From: Andrew Morton <akpm@linux-foundation.org>
To: Yang Bai <hamo.by@gmail.com>
Cc: cl@linux-foundation.org, penberg@kernel.org, mpm@selenic.com,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] slab: warning if total alloc size overflow
Date: Tue, 14 Feb 2012 00:53:01 -0800 [thread overview]
Message-ID: <20120214005301.a9d5be1a.akpm@linux-foundation.org> (raw)
In-Reply-To: <1329204499-2671-1-git-send-email-hamo.by@gmail.com>
On Tue, 14 Feb 2012 15:28:19 +0800 Yang Bai <hamo.by@gmail.com> wrote:
> Before, if the total alloc size is overflow,
> we just return NULL like alloc fail. But they
> are two different type problems. The former looks
> more like a programming problem. So add a warning
> here.
>
> Signed-off-by: Yang Bai <hamo.by@gmail.com>
> ---
> include/linux/slab.h | 4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 573c809..5865237 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -242,8 +242,10 @@ size_t ksize(const void *);
> */
> static inline void *kcalloc(size_t n, size_t size, gfp_t flags)
> {
> - if (size != 0 && n > ULONG_MAX / size)
> + if (size != 0 && n > ULONG_MAX / size) {
> + WARN(1, "Alloc memory size (%lu * %lu) overflow.", n, size);
> return NULL;
> + }
> return __kmalloc(n * size, flags | __GFP_ZERO);
> }
One of the applications of kcalloc() is to prevent userspace from
causing a multiplicative overflow (and then perhaps causing an
overwrite beyond the end of the allocated memory).
With this patch, we've just handed the user a way of spamming the logs
at 1MHz. This is bad.
Also, please let's not randomly add debug stuff in places where we've
never demonstrated a need for it.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Andrew Morton <akpm@linux-foundation.org>
To: Yang Bai <hamo.by@gmail.com>
Cc: cl@linux-foundation.org, penberg@kernel.org, mpm@selenic.com,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] slab: warning if total alloc size overflow
Date: Tue, 14 Feb 2012 00:53:01 -0800 [thread overview]
Message-ID: <20120214005301.a9d5be1a.akpm@linux-foundation.org> (raw)
In-Reply-To: <1329204499-2671-1-git-send-email-hamo.by@gmail.com>
On Tue, 14 Feb 2012 15:28:19 +0800 Yang Bai <hamo.by@gmail.com> wrote:
> Before, if the total alloc size is overflow,
> we just return NULL like alloc fail. But they
> are two different type problems. The former looks
> more like a programming problem. So add a warning
> here.
>
> Signed-off-by: Yang Bai <hamo.by@gmail.com>
> ---
> include/linux/slab.h | 4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 573c809..5865237 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -242,8 +242,10 @@ size_t ksize(const void *);
> */
> static inline void *kcalloc(size_t n, size_t size, gfp_t flags)
> {
> - if (size != 0 && n > ULONG_MAX / size)
> + if (size != 0 && n > ULONG_MAX / size) {
> + WARN(1, "Alloc memory size (%lu * %lu) overflow.", n, size);
> return NULL;
> + }
> return __kmalloc(n * size, flags | __GFP_ZERO);
> }
One of the applications of kcalloc() is to prevent userspace from
causing a multiplicative overflow (and then perhaps causing an
overwrite beyond the end of the allocated memory).
With this patch, we've just handed the user a way of spamming the logs
at 1MHz. This is bad.
Also, please let's not randomly add debug stuff in places where we've
never demonstrated a need for it.
next prev parent reply other threads:[~2012-02-14 8:52 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-14 7:28 [PATCH] slab: warning if total alloc size overflow Yang Bai
2012-02-14 7:28 ` Yang Bai
2012-02-14 7:31 ` Pekka Enberg
2012-02-14 7:31 ` Pekka Enberg
2012-02-14 7:51 ` Yang Bai
2012-02-14 7:51 ` Yang Bai
2012-02-14 8:10 ` Pekka Enberg
2012-02-14 8:10 ` Pekka Enberg
2012-02-14 15:04 ` Christoph Lameter
2012-02-14 15:04 ` Christoph Lameter
2012-02-14 8:53 ` Andrew Morton [this message]
2012-02-14 8:53 ` Andrew Morton
2012-02-14 9:43 ` Yang Bai
2012-02-14 9:43 ` Yang Bai
2012-02-14 15:07 ` Christoph Lameter
2012-02-14 15:07 ` Christoph Lameter
2012-02-14 15:03 ` Christoph Lameter
2012-02-14 15:03 ` Christoph Lameter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120214005301.a9d5be1a.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=cl@linux-foundation.org \
--cc=hamo.by@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mpm@selenic.com \
--cc=penberg@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.