All of lore.kernel.org
 help / color / mirror / Atom feed
From: Joe Lawrence <joe.lawrence@redhat.com>
To: linux-kernel@vger.kernel.org
Cc: Mikulas Patocka <mpatocka@redhat.com>,
	Michael Kerrisk <mtk.manpages@gmail.com>,
	Randy Dunlap <rdunlap@infradead.org>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCH v3 0/4] A few round_pipe_size() and pipe-max-size fixups
Date: Mon, 16 Oct 2017 09:24:26 -0400	[thread overview]
Message-ID: <b2bdb51b-b383-582f-cec1-d818e416d437@redhat.com> (raw)
In-Reply-To: <1507658689-11669-1-git-send-email-joe.lawrence@redhat.com>

On 10/10/2017 02:04 PM, Joe Lawrence wrote:
> While backporting Michael's "pipe: fix limit handling" patchset to a
> distro-kernel, Mikulas noticed that current upstream pipe limit handling
> contains a few problems:
> 
>   1 - procfs signed wrap: echo'ing a large number into
>       /proc/sys/fs/pipe-max-size and then cat'ing it back out shows a
>       negative value.
> 
>   2 - round_pipe_size() nr_pages overflow on 32bit:  this would
>       subsequently try roundup_pow_of_two(0), which is undefined.
> 
>   3 - visible non-rounded pipe-max-size value: there is no mutual
>       exclusion or protection between the time pipe_max_size is assigned
>       a raw value from proc_dointvec_minmax() and when it is rounded.
> 
>   4 - unsigned long -> unsigned int conversion makes for potential odd
>       return errors from do_proc_douintvec_minmax_conv() and
>       do_proc_dopipe_max_size_conv().
> 
> This version underwent the same testing as v1:
> https://marc.info/?l=linux-kernel&m=150643571406022&w=2
> 
> v1 (from rfc):
> 
> - Re-arrange patchset order, push smaller fixes to the front
> - Add a check so that round_pipe_size(size < pipe_min_size) will round
>   up to round_pipe_size(pipe_min_size) as per man page [RD]
> - Add new procfs proc_dopipe_max_size() and helpers to consolidate user
>   space read / type validation / rounding / assignment [MP]
> 
> v2:
>  - Fix !CONFIG_PROC_SYSCTL build case [buildbots]
> 
> v3:
>  - s/proc_dointvec_minmax/proc_dopipe_max_size/ in comment 
>    preceding pipe_proc_fn()
>  - Added a fourth patch to address -ERANGE vs. -EINVAL inconsistencies in
>    do_proc_douintvec_minmax_conv() and do_proc_dopipe_max_size_conv().
> 
> Joe Lawrence (4):
>   pipe: match pipe_max_size data type with procfs
>   pipe: avoid round_pipe_size() nr_pages overflow on 32-bit
>   pipe: add proc_dopipe_max_size() to safely assign pipe_max_size
>   sysctl: check for UINT_MAX before unsigned int min/max
> 
>  fs/pipe.c                 | 23 ++++++++++---------
>  include/linux/pipe_fs_i.h |  1 +
>  include/linux/sysctl.h    |  3 +++
>  kernel/sysctl.c           | 57 ++++++++++++++++++++++++++++++++++++++++++++---
>  4 files changed, 70 insertions(+), 14 deletions(-)
> 

Thanks for the reviews, now who do I need to bug to get this merged into
a tree?  :)

v1:
Reviewed-by: Michael Kerrisk <mtk.manpages@gmail.com>
"Looks good" from Randy Dunlap <rdunlap@infradead.org>

v3:
Reviewed-by: Mikulas Patocka <mpatocka@redhat.com>

-- Joe

      parent reply	other threads:[~2017-10-16 13:24 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-10 18:04 [PATCH v3 0/4] A few round_pipe_size() and pipe-max-size fixups Joe Lawrence
2017-10-10 18:04 ` [PATCH v3 1/4] pipe: match pipe_max_size data type with procfs Joe Lawrence
2017-10-10 18:04 ` [PATCH v3 2/4] pipe: avoid round_pipe_size() nr_pages overflow on 32-bit Joe Lawrence
2017-10-10 18:04 ` [PATCH v3 3/4] pipe: add proc_dopipe_max_size() to safely assign pipe_max_size Joe Lawrence
2017-10-10 18:04 ` [PATCH v3 4/4] sysctl: check for UINT_MAX before unsigned int min/max Joe Lawrence
2017-10-12 14:05 ` [PATCH v3 0/4] A few round_pipe_size() and pipe-max-size fixups Mikulas Patocka
2017-10-16 13:24 ` Joe Lawrence [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b2bdb51b-b383-582f-cec1-d818e416d437@redhat.com \
    --to=joe.lawrence@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mpatocka@redhat.com \
    --cc=mtk.manpages@gmail.com \
    --cc=rdunlap@infradead.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.