On 2021/01/26 3:08, Casey Schaufler wrote: > On 1/24/2021 6:36 AM, Sabyrzhan Tasbolatov wrote: >> syzbot found WARNINGs in several smackfs write operations where >> bytes count is passed to memdup_user_nul which exceeds >> GFP MAX_ORDER. Check count size if bigger SMK_LONGLABEL, >> for smk_write_syslog if bigger than PAGE_SIZE - 1. >> >> Reported-by: [email protected] >> Signed-off-by: Sabyrzhan Tasbolatov <[email protected]> > > Thank you for the patch. Unfortunately, SMK_LONGLABEL isn't > the right value in some of these cases. >
Since it uses sscanf(), I think that whitespaces must be excluded from upper limit check. I'm proposing adding __GFP_NOWARM on the memdup_user_nul() side at https://lkml.kernel.org/r/[email protected] .
