• Sasha Levin's avatar
    pipe: fail cleanly when root tries F_SETPIPE_SZ with big size · 2ccd4f4d
    Sasha Levin authored
    When a user with the CAP_SYS_RESOURCE cap tries to F_SETPIPE_SZ a pipe
    with size bigger than kmalloc() can alloc it spits out an ugly warning:
    
      ------------[ cut here ]------------
      WARNING: at mm/page_alloc.c:2095 __alloc_pages_nodemask+0x5d3/0x7a0()
      Pid: 733, comm: a.out Not tainted 3.2.0-rc1+ #4
      Call Trace:
         warn_slowpath_common+0x75/0xb0
         warn_slowpath_null+0x15/0x20
         __alloc_pages_nodemask+0x5d3/0x7a0
         __get_free_pages+0x12/0x50
         __kmalloc+0x12b/0x150
         pipe_set_size+0x75/0x120
         pipe_fcntl+0xf8/0x140
         do_fcntl+0x2d4/0x410
         sys_fcntl+0x66/0xa0
         system_call_fastpath+0x16/0x1b
      ---[ end trace 432f702e6db7b5ee ]---
    
    Instead, make kcalloc() handle the overflow case and fail quietly.
    
    [akpm@linux-foundation.org: switch to sizeof(*bufs) for 80-column niceness]
    Signed-off-by: default avatarSasha Levin <levinsasha928@gmail.com>
    Cc: Alexander Viro <viro@zeniv.linux.org.uk>
    Acked-by: default avatarPekka Enberg <penberg@kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    2ccd4f4d
pipe.c 28.3 KB