On 06/16/2014 02:09 PM, Borislav Petkov wrote: > > Nah, I don't feel strongly about it - I just don't trust userspace and > think that every value we get from it should be "sanitized". > Borislav and I talked about this briefly over IRC. A key part of that is that if userspace could manipulate this system call to consume an unreasonable amount of memory, we would have a problem, for example if this code used vzalloc() instead of kzalloc(). However, since kmalloc/kzalloc implies a relatively restrictive limit on the memory allocation size anyway, well short of anything that could cause OOM problems, that pretty much solves the problem. -hpa
