From: Herbert Xu <herbert@gondor.apana.org.au>
To: David Howells <dhowells@redhat.com>
Cc: netdev@vger.kernel.org, "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
David Ahern <dsahern@kernel.org>,
Matthew Wilcox <willy@infradead.org>,
Jens Axboe <axboe@kernel.dk>,
linux-crypto@vger.kernel.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next v2 10/10] crypto: af_alg/hash: Support MSG_SPLICE_PAGES
Date: Tue, 6 Jun 2023 17:30:33 +0800 [thread overview]
Message-ID: <ZH78uQsrUz4fxZmm@gondor.apana.org.au> (raw)
In-Reply-To: <1845449.1686043495@warthog.procyon.org.uk>
On Tue, Jun 06, 2023 at 10:24:55AM +0100, David Howells wrote:
>
> If the iov_iter is a user-backed type (IOVEC or UBUF) then it's not relaxed.
> max_pages is ALG_MAX_PAGES here (actually, I should just move that here so
> that it's clearer).
Even if it's kernel memory they can't be freed during the hashing
operation, which could be long if the amount is large (or the algo
is slow).
The reason for the limit here is to stop a malicious user from
pinning an unlimited amount of memory by doing a hashing operation,
IOW a DoS attack.
So I think we should keep the limit as is.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
next prev parent reply other threads:[~2023-06-06 9:31 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-30 14:16 [PATCH net-next v2 00/10] crypto, splice, net: Make AF_ALG handle sendmsg(MSG_SPLICE_PAGES) David Howells
2023-05-30 14:16 ` [PATCH net-next v2 01/10] Drop the netfs_ prefix from netfs_extract_iter_to_sg() David Howells
2023-06-06 9:00 ` Paolo Abeni
2023-05-30 14:16 ` [PATCH net-next v2 02/10] Fix a couple of spelling mistakes David Howells
2023-05-30 19:55 ` Simon Horman
2023-05-30 14:16 ` [PATCH net-next v2 03/10] Wrap lines at 80 David Howells
2023-05-30 14:16 ` [PATCH net-next v2 04/10] Move netfs_extract_iter_to_sg() to lib/scatterlist.c David Howells
2023-05-30 14:16 ` [PATCH net-next v2 05/10] crypto: af_alg: Pin pages rather than ref'ing if appropriate David Howells
2023-05-30 14:16 ` [PATCH net-next v2 06/10] crypto: af_alg: Use extract_iter_to_sg() to create scatterlists David Howells
2023-05-30 14:16 ` [PATCH net-next v2 07/10] crypto: af_alg: Indent the loop in af_alg_sendmsg() David Howells
2023-05-30 14:16 ` [PATCH net-next v2 08/10] crypto: af_alg: Support MSG_SPLICE_PAGES David Howells
2023-06-01 9:49 ` Paolo Abeni
2023-06-01 11:35 ` David Howells
2023-06-06 8:32 ` Paolo Abeni
2023-05-30 14:16 ` [PATCH net-next v2 09/10] crypto: af_alg: Convert af_alg_sendpage() to use MSG_SPLICE_PAGES David Howells
2023-05-30 14:16 ` [PATCH net-next v2 10/10] crypto: af_alg/hash: Support MSG_SPLICE_PAGES David Howells
2023-06-06 8:43 ` Herbert Xu
2023-06-06 9:24 ` David Howells
2023-06-06 9:30 ` Herbert Xu [this message]
2023-06-06 10:08 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZH78uQsrUz4fxZmm@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=axboe@kernel.dk \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=willemdebruijn.kernel@gmail.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.