Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp1445109pxa; Thu, 13 Aug 2020 08:40:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxevXO4GyH5XmaUlzvcaYn5gGwZsM+dQ+8wSMQwIuS4V9X4oNd1Yof0ThSaX9RQFD5dSSd4 X-Received: by 2002:a17:906:4c46:: with SMTP id d6mr5587916ejw.14.1597333223553; Thu, 13 Aug 2020 08:40:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597333223; cv=none; d=google.com; s=arc-20160816; b=eBXy3JLkMx999aTEtMcFR/wG7etdf3fQIkA//QtZDCzkovxHLgvdCYdPkWJCYhUi5d 3gGlRj51luTL96IU3gbw4+mtqclrVFPmYOeLzEwsz8BqDA+2n4RztddhjSf301dGlSNy oqhub7grFTpTOIu2lQfmAJ9ozKF5h5WXSW5ZteLQEH89+IC9Q06/SeEbzv7NitAHTAL+ HyFtT9DCYf8Xy9j7JQz0jxyD+a9KcCXZfKEo4knR5ujjSyvKHxgbr7lZLg1cYa/BrZSA cnNgGq9bl8EomBNXlTIQ1Ret0I+uvubLZho9sxksIEK4fAWEMJ+HScbhNCjNYzkolOgp G9BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=J+kwDW5dLsOdGX1FSkw+PqGjhooglH4nMFR/D4glcGo=; b=Jla/KlPLNhB8gE4H71uY3lckpEqHHTvRhScfKYh4BqPrYom/ksbzDDzOIZvX1k5DpD SlPCSdTarsEE3jWrWrXMC1RE+p4PaqFRkoD0kq6QiwuoiW10E1JJn02Qwl2sp8P6mxLx xQkWZJTByk4U9PfkVxzWvbkm8ZZSWnooOQW6CL+1SOlpx6t1oc7/IB48WCPn7xfcQxZR gasH5OmUzTIHZRAKoGvdpI5j9+hbhjozsPogVmvDywLdNWW3IgtUphL+33x45ItvIy1e TuO7m1k/Ha61GM2MabGJUSRFa7Gp5uqOSfON2iDGIPvycdt3u2+wdgU72oK8ZUZQ4lKE BFSQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id kq1si3608832ejb.246.2020.08.13.08.39.59; Thu, 13 Aug 2020 08:40:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726576AbgHMPh0 (ORCPT + 99 others); Thu, 13 Aug 2020 11:37:26 -0400 Received: from verein.lst.de ([213.95.11.211]:46752 "EHLO verein.lst.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726249AbgHMPhZ (ORCPT ); Thu, 13 Aug 2020 11:37:25 -0400 Received: by verein.lst.de (Postfix, from userid 2407) id C439A68AFE; Thu, 13 Aug 2020 17:37:22 +0200 (CEST) Date: Thu, 13 Aug 2020 17:37:22 +0200 From: Christoph Hellwig To: Josef Bacik Cc: hch@lst.de, viro@ZenIV.linux.org.uk, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, kernel-team@fb.com, willy@infradead.org Subject: Re: [PATCH][v2] proc: use vmalloc for our kernel buffer Message-ID: <20200813153722.GA13844@lst.de> References: <20200813145305.805730-1-josef@toxicpanda.com> <20200813153356.857625-1-josef@toxicpanda.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200813153356.857625-1-josef@toxicpanda.com> User-Agent: Mutt/1.5.17 (2007-11-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Aug 13, 2020 at 11:33:56AM -0400, Josef Bacik wrote: > Since > > sysctl: pass kernel pointers to ->proc_handler > > we have been pre-allocating a buffer to copy the data from the proc > handlers into, and then copying that to userspace. The problem is this > just blind kmalloc()'s the buffer size passed in from the read, which in > the case of our 'cat' binary was 64kib. Order-4 allocations are not > awesome, and since we can potentially allocate up to our maximum order, > use vmalloc for these buffers. > > Fixes: 32927393dc1c ("sysctl: pass kernel pointers to ->proc_handler") > Signed-off-by: Josef Bacik > --- > v1->v2: > - Make vmemdup_user_nul actually do the right thing...sorry about that. > > fs/proc/proc_sysctl.c | 6 +++--- > include/linux/string.h | 1 + > mm/util.c | 27 +++++++++++++++++++++++++++ > 3 files changed, 31 insertions(+), 3 deletions(-) > > diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c > index 6c1166ccdaea..207ac6e6e028 100644 > --- a/fs/proc/proc_sysctl.c > +++ b/fs/proc/proc_sysctl.c > @@ -571,13 +571,13 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *ubuf, > goto out; > > if (write) { > - kbuf = memdup_user_nul(ubuf, count); > + kbuf = vmemdup_user_nul(ubuf, count); Given that this can also do a kmalloc and thus needs to be paired with kvfree shouldn't it be kvmemdup_user_nul?