On Wed, 20 Jan 2021 19:34:36 +0900 Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:
> syzbot is reporting that memdup_user_nul() which receives user-controlled
> size (which can be up to (INT_MAX & PAGE_MASK)) via vfs_write() will hit
> order >= MAX_ORDER path [1].
>
> Let's add __GFP_NOWARN to memdup_user_nul() as with commit 6c8fcc096be9d02f
> ("mm: don't let userspace spam allocations warnings"). Also use GFP_USER as
> with commit 6c2c97a24f096e32 ("memdup_user(): switch to GFP_USER").
That commit failed to explain why a switch to GFP_USER was performed,
so that commit isn't a good substitute for an explanation of this
change.
So... please fully describe the reason for this change right here in
this patch's changelog.
