* [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores
@ 2019-08-16 2:54 Ming Lei
2019-08-16 3:39 ` Bart Van Assche
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Ming Lei @ 2019-08-16 2:54 UTC (permalink / raw)
To: Jens Axboe; +Cc: linux-block, Ming Lei, stable, Mark Ray, Greg KH
It is reported that sysfs buffer overflow can be triggered in case
of too many CPU cores(>841 on 4K PAGE_SIZE) when showing CPUs in
blk_mq_hw_sysfs_cpus_show().
So use cpumap_print_to_pagebuf() to print the info and fix the potential
buffer overflow issue.
Cc: stable@vger.kernel.org
Cc: Mark Ray <mark.ray@hpe.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Fixes: 676141e48af7("blk-mq: don't dump CPU -> hw queue map on driver load")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
---
block/blk-mq-sysfs.c | 15 +--------------
1 file changed, 1 insertion(+), 14 deletions(-)
diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c
index d6e1a9bd7131..4d0d32377ba3 100644
--- a/block/blk-mq-sysfs.c
+++ b/block/blk-mq-sysfs.c
@@ -166,20 +166,7 @@ static ssize_t blk_mq_hw_sysfs_nr_reserved_tags_show(struct blk_mq_hw_ctx *hctx,
static ssize_t blk_mq_hw_sysfs_cpus_show(struct blk_mq_hw_ctx *hctx, char *page)
{
- unsigned int i, first = 1;
- ssize_t ret = 0;
-
- for_each_cpu(i, hctx->cpumask) {
- if (first)
- ret += sprintf(ret + page, "%u", i);
- else
- ret += sprintf(ret + page, ", %u", i);
-
- first = 0;
- }
-
- ret += sprintf(ret + page, "\n");
- return ret;
+ return cpumap_print_to_pagebuf(true, page, hctx->cpumask);
}
static struct blk_mq_hw_ctx_sysfs_entry blk_mq_hw_sysfs_nr_tags = {
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores
2019-08-16 2:54 [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores Ming Lei
@ 2019-08-16 3:39 ` Bart Van Assche
2019-08-16 4:17 ` Ming Lei
2019-08-16 7:09 ` Greg KH
2019-08-19 6:12 ` Hannes Reinecke
2 siblings, 1 reply; 6+ messages in thread
From: Bart Van Assche @ 2019-08-16 3:39 UTC (permalink / raw)
To: Ming Lei, Jens Axboe; +Cc: linux-block, stable, Mark Ray, Greg KH
On 8/15/19 7:54 PM, Ming Lei wrote:
> It is reported that sysfs buffer overflow can be triggered in case
> of too many CPU cores(>841 on 4K PAGE_SIZE) when showing CPUs in
> blk_mq_hw_sysfs_cpus_show().
>
> So use cpumap_print_to_pagebuf() to print the info and fix the potential
> buffer overflow issue.
>
> Cc: stable@vger.kernel.org
> Cc: Mark Ray <mark.ray@hpe.com>
> Cc: Greg KH <gregkh@linuxfoundation.org>
> Fixes: 676141e48af7("blk-mq: don't dump CPU -> hw queue map on driver load")
> Signed-off-by: Ming Lei <ming.lei@redhat.com>
> ---
> block/blk-mq-sysfs.c | 15 +--------------
> 1 file changed, 1 insertion(+), 14 deletions(-)
>
> diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c
> index d6e1a9bd7131..4d0d32377ba3 100644
> --- a/block/blk-mq-sysfs.c
> +++ b/block/blk-mq-sysfs.c
> @@ -166,20 +166,7 @@ static ssize_t blk_mq_hw_sysfs_nr_reserved_tags_show(struct blk_mq_hw_ctx *hctx,
>
> static ssize_t blk_mq_hw_sysfs_cpus_show(struct blk_mq_hw_ctx *hctx, char *page)
> {
> - unsigned int i, first = 1;
> - ssize_t ret = 0;
> -
> - for_each_cpu(i, hctx->cpumask) {
> - if (first)
> - ret += sprintf(ret + page, "%u", i);
> - else
> - ret += sprintf(ret + page, ", %u", i);
> -
> - first = 0;
> - }
> -
> - ret += sprintf(ret + page, "\n");
> - return ret;
> + return cpumap_print_to_pagebuf(true, page, hctx->cpumask);
> }
>
> static struct blk_mq_hw_ctx_sysfs_entry blk_mq_hw_sysfs_nr_tags = {
Although this patch looks fine to me, shouldn't this attribute be
documented under Documentation/ABI/?
Thanks,
Bart.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores
2019-08-16 3:39 ` Bart Van Assche
@ 2019-08-16 4:17 ` Ming Lei
2019-08-16 7:09 ` Greg KH
0 siblings, 1 reply; 6+ messages in thread
From: Ming Lei @ 2019-08-16 4:17 UTC (permalink / raw)
To: Bart Van Assche
Cc: Ming Lei, Jens Axboe, linux-block, stable, Mark Ray, Greg KH
On Fri, Aug 16, 2019 at 11:42 AM Bart Van Assche <bvanassche@acm.org> wrote:
>
> On 8/15/19 7:54 PM, Ming Lei wrote:
> > It is reported that sysfs buffer overflow can be triggered in case
> > of too many CPU cores(>841 on 4K PAGE_SIZE) when showing CPUs in
> > blk_mq_hw_sysfs_cpus_show().
> >
> > So use cpumap_print_to_pagebuf() to print the info and fix the potential
> > buffer overflow issue.
> >
> > Cc: stable@vger.kernel.org
> > Cc: Mark Ray <mark.ray@hpe.com>
> > Cc: Greg KH <gregkh@linuxfoundation.org>
> > Fixes: 676141e48af7("blk-mq: don't dump CPU -> hw queue map on driver load")
> > Signed-off-by: Ming Lei <ming.lei@redhat.com>
> > ---
> > block/blk-mq-sysfs.c | 15 +--------------
> > 1 file changed, 1 insertion(+), 14 deletions(-)
> >
> > diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c
> > index d6e1a9bd7131..4d0d32377ba3 100644
> > --- a/block/blk-mq-sysfs.c
> > +++ b/block/blk-mq-sysfs.c
> > @@ -166,20 +166,7 @@ static ssize_t blk_mq_hw_sysfs_nr_reserved_tags_show(struct blk_mq_hw_ctx *hctx,
> >
> > static ssize_t blk_mq_hw_sysfs_cpus_show(struct blk_mq_hw_ctx *hctx, char *page)
> > {
> > - unsigned int i, first = 1;
> > - ssize_t ret = 0;
> > -
> > - for_each_cpu(i, hctx->cpumask) {
> > - if (first)
> > - ret += sprintf(ret + page, "%u", i);
> > - else
> > - ret += sprintf(ret + page, ", %u", i);
> > -
> > - first = 0;
> > - }
> > -
> > - ret += sprintf(ret + page, "\n");
> > - return ret;
> > + return cpumap_print_to_pagebuf(true, page, hctx->cpumask);
> > }
> >
> > static struct blk_mq_hw_ctx_sysfs_entry blk_mq_hw_sysfs_nr_tags = {
>
> Although this patch looks fine to me, shouldn't this attribute be
> documented under Documentation/ABI/?
That is another problem, not closely related with this buffer-overflow issue.
I suggest to fix the buffer overflow first, which is triggered from userspace.
Thanks,
Ming Lei
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores
2019-08-16 4:17 ` Ming Lei
@ 2019-08-16 7:09 ` Greg KH
0 siblings, 0 replies; 6+ messages in thread
From: Greg KH @ 2019-08-16 7:09 UTC (permalink / raw)
To: Ming Lei
Cc: Bart Van Assche, Ming Lei, Jens Axboe, linux-block, stable, Mark Ray
On Fri, Aug 16, 2019 at 12:17:31PM +0800, Ming Lei wrote:
> On Fri, Aug 16, 2019 at 11:42 AM Bart Van Assche <bvanassche@acm.org> wrote:
> >
> > On 8/15/19 7:54 PM, Ming Lei wrote:
> > > It is reported that sysfs buffer overflow can be triggered in case
> > > of too many CPU cores(>841 on 4K PAGE_SIZE) when showing CPUs in
> > > blk_mq_hw_sysfs_cpus_show().
> > >
> > > So use cpumap_print_to_pagebuf() to print the info and fix the potential
> > > buffer overflow issue.
> > >
> > > Cc: stable@vger.kernel.org
> > > Cc: Mark Ray <mark.ray@hpe.com>
> > > Cc: Greg KH <gregkh@linuxfoundation.org>
> > > Fixes: 676141e48af7("blk-mq: don't dump CPU -> hw queue map on driver load")
> > > Signed-off-by: Ming Lei <ming.lei@redhat.com>
> > > ---
> > > block/blk-mq-sysfs.c | 15 +--------------
> > > 1 file changed, 1 insertion(+), 14 deletions(-)
> > >
> > > diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c
> > > index d6e1a9bd7131..4d0d32377ba3 100644
> > > --- a/block/blk-mq-sysfs.c
> > > +++ b/block/blk-mq-sysfs.c
> > > @@ -166,20 +166,7 @@ static ssize_t blk_mq_hw_sysfs_nr_reserved_tags_show(struct blk_mq_hw_ctx *hctx,
> > >
> > > static ssize_t blk_mq_hw_sysfs_cpus_show(struct blk_mq_hw_ctx *hctx, char *page)
> > > {
> > > - unsigned int i, first = 1;
> > > - ssize_t ret = 0;
> > > -
> > > - for_each_cpu(i, hctx->cpumask) {
> > > - if (first)
> > > - ret += sprintf(ret + page, "%u", i);
> > > - else
> > > - ret += sprintf(ret + page, ", %u", i);
> > > -
> > > - first = 0;
> > > - }
> > > -
> > > - ret += sprintf(ret + page, "\n");
> > > - return ret;
> > > + return cpumap_print_to_pagebuf(true, page, hctx->cpumask);
> > > }
> > >
> > > static struct blk_mq_hw_ctx_sysfs_entry blk_mq_hw_sysfs_nr_tags = {
> >
> > Although this patch looks fine to me, shouldn't this attribute be
> > documented under Documentation/ABI/?
>
> That is another problem, not closely related with this buffer-overflow issue.
>
> I suggest to fix the buffer overflow first, which is triggered from userspace.
I suggest you just delete this whole sysfs attribute, which will solve
the buffer overflow, as no one should be using it and it is incorrect to
have.
thanks,
greg k-h
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores
2019-08-16 2:54 [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores Ming Lei
2019-08-16 3:39 ` Bart Van Assche
@ 2019-08-16 7:09 ` Greg KH
2019-08-19 6:12 ` Hannes Reinecke
2 siblings, 0 replies; 6+ messages in thread
From: Greg KH @ 2019-08-16 7:09 UTC (permalink / raw)
To: Ming Lei; +Cc: Jens Axboe, linux-block, stable, Mark Ray
On Fri, Aug 16, 2019 at 10:54:17AM +0800, Ming Lei wrote:
> It is reported that sysfs buffer overflow can be triggered in case
> of too many CPU cores(>841 on 4K PAGE_SIZE) when showing CPUs in
> blk_mq_hw_sysfs_cpus_show().
>
> So use cpumap_print_to_pagebuf() to print the info and fix the potential
> buffer overflow issue.
>
> Cc: stable@vger.kernel.org
> Cc: Mark Ray <mark.ray@hpe.com>
> Cc: Greg KH <gregkh@linuxfoundation.org>
> Fixes: 676141e48af7("blk-mq: don't dump CPU -> hw queue map on driver load")
> Signed-off-by: Ming Lei <ming.lei@redhat.com>
> ---
> block/blk-mq-sysfs.c | 15 +--------------
> 1 file changed, 1 insertion(+), 14 deletions(-)
No list of what changed from v1 under here?
Anyway, no, just delete the attribute please.
thanks,
greg k-h
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores
2019-08-16 2:54 [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores Ming Lei
2019-08-16 3:39 ` Bart Van Assche
2019-08-16 7:09 ` Greg KH
@ 2019-08-19 6:12 ` Hannes Reinecke
2 siblings, 0 replies; 6+ messages in thread
From: Hannes Reinecke @ 2019-08-19 6:12 UTC (permalink / raw)
To: Ming Lei, Jens Axboe; +Cc: linux-block, stable, Mark Ray, Greg KH
On 8/16/19 4:54 AM, Ming Lei wrote:
> It is reported that sysfs buffer overflow can be triggered in case
> of too many CPU cores(>841 on 4K PAGE_SIZE) when showing CPUs in
> blk_mq_hw_sysfs_cpus_show().
>
> So use cpumap_print_to_pagebuf() to print the info and fix the potential
> buffer overflow issue.
>
> Cc: stable@vger.kernel.org
> Cc: Mark Ray <mark.ray@hpe.com>
> Cc: Greg KH <gregkh@linuxfoundation.org>
> Fixes: 676141e48af7("blk-mq: don't dump CPU -> hw queue map on driver load")
> Signed-off-by: Ming Lei <ming.lei@redhat.com>
> ---
> block/blk-mq-sysfs.c | 15 +--------------
> 1 file changed, 1 insertion(+), 14 deletions(-)
>
> diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c
> index d6e1a9bd7131..4d0d32377ba3 100644
> --- a/block/blk-mq-sysfs.c
> +++ b/block/blk-mq-sysfs.c
> @@ -166,20 +166,7 @@ static ssize_t blk_mq_hw_sysfs_nr_reserved_tags_show(struct blk_mq_hw_ctx *hctx,
>
> static ssize_t blk_mq_hw_sysfs_cpus_show(struct blk_mq_hw_ctx *hctx, char *page)
> {
> - unsigned int i, first = 1;
> - ssize_t ret = 0;
> -
> - for_each_cpu(i, hctx->cpumask) {
> - if (first)
> - ret += sprintf(ret + page, "%u", i);
> - else
> - ret += sprintf(ret + page, ", %u", i);
> -
> - first = 0;
> - }
> -
> - ret += sprintf(ret + page, "\n");
> - return ret;
> + return cpumap_print_to_pagebuf(true, page, hctx->cpumask);
> }
>
> static struct blk_mq_hw_ctx_sysfs_entry blk_mq_hw_sysfs_nr_tags = {
>
Reviewed-by: Hannes Reinecke <hare@suse.com>
And maybe you should send a update to the kABI documentation to keep
Greg KH happy :-)
Cheers,
Hannes
--
Dr. Hannes Reinecke Teamlead Storage & Networking
hare@suse.de +49 911 74053 688
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah
HRB 21284 (AG Nürnberg)
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-08-19 6:12 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-16 2:54 [PATCH V2] blk-mq: avoid sysfs buffer overflow by too many CPU cores Ming Lei
2019-08-16 3:39 ` Bart Van Assche
2019-08-16 4:17 ` Ming Lei
2019-08-16 7:09 ` Greg KH
2019-08-16 7:09 ` Greg KH
2019-08-19 6:12 ` Hannes Reinecke
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).