[PATCH 07/13] kexec: Implementation of new syscall kexec_file_load
H. Peter Anvin
hpa at zytor.com
Mon Jun 16 14:25:07 PDT 2014
On 06/16/2014 02:09 PM, Borislav Petkov wrote:
> Nah, I don't feel strongly about it - I just don't trust userspace and
> think that every value we get from it should be "sanitized".
Borislav and I talked about this briefly over IRC. A key part of that
is that if userspace could manipulate this system call to consume an
unreasonable amount of memory, we would have a problem, for example if
this code used vzalloc() instead of kzalloc(). However, since
kmalloc/kzalloc implies a relatively restrictive limit on the memory
allocation size anyway, well short of anything that could cause OOM
problems, that pretty much solves the problem.
More information about the kexec