diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2018-05-27 03:10:07 +0300 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2018-05-30 06:20:17 +0300 |
commit | 1da92779e2e8f309d5aecbbed346e7f812b174e8 (patch) | |
tree | ef7385c244e4affbec1e58b4f4cef068a80c6a4e /crypto/blowfish_generic.c | |
parent | 67ba049f94ebe49ed557e590dd243b6db45c9aff (diff) | |
download | linux-1da92779e2e8f309d5aecbbed346e7f812b174e8.tar.xz |
aio: sanitize the limit checking in io_submit(2)
as it is, the logics in native io_submit(2) is "if asked for
more than LONG_MAX/sizeof(pointer) iocbs to submit, don't
bother with more than LONG_MAX/sizeof(pointer)" (i.e.
512M requests on 32bit and 1E requests on 64bit) while
compat io_submit(2) goes with "stop after the first
PAGE_SIZE/sizeof(pointer) iocbs", i.e. 1K or so. Which is
* inconsistent
* *way* too much in native case
* possibly too little in compat one
and
* wrong anyway, since the natural point where we
ought to stop bothering is ctx->nr_events
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'crypto/blowfish_generic.c')
0 files changed, 0 insertions, 0 deletions