linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Miklos Szeredi <miklos@szeredi.hu>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 00/12] vfs patch queue
Date: Thu, 14 May 2020 13:46:06 +0200	[thread overview]
Message-ID: <CAJfpegvg0bXK=1N+GBPs=MYZMU1f2RxJ_0kGKb6z4RKrPrmuqg@mail.gmail.com> (raw)
In-Reply-To: <20200513194850.GY23230@ZenIV.linux.org.uk>

On Wed, May 13, 2020 at 9:48 PM Al Viro <viro@zeniv.linux.org.uk> wrote:
>
> On Wed, May 13, 2020 at 09:47:07AM +0200, Miklos Szeredi wrote:
> > On Tue, May 5, 2020 at 11:59 AM Miklos Szeredi <mszeredi@redhat.com> wrote:
> > >
> > > Hi Al,
> > >
> > > Can you please apply the following patches?
> >
> > Ping?  Could you please have a look at these patches?
> >
> > - /proc/mounts cursor is almost half the total lines changed, and that
> > one was already pretty damn well reviewed by you
> >
> > - unprivileged whiteout one was approved by the security guys
> >
> > - aio fsync one is a real bug, please comment on whether the patch is
> > acceptable or should I work around it in fuse
> >
> > - STATX_MNT_ID extension is a no brainer, the other one may or may not
> > be useful, that's arguable...
> >
> > - the others are not important, but I think useful
> >
> > - and I missed one (faccess2); amending to patch series
>
> I can live with that, modulo couple of trivial nits.  Have you tested the
> /proc/mounts part for what happens if it's opened shitloads of times,
> with each instance lseek'ed a bit forward (all to the same position, that
> is)?  That, in principle, allows an unpriveleged user to pile a lot of list
> entries and cause serious looping under a spinlock...

Hmm, indeed.

Did some testing: a single loop takes on the order of 40ns.  To
trigger the soft lockup detector it would take 20s/40ns=500M cursors.
Each new cursor is added after the existing ones, so inserting 500M
cursors would take 40ns*500M^2/2 = ~158 years.  That's obviously not a
great way to DoS the system.

I understand that 100ms could be a serious problem in some cases, but
even that would take 34 hours to set up.

Is less than that still a worry?   I don't really know how much effort
is needed (if at all) in order to make this a non-issue.

Thanks,
Miklos

  reply	other threads:[~2020-05-14 11:46 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-05  9:59 [PATCH 00/12] vfs patch queue Miklos Szeredi
2020-05-05  9:59 ` [PATCH 01/12] vfs: allow unprivileged whiteout creation Miklos Szeredi
2020-05-13 19:12   ` Al Viro
2020-05-05  9:59 ` [PATCH 02/12] aio: fix async fsync creds Miklos Szeredi
2020-05-13 10:01   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 03/12] proc/mounts: add cursor Miklos Szeredi
2020-05-13 19:33   ` Al Viro
2020-05-05  9:59 ` [PATCH 04/12] utimensat: AT_EMPTY_PATH support Miklos Szeredi
2020-05-13 10:02   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 05/12] f*xattr: allow O_PATH descriptors Miklos Szeredi
2020-05-13 10:04   ` Christoph Hellwig
2020-05-14  8:02     ` Miklos Szeredi
2020-05-14 13:01       ` Miklos Szeredi
2020-05-05  9:59 ` [PATCH 06/12] uapi: deprecate STATX_ALL Miklos Szeredi
2020-05-13 10:04   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 07/12] statx: don't clear STATX_ATIME on SB_RDONLY Miklos Szeredi
2020-05-13 10:04   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 08/12] statx: add mount ID Miklos Szeredi
2020-05-13 10:05   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 09/12] statx: add mount_root Miklos Szeredi
2020-05-05 14:24   ` J . Bruce Fields
2020-05-13 10:05   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 10/12] vfs: don't parse forbidden flags Miklos Szeredi
2020-05-13 10:06   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 11/12] vfs: don't parse "posixacl" option Miklos Szeredi
2020-05-13 10:07   ` Christoph Hellwig
2020-05-05  9:59 ` [PATCH 12/12] vfs: don't parse "silent" option Miklos Szeredi
2020-05-13 10:07   ` Christoph Hellwig
2020-05-13  7:45 ` [13/12 PATCH] vfs: add faccessat2 syscall Miklos Szeredi
2020-05-13 10:09   ` Christoph Hellwig
2020-05-13  7:47 ` [PATCH 00/12] vfs patch queue Miklos Szeredi
2020-05-13 19:48   ` Al Viro
2020-05-14 11:46     ` Miklos Szeredi [this message]
2020-05-14 14:55     ` Miklos Szeredi
2020-05-14 15:10       ` Al Viro

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAJfpegvg0bXK=1N+GBPs=MYZMU1f2RxJ_0kGKb6z4RKrPrmuqg@mail.gmail.com' \
    --to=miklos@szeredi.hu \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).