From: Josh Boyer <jwboyer@gmail.com>
To: Sasha Levin <levinsasha928@gmail.com>
Cc: rusty@rustcorp.com.au, linux-kernel@vger.kernel.org,
Sasha Levin <sasha.levin@oracle.com>,
Tim Abbott <tim.abbott@oracle.com>,
stable@vger.kernel.org
Subject: Re: [PATCH] module: Remove module size limit
Date: Tue, 31 Jan 2012 09:07:06 -0500 [thread overview]
Message-ID: <CA+5PVA5zSjyOj9nbtPQ+cUKnYcdpHZgoD8PRSSF+DEwxJLYHzA@mail.gmail.com> (raw)
In-Reply-To: <1327982842-13898-1-git-send-email-sasha.levin@oracle.com>
On Mon, Jan 30, 2012 at 11:07 PM, Sasha Levin <levinsasha928@gmail.com> wrote:
> Module size was limited to 64MB, this was legacy limitation due to vmalloc()
> which was removed a while ago.
>
> Limiting module size to 64MB is both pointless and affects real world use
> cases.
>
> Cc: Rusty Russell <rusty@rustcorp.com.au>
> Cc: Tim Abbott <tim.abbott@oracle.com>
> Cc: stable@vger.kernel.org
> Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
> ---
> kernel/module.c | 3 +--
> 1 files changed, 1 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/module.c b/kernel/module.c
> index 2c93276..3d56b6f 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -2380,8 +2380,7 @@ static int copy_and_check(struct load_info *info,
> return -ENOEXEC;
>
> /* Suck in entire file: we'll want most of it. */
> - /* vmalloc barfs on "unusual" numbers. Check here */
> - if (len > 64 * 1024 * 1024 || (hdr = vmalloc(len)) == NULL)
> + if ((hdr = vmalloc(len)) == NULL)
> return -ENOMEM;
>
> if (copy_from_user(hdr, umod, len) != 0) {
I could be missing something somewhere, but this is the only upper bounds
check that is in place on the overall module size. If we remove this without
putting some other kind of sanity check, wouldn't it be possible for someone
to exhaust the entire vmalloc space for the kernel by loading a bloated module?
I would think we still want to have some form of upper bounds check to prevent
that, but maybe I'm paranoid.
As an aside, which real world use cases are blocked by having a 64MB limit?
That is already HUGE.
josh
next prev parent reply other threads:[~2012-01-31 14:07 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-31 4:07 [PATCH] module: Remove module size limit Sasha Levin
2012-01-31 4:13 ` Sasha Levin
2012-01-31 14:07 ` Josh Boyer [this message]
2012-01-31 15:27 ` Sasha Levin
2012-02-03 3:41 ` Rusty Russell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+5PVA5zSjyOj9nbtPQ+cUKnYcdpHZgoD8PRSSF+DEwxJLYHzA@mail.gmail.com \
--to=jwboyer@gmail.com \
--cc=levinsasha928@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
--cc=sasha.levin@oracle.com \
--cc=stable@vger.kernel.org \
--cc=tim.abbott@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).