On December 4, 2024 5:56:34 AM GMT+10:00, Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: >On Tue, Dec 03, 2024 at 08:02:26PM +0100, Uladzislau Rezki wrote: > >I think there are a few other things we can try here. > >First, if the copy is small (and I still don't have an answer to that >...), we can skip the vmalloc lookup if the copy doesn't cross a page >boundary. Yeah, this seems a reasonable optimization. >Anyway, NACK to the original patch; that's just a horrible idea. Right, please no debugfs knob. The point is to make sure the check cannot be disabled at runtime and to make the check a no-op. Please use the boot param to disable this check. -Kees -- Kees Cook
