Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp6840248rwd;
        Tue, 6 Jun 2023 02:43:35 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ7GJrA9SIxUatTj66PKpHNUTHxmBzSmFcb1U4bnuWr/xVIAF6Wlwp4o5bXKl+E6yYuXuJwS
X-Received: by 2002:a05:6214:3011:b0:61a:36d6:41a5 with SMTP id ke17-20020a056214301100b0061a36d641a5mr1524759qvb.5.1686044615594;
        Tue, 06 Jun 2023 02:43:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1686044615; cv=none;
        d=google.com; s=arc-20160816;
        b=DTax9aGLlzHJXOgWv16nSl9o9DV4MSZIlZMNk6vpkkIq4FyeJxNGlT3SEyr17MHQZj
         0daBKxnvQ0jikoild/v6h+4d9fKjDK1EnyJM2n2Qg/jUlqoHmox9Drfp/LtTxt0aPt43
         eUG15y+gbDDMdv/WcFzqApgNjA9PteAzM1BC1LqD5PMUM7lG7FKxtoWw5ECiqT+7A/6K
         eSyKgcrRAQO1ppy9VX6+Xs9Y5+Hyxt4Sp0JXm/yyEII1vOYMOC0Mif+Kkv3vIMSbZkdh
         2LrtxW9JqsnO+KLQYnDlPSiH57/dWRdSv7VqWv/sNHDUcIi7/+8myldanu1lxGPqGUhg
         r7SQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=bbZGDq+86TnmolXiWjq6DHLdTFE2zC5Whn/asYdgiHU=;
        b=LivwB/CcvaL/2g248XM+KlZtEq5j5Vq2etLYv13NanKqsRP/W2AI961+Ks4V7TGmst
         ooQs+hKshw9mEDZ96dNrBxrgaSteV5joaiPFcG9dQuwPtt/V+IbPZKDeqcwuCH8hwgPz
         kVy/I6eK82Mhn400wf5Vl+LdRG1IXrLOSgtCRgXw9WbWwHnlLqx1GxjDm7SwGuXcLXVm
         sOQWm+VqfXso3FZFpvMePrPBoAsV0eILEMNPx4fsFKVQ9mGBT4BpcjagHx3apAUqoaFF
         8RyO4IXXWR0IqIy3eI9jD2dV1X845DplwckFmjddb7InqKe13BtjgGazbIr+nLHRS6Wm
         HOLQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id f5-20020a056214076500b005ea2f1bc2fesi5779781qvz.151.2023.06.06.02.43.16;
        Tue, 06 Jun 2023 02:43:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236349AbjFFJbC (ORCPT <rfc822;proase2022@gmail.com> + 99 others);
        Tue, 6 Jun 2023 05:31:02 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41214 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234500AbjFFJa6 (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 6 Jun 2023 05:30:58 -0400
Received: from 167-179-156-38.a7b39c.syd.nbn.aussiebb.net (167-179-156-38.a7b39c.syd.nbn.aussiebb.net [167.179.156.38])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5375EE64;
        Tue,  6 Jun 2023 02:30:54 -0700 (PDT)
Received: from loth.rohan.me.apana.org.au ([192.168.167.2])
        by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian))
        id 1q6T1N-00HHlY-27; Tue, 06 Jun 2023 17:30:34 +0800
Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Tue, 06 Jun 2023 17:30:33 +0800
Date:   Tue, 6 Jun 2023 17:30:33 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     David Howells <dhowells@redhat.com>
Cc:     netdev@vger.kernel.org, "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Jakub Kicinski <kuba@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-crypto@vger.kernel.org,
        linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next v2 10/10] crypto: af_alg/hash: Support
 MSG_SPLICE_PAGES
Message-ID: <ZH78uQsrUz4fxZmm@gondor.apana.org.au>
References: <ZH7xzYfwQoWZLUYa@gondor.apana.org.au>
 <20230530141635.136968-1-dhowells@redhat.com>
 <20230530141635.136968-11-dhowells@redhat.com>
 <1845449.1686043495@warthog.procyon.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1845449.1686043495@warthog.procyon.org.uk>
X-Spam-Status: No, score=2.7 required=5.0 tests=BAYES_00,HELO_DYNAMIC_IPADDR2,
        PDS_RDNS_DYNAMIC_FP,RDNS_DYNAMIC,SPF_HELO_NONE,SPF_PASS,TVD_RCVD_IP,
        T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=no autolearn_force=no
        version=3.4.6
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Tue, Jun 06, 2023 at 10:24:55AM +0100, David Howells wrote:
>
> If the iov_iter is a user-backed type (IOVEC or UBUF) then it's not relaxed.
> max_pages is ALG_MAX_PAGES here (actually, I should just move that here so
> that it's clearer).

Even if it's kernel memory they can't be freed during the hashing
operation, which could be long if the amount is large (or the algo
is slow).

The reason for the limit here is to stop a malicious user from
pinning an unlimited amount of memory by doing a hashing operation,
IOW a DoS attack.

So I think we should keep the limit as is.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt