On Wed, 14 Oct 2020, Kees Cook wrote: > Note on patch 2: Christopher NAKed it, but I actually think this is a > reasonable thing to add -- the "too small" check is only made when built > with CONFIG_DEBUG_VM, so it *is* actually possible for someone to trip > over this directly, even if it would never make it into a released > kernel. I see no reason to just leave this foot-gun in place, though, so > we might as well just fix it too. (Which seems to be what Longman was > similarly supporting, IIUC.) Well then remove the duplication of checks. The NAK was there because it seems that you were not aware of the existing checks. > Anyway, if patch 2 stays NAKed, that's fine. It's entirely separable, > and the other 2 can land. :) Just deal with the old checks too and it will be fine.
