All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion
@ 2019-02-27  8:10 Konstantin Khlebnikov
  2019-02-27  8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Konstantin Khlebnikov @ 2019-02-27  8:10 UTC (permalink / raw)
  To: Peter Zijlstra, Ingo Molnar, linux-kernel

Example of unhandled overflows:

# echo 18446744073709651 > cpu.rt_runtime_us
# cat cpu.rt_runtime_us
99

# echo 18446744073709900 > cpu.rt_period_us
# cat cpu.rt_period_us
348

After this patch they will fail with -EINVAL.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
 kernel/sched/rt.c |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
index e4f398ad9e73..aa7ee3a0bf90 100644
--- a/kernel/sched/rt.c
+++ b/kernel/sched/rt.c
@@ -2555,6 +2555,8 @@ int sched_group_set_rt_runtime(struct task_group *tg, long rt_runtime_us)
 	rt_runtime = (u64)rt_runtime_us * NSEC_PER_USEC;
 	if (rt_runtime_us < 0)
 		rt_runtime = RUNTIME_INF;
+	else if ((u64)rt_runtime_us > U64_MAX / NSEC_PER_USEC)
+		return -EINVAL;
 
 	return tg_set_rt_bandwidth(tg, rt_period, rt_runtime);
 }
@@ -2575,6 +2577,9 @@ int sched_group_set_rt_period(struct task_group *tg, u64 rt_period_us)
 {
 	u64 rt_runtime, rt_period;
 
+	if (rt_period_us > U64_MAX / NSEC_PER_USEC)
+		return -EINVAL;
+
 	rt_period = rt_period_us * NSEC_PER_USEC;
 	rt_runtime = tg->rt_bandwidth.rt_runtime;
 


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64
  2019-02-27  8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
@ 2019-02-27  8:10 ` Konstantin Khlebnikov
  2019-04-19 12:16   ` [tip:sched/core] sched/core: Handle " tip-bot for Konstantin Khlebnikov
  2019-02-27  8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
  2019-04-19 12:16 ` [tip:sched/core] sched/rt: Check integer " tip-bot for Konstantin Khlebnikov
  2 siblings, 1 reply; 6+ messages in thread
From: Konstantin Khlebnikov @ 2019-02-27  8:10 UTC (permalink / raw)
  To: Peter Zijlstra, Ingo Molnar, linux-kernel

Bit shift in scale_load() could overflow shares. This patch saturates
it to MAX_SHARES like following sched_group_set_shares().

Example:
# echo 9223372036854776832 > cpu.shares
# cat cpu.shares

Before patch: 1024
After pattch: 262144

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
 kernel/sched/core.c |    2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index d8d76a65cfdd..a626fbd9fdc7 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6502,6 +6502,8 @@ static void cpu_cgroup_attach(struct cgroup_taskset *tset)
 static int cpu_shares_write_u64(struct cgroup_subsys_state *css,
 				struct cftype *cftype, u64 shareval)
 {
+	if (shareval > scale_load_down(ULONG_MAX))
+		shareval = MAX_SHARES;
 	return sched_group_set_shares(css_tg(css), scale_load(shareval));
 }
 


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion
  2019-02-27  8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
  2019-02-27  8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
@ 2019-02-27  8:10 ` Konstantin Khlebnikov
  2019-04-19 12:17   ` [tip:sched/core] sched/core: Check " tip-bot for Konstantin Khlebnikov
  2019-04-19 12:16 ` [tip:sched/core] sched/rt: Check integer " tip-bot for Konstantin Khlebnikov
  2 siblings, 1 reply; 6+ messages in thread
From: Konstantin Khlebnikov @ 2019-02-27  8:10 UTC (permalink / raw)
  To: Peter Zijlstra, Ingo Molnar, linux-kernel

Large values could overflow u64 and pass following sanity checks.

# echo 18446744073750000 > cpu.cfs_period_us
# cat cpu.cfs_period_us
40448

# echo 18446744073750000 > cpu.cfs_quota_us
# cat cpu.cfs_quota_us
40448

After this patch they will fail with -EINVAL.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
 kernel/sched/core.c |    7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index a626fbd9fdc7..5f46aa335b28 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6606,8 +6606,10 @@ int tg_set_cfs_quota(struct task_group *tg, long cfs_quota_us)
 	period = ktime_to_ns(tg->cfs_bandwidth.period);
 	if (cfs_quota_us < 0)
 		quota = RUNTIME_INF;
-	else
+	else if ((u64)cfs_quota_us <= U64_MAX / NSEC_PER_USEC)
 		quota = (u64)cfs_quota_us * NSEC_PER_USEC;
+	else
+		return -EINVAL;
 
 	return tg_set_cfs_bandwidth(tg, period, quota);
 }
@@ -6629,6 +6631,9 @@ int tg_set_cfs_period(struct task_group *tg, long cfs_period_us)
 {
 	u64 quota, period;
 
+	if ((u64)cfs_period_us > U64_MAX / NSEC_PER_USEC)
+		return -EINVAL;
+
 	period = (u64)cfs_period_us * NSEC_PER_USEC;
 	quota = tg->cfs_bandwidth.quota;
 


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:sched/core] sched/rt: Check integer overflow at usec to nsec conversion
  2019-02-27  8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
  2019-02-27  8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
  2019-02-27  8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
@ 2019-04-19 12:16 ` tip-bot for Konstantin Khlebnikov
  2 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Konstantin Khlebnikov @ 2019-04-19 12:16 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: peterz, a.p.zijlstra, hpa, linux-kernel, khlebnikov, mingo,
	torvalds, tglx

Commit-ID:  1a010e29cfa00fee2888fd2fd4983f848cbafb58
Gitweb:     https://git.kernel.org/tip/1a010e29cfa00fee2888fd2fd4983f848cbafb58
Author:     Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
AuthorDate: Wed, 27 Feb 2019 11:10:17 +0300
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 19 Apr 2019 13:42:09 +0200

sched/rt: Check integer overflow at usec to nsec conversion

Example of unhandled overflows:

 # echo 18446744073709651 > cpu.rt_runtime_us
 # cat cpu.rt_runtime_us
 99

 # echo 18446744073709900 > cpu.rt_period_us
 # cat cpu.rt_period_us
 348

After this patch they will fail with -EINVAL.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/155125501739.293431.5252197504404771496.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 kernel/sched/rt.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
index 90fa23d36565..1e6b909dca36 100644
--- a/kernel/sched/rt.c
+++ b/kernel/sched/rt.c
@@ -2555,6 +2555,8 @@ int sched_group_set_rt_runtime(struct task_group *tg, long rt_runtime_us)
 	rt_runtime = (u64)rt_runtime_us * NSEC_PER_USEC;
 	if (rt_runtime_us < 0)
 		rt_runtime = RUNTIME_INF;
+	else if ((u64)rt_runtime_us > U64_MAX / NSEC_PER_USEC)
+		return -EINVAL;
 
 	return tg_set_rt_bandwidth(tg, rt_period, rt_runtime);
 }
@@ -2575,6 +2577,9 @@ int sched_group_set_rt_period(struct task_group *tg, u64 rt_period_us)
 {
 	u64 rt_runtime, rt_period;
 
+	if (rt_period_us > U64_MAX / NSEC_PER_USEC)
+		return -EINVAL;
+
 	rt_period = rt_period_us * NSEC_PER_USEC;
 	rt_runtime = tg->rt_bandwidth.rt_runtime;
 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:sched/core] sched/core: Handle overflow in cpu_shares_write_u64
  2019-02-27  8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
@ 2019-04-19 12:16   ` tip-bot for Konstantin Khlebnikov
  0 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Konstantin Khlebnikov @ 2019-04-19 12:16 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: tglx, a.p.zijlstra, hpa, khlebnikov, peterz, linux-kernel,
	torvalds, mingo

Commit-ID:  5b61d50ab4ef590f5e1d4df15cd2cea5f5715308
Gitweb:     https://git.kernel.org/tip/5b61d50ab4ef590f5e1d4df15cd2cea5f5715308
Author:     Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
AuthorDate: Wed, 27 Feb 2019 11:10:18 +0300
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 19 Apr 2019 13:42:10 +0200

sched/core: Handle overflow in cpu_shares_write_u64

Bit shift in scale_load() could overflow shares. This patch saturates
it to MAX_SHARES like following sched_group_set_shares().

Example:

 # echo 9223372036854776832 > cpu.shares
 # cat cpu.shares

Before patch: 1024
After pattch: 262144

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/155125501891.293431.3345233332801109696.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 kernel/sched/core.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index fb09eaad1d3a..685b1541ce51 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6507,6 +6507,8 @@ static void cpu_cgroup_attach(struct cgroup_taskset *tset)
 static int cpu_shares_write_u64(struct cgroup_subsys_state *css,
 				struct cftype *cftype, u64 shareval)
 {
+	if (shareval > scale_load_down(ULONG_MAX))
+		shareval = MAX_SHARES;
 	return sched_group_set_shares(css_tg(css), scale_load(shareval));
 }
 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:sched/core] sched/core: Check quota and period overflow at usec to nsec conversion
  2019-02-27  8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
@ 2019-04-19 12:17   ` tip-bot for Konstantin Khlebnikov
  0 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Konstantin Khlebnikov @ 2019-04-19 12:17 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: hpa, a.p.zijlstra, peterz, tglx, linux-kernel, mingo, torvalds,
	khlebnikov

Commit-ID:  1a8b4540db732ca16c9e43ac7c08b1b8f0b252d8
Gitweb:     https://git.kernel.org/tip/1a8b4540db732ca16c9e43ac7c08b1b8f0b252d8
Author:     Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
AuthorDate: Wed, 27 Feb 2019 11:10:20 +0300
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 19 Apr 2019 13:42:10 +0200

sched/core: Check quota and period overflow at usec to nsec conversion

Large values could overflow u64 and pass following sanity checks.

 # echo 18446744073750000 > cpu.cfs_period_us
 # cat cpu.cfs_period_us
 40448

 # echo 18446744073750000 > cpu.cfs_quota_us
 # cat cpu.cfs_quota_us
 40448

After this patch they will fail with -EINVAL.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/155125502079.293431.3947497929372138600.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 kernel/sched/core.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 685b1541ce51..de8ab411826c 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6611,8 +6611,10 @@ static int tg_set_cfs_quota(struct task_group *tg, long cfs_quota_us)
 	period = ktime_to_ns(tg->cfs_bandwidth.period);
 	if (cfs_quota_us < 0)
 		quota = RUNTIME_INF;
-	else
+	else if ((u64)cfs_quota_us <= U64_MAX / NSEC_PER_USEC)
 		quota = (u64)cfs_quota_us * NSEC_PER_USEC;
+	else
+		return -EINVAL;
 
 	return tg_set_cfs_bandwidth(tg, period, quota);
 }
@@ -6634,6 +6636,9 @@ static int tg_set_cfs_period(struct task_group *tg, long cfs_period_us)
 {
 	u64 quota, period;
 
+	if ((u64)cfs_period_us > U64_MAX / NSEC_PER_USEC)
+		return -EINVAL;
+
 	period = (u64)cfs_period_us * NSEC_PER_USEC;
 	quota = tg->cfs_bandwidth.quota;
 

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2019-04-19 19:04 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-27  8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
2019-02-27  8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
2019-04-19 12:16   ` [tip:sched/core] sched/core: Handle " tip-bot for Konstantin Khlebnikov
2019-02-27  8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
2019-04-19 12:17   ` [tip:sched/core] sched/core: Check " tip-bot for Konstantin Khlebnikov
2019-04-19 12:16 ` [tip:sched/core] sched/rt: Check integer " tip-bot for Konstantin Khlebnikov

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.