09:45:49AM +0200, Vegard Nossum wrote: > > Just a test case. > > > > Allowing the kernel to allocate an unbounded amount of memory on behalf > > of userspace is an easy DOS. > > > > All the length checks were already in there, e.g. > > > > static int cmm_timeout_handler(struct ctl_table *ctl, int write, > > void __user *buffer, size_t *lenp, loff_t > > *ppos) > > { > > char buf[64], *p; > > [...] > > len = min(*lenp, sizeof(buf)); > > if (copy_from_user(buf, buffer, len)) > > return -EFAULT; > > Doesn't help if we don't know the exact limit yet. But we can put > some arbitrary but reasonable limit like KMALLOC_MAX_SIZE on the > sysctls and see if this sticks. adding Stanislav. I think he's looking into this already.