On Sun, Dec 03, 2017 at 12:16:08PM -0800, Eric Biggers wrote: > Looks like BLKTRACESETUP doesn't limit the '.buf_nr' parameter, allowing anyone > who can open a block device to cause an extremely large kmalloc. Here's a > simplified reproducer: > There are lots of places which allow people to allocate as much as they want. With Syzcaller, you might want to just hard code a __GFP_NOWARN in to disable it. regards, dan carpenter
