From: Jason Wang <jasow...@redhat.com>
Date: Thu, 8 Feb 2018 11:59:25 +0800
> We need limit the maximum size of queue, otherwise it may cause
> several side effects e.g slab will warn when the size exceeds
> KMALLOC_MAX_SIZE. Using KMALLOC_MAX_SIZE still looks too so this patch
> tries to limit it to 64K. This value could be revisited if we found a
> real case that needs more.
>
> Reported-by: syzbot+e4d4f9ddd42955397...@syzkaller.appspotmail.com
> Fixes: 2e0ab8ca83c12 ("ptr_ring: array based FIFO for pointers")
> Signed-off-by: Jason Wang <jasow...@redhat.com>
...
> @@ -466,6 +468,8 @@ static inline int ptr_ring_consume_batched_bh(struct
> ptr_ring *r,
>
> static inline void **__ptr_ring_init_queue_alloc(unsigned int size, gfp_t
> gfp)
> {
> + if (size > PTR_RING_MAX_ALLOC)
> + return NULL;
> return kvmalloc_array(size, sizeof(void *), gfp | __GFP_ZERO);
> }
This doesn't limit the allocation to 64K. It limits it to 64K * sizeof(void *).
