Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

mm: don't allow oversized kvmalloc() calls

'kvmalloc()' is a convenience function for people who want to do a
kmalloc() but fall back on vmalloc() if there aren't enough physically
contiguous pages, or if the allocation is larger than what kmalloc()
supports.

However, let's make sure it doesn't get _too_ easy to do crazy things
with it. In particular, don't allow big allocations that could be due
to integer overflow or underflow. So make sure the allocation size fits
in an 'int', to protect against trivial integer conversion issues.

Acked-by: Willy Tarreau <w@1wt.eu>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

+4
+4
mm/util.c
··· 593 593 if (ret || size <= PAGE_SIZE) 594 594 return ret; 595 595 596 + /* Don't even allow crazy sizes */ 597 + if (WARN_ON_ONCE(size > INT_MAX)) 598 + return NULL; 599 + 596 600 return __vmalloc_node(size, 1, flags, node, 597 601 __builtin_return_address(0)); 598 602 }