linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Waiman Long <longman@redhat.com>
To: "Luis R. Rodriguez" <mcgrof@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Jonathan Corbet <corbet@lwn.net>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	linux-doc@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>,
	Matthew Wilcox <willy@infradead.org>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Takashi Iwai <tiwai@suse.de>, Davidlohr Bueso <dbueso@suse.de>,
	Waiman Long <longman@redhat.com>
Subject: [PATCH v9 0/4] ipc: IPCMNI limit check for *mni & increase that limit
Date: Fri,  7 Sep 2018 16:28:53 -0400	[thread overview]
Message-ID: <1536352137-12003-1-git-send-email-longman@redhat.com> (raw)

v8->v9:
 - Rebased to 4.19-rc2 (changes needed only in patches 3 & 4).
 - Drop patch 5 "ipc: Add a new ipcmni_compat sysctl to fall back to
   old behavior" as this patch may not really be needed.
 - Move 1 byte from sequence number to index in extended mode leading
   to 8M IPCMNI limit in extended mode.
 - Change some macro names to avoid name collision.

v6 patch: https://lkml.org/lkml/2018/4/27/1094
v7 patch: https://lkml.org/lkml/2018/5/7/666
v8 patch: https://lkml.org/lkml/2018/6/18/706

The sysctl parameters msgmni, shmmni and semmni have an inherent limit
of IPC_MNI (32k). However, users may not be aware of that because they
can write a value much higher than that without getting any error or
notification. Reading the parameters back will show the newly written
values which are not real.

The real IPCMNI limit is now enforced to make sure that users won't
put in an unrealistic value. The first 2 patches enforce the limits.

There are also users out there requesting increase in the IPCMNI value.
The last 2 patches attempt to do that by using a boot kernel parameter
"ipcmni_extend" to increase the IPCMNI limit from 32k to 8M if the users
really want the extended value.

Waiman Long (4):
  ipc: IPCMNI limit check for msgmni and shmmni
  ipc: IPCMNI limit check for semmni
  ipc: Allow boot time extension of IPCMNI from 32k to 8M
  ipc: Conserve sequence numbers in extended IPCMNI mode

 Documentation/admin-guide/kernel-parameters.txt |  3 ++
 include/linux/ipc_namespace.h                   |  1 +
 ipc/ipc_sysctl.c                                | 42 ++++++++++++++++++--
 ipc/util.c                                      | 29 +++++++++-----
 ipc/util.h                                      | 51 +++++++++++++++++++++----
 5 files changed, 107 insertions(+), 19 deletions(-)

-- 
1.8.3.1

             reply	other threads:[~2018-09-08  1:11 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-07 20:28 Waiman Long [this message]
2018-09-07 20:28 ` [PATCH v9 1/4] ipc: IPCMNI limit check for msgmni and shmmni Waiman Long
2018-09-07 20:28 ` [PATCH v9 2/4] ipc: IPCMNI limit check for semmni Waiman Long
2018-09-07 20:28 ` [PATCH v9 3/4] ipc: Allow boot time extension of IPCMNI from 32k to 8M Waiman Long
2018-09-07 20:28 ` [PATCH v9 4/4] ipc: Conserve sequence numbers in extended IPCMNI mode Waiman Long

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1536352137-12003-1-git-send-email-longman@redhat.com \
    --to=longman@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=corbet@lwn.net \
    --cc=dbueso@suse.de \
    --cc=ebiederm@xmission.com \
    --cc=keescook@chromium.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mcgrof@kernel.org \
    --cc=tiwai@suse.de \
    --cc=viro@zeniv.linux.org.uk \
    --cc=willy@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).