Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp3806132pxb; Mon, 4 Oct 2021 10:00:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw5/1dkpyBh4XhTQ7i+QO+8FFhPlSrXJS9/iDUvuHKN4apbnHoMdkyqwh5mLPdW3mslgmIR X-Received: by 2002:a17:90a:10:: with SMTP id 16mr31623798pja.50.1633366831689; Mon, 04 Oct 2021 10:00:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633366831; cv=none; d=google.com; s=arc-20160816; b=Nr2f0etsaUOb5xAMLgDHlw7jIzCGfSpB2vZttIy4o7I3p8P0I0C5IVHQEQQC7f+3Ku HUHISfIjECujj2usUamI+OcbxEGdKQ8chfWY++h+3yFp6TxDzBizyFU6ld5JwxSY2d0U zYHjQ7jIm/XRwkOj3GnjtyTxBLY/kCsLUeoU7wv7v5JVxZcdNqEwFy4xPd1l4NVyNTUk MCSzM2xfeKdoTjvwaZu4NT0O/L3R2Q9jcfmGdfuRLwmAsqqryvSnModInykZJxBKrym/ 0Y8zgHA7gZ8AMAW+Kj5pSnKScIlktjJtP21QIcc5+1WtIIUbEutKpauidnCuHbuRUybR NPbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=bVMYlswuMlPHiG9HNz4GJpbhYSwc6kUG9mY5BRNZy1Y=; b=c1XaqoGQBSB7KlCJPH8fkPJt8ffQb0KO71MagV2+4tDdLVcZA/7SUZ8j/GnwDFcfq4 l5SIYdIHu2WgNm1C9DZfMbGKgU0lwgQdADdKFgYRC37tr3yBX62Ru9xXARhRs9KTjF80 DotVGGlFxQc7QK4otk3yzQvNAxWDAr76in0yqF3eTvmH6CwVobBTijscwrqzz3BL2zI2 N8pUrM0Tq55tq92iDnlgMCzk+XzJGKaui67tBKsT8Vl/vYI6aJX2xpI/6jRtQHZgyYg2 DZqgc43sMQ8VJq/9kydNv6iGNzhCtT5iz3J8E36vVkTdA7SI0ugM18yZJM0Mk1V3F0ue jspA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=lcxr5yzs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j73si11979780pge.385.2021.10.04.10.00.17; Mon, 04 Oct 2021 10:00:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=lcxr5yzs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238251AbhJDNoH (ORCPT + 99 others); Mon, 4 Oct 2021 09:44:07 -0400 Received: from mail.kernel.org ([198.145.29.99]:51804 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238255AbhJDNl5 (ORCPT ); Mon, 4 Oct 2021 09:41:57 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 1911761B47; Mon, 4 Oct 2021 13:19:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1633353548; bh=4J6b+pGnhyClF6/EOFwei6emV3s8HYLl1o7osLBs+OY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lcxr5yzs/SbUoLlAHV3EFo0hZH7aatsWZdRTYz0wTvfngIZ1HKUNEnqj1i45TBwRf WzzAkMM7gotX2SsiGWaj34MW5B5wlxBSlfxetChfkAp7QJ7BtnxIzOHCNf/fLwFEpO QGGzTNpe/nkOI7VXzVyV0HwEHVvu6ruMjyNBWeEg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Willy Tarreau , Kees Cook , Linus Torvalds Subject: [PATCH 5.14 165/172] mm: dont allow oversized kvmalloc() calls Date: Mon, 4 Oct 2021 14:53:35 +0200 Message-Id: <20211004125050.299434484@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211004125044.945314266@linuxfoundation.org> References: <20211004125044.945314266@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Linus Torvalds commit 7661809d493b426e979f39ab512e3adf41fbcc69 upstream. 'kvmalloc()' is a convenience function for people who want to do a kmalloc() but fall back on vmalloc() if there aren't enough physically contiguous pages, or if the allocation is larger than what kmalloc() supports. However, let's make sure it doesn't get _too_ easy to do crazy things with it. In particular, don't allow big allocations that could be due to integer overflow or underflow. So make sure the allocation size fits in an 'int', to protect against trivial integer conversion issues. Acked-by: Willy Tarreau Cc: Kees Cook Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- mm/util.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/mm/util.c +++ b/mm/util.c @@ -593,6 +593,10 @@ void *kvmalloc_node(size_t size, gfp_t f if (ret || size <= PAGE_SIZE) return ret; + /* Don't even allow crazy sizes */ + if (WARN_ON_ONCE(size > INT_MAX)) + return NULL; + return __vmalloc_node(size, 1, flags, node, __builtin_return_address(0)); }