* [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion
@ 2019-02-27 8:10 Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Konstantin Khlebnikov @ 2019-02-27 8:10 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, linux-kernel
Example of unhandled overflows:
# echo 18446744073709651 > cpu.rt_runtime_us
# cat cpu.rt_runtime_us
99
# echo 18446744073709900 > cpu.rt_period_us
# cat cpu.rt_period_us
348
After this patch they will fail with -EINVAL.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
kernel/sched/rt.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
index e4f398ad9e73..aa7ee3a0bf90 100644
--- a/kernel/sched/rt.c
+++ b/kernel/sched/rt.c
@@ -2555,6 +2555,8 @@ int sched_group_set_rt_runtime(struct task_group *tg, long rt_runtime_us)
rt_runtime = (u64)rt_runtime_us * NSEC_PER_USEC;
if (rt_runtime_us < 0)
rt_runtime = RUNTIME_INF;
+ else if ((u64)rt_runtime_us > U64_MAX / NSEC_PER_USEC)
+ return -EINVAL;
return tg_set_rt_bandwidth(tg, rt_period, rt_runtime);
}
@@ -2575,6 +2577,9 @@ int sched_group_set_rt_period(struct task_group *tg, u64 rt_period_us)
{
u64 rt_runtime, rt_period;
+ if (rt_period_us > U64_MAX / NSEC_PER_USEC)
+ return -EINVAL;
+
rt_period = rt_period_us * NSEC_PER_USEC;
rt_runtime = tg->rt_bandwidth.rt_runtime;
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64
2019-02-27 8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
@ 2019-02-27 8:10 ` Konstantin Khlebnikov
2019-04-19 12:16 ` [tip:sched/core] sched/core: Handle " tip-bot for Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
2019-04-19 12:16 ` [tip:sched/core] sched/rt: Check integer " tip-bot for Konstantin Khlebnikov
2 siblings, 1 reply; 6+ messages in thread
From: Konstantin Khlebnikov @ 2019-02-27 8:10 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, linux-kernel
Bit shift in scale_load() could overflow shares. This patch saturates
it to MAX_SHARES like following sched_group_set_shares().
Example:
# echo 9223372036854776832 > cpu.shares
# cat cpu.shares
Before patch: 1024
After pattch: 262144
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
kernel/sched/core.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index d8d76a65cfdd..a626fbd9fdc7 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6502,6 +6502,8 @@ static void cpu_cgroup_attach(struct cgroup_taskset *tset)
static int cpu_shares_write_u64(struct cgroup_subsys_state *css,
struct cftype *cftype, u64 shareval)
{
+ if (shareval > scale_load_down(ULONG_MAX))
+ shareval = MAX_SHARES;
return sched_group_set_shares(css_tg(css), scale_load(shareval));
}
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion
2019-02-27 8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
@ 2019-02-27 8:10 ` Konstantin Khlebnikov
2019-04-19 12:17 ` [tip:sched/core] sched/core: Check " tip-bot for Konstantin Khlebnikov
2019-04-19 12:16 ` [tip:sched/core] sched/rt: Check integer " tip-bot for Konstantin Khlebnikov
2 siblings, 1 reply; 6+ messages in thread
From: Konstantin Khlebnikov @ 2019-02-27 8:10 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, linux-kernel
Large values could overflow u64 and pass following sanity checks.
# echo 18446744073750000 > cpu.cfs_period_us
# cat cpu.cfs_period_us
40448
# echo 18446744073750000 > cpu.cfs_quota_us
# cat cpu.cfs_quota_us
40448
After this patch they will fail with -EINVAL.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
kernel/sched/core.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index a626fbd9fdc7..5f46aa335b28 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6606,8 +6606,10 @@ int tg_set_cfs_quota(struct task_group *tg, long cfs_quota_us)
period = ktime_to_ns(tg->cfs_bandwidth.period);
if (cfs_quota_us < 0)
quota = RUNTIME_INF;
- else
+ else if ((u64)cfs_quota_us <= U64_MAX / NSEC_PER_USEC)
quota = (u64)cfs_quota_us * NSEC_PER_USEC;
+ else
+ return -EINVAL;
return tg_set_cfs_bandwidth(tg, period, quota);
}
@@ -6629,6 +6631,9 @@ int tg_set_cfs_period(struct task_group *tg, long cfs_period_us)
{
u64 quota, period;
+ if ((u64)cfs_period_us > U64_MAX / NSEC_PER_USEC)
+ return -EINVAL;
+
period = (u64)cfs_period_us * NSEC_PER_USEC;
quota = tg->cfs_bandwidth.quota;
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [tip:sched/core] sched/rt: Check integer overflow at usec to nsec conversion
2019-02-27 8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
@ 2019-04-19 12:16 ` tip-bot for Konstantin Khlebnikov
2 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Konstantin Khlebnikov @ 2019-04-19 12:16 UTC (permalink / raw)
To: linux-tip-commits
Cc: peterz, a.p.zijlstra, hpa, linux-kernel, khlebnikov, mingo,
torvalds, tglx
Commit-ID: 1a010e29cfa00fee2888fd2fd4983f848cbafb58
Gitweb: https://git.kernel.org/tip/1a010e29cfa00fee2888fd2fd4983f848cbafb58
Author: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
AuthorDate: Wed, 27 Feb 2019 11:10:17 +0300
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 19 Apr 2019 13:42:09 +0200
sched/rt: Check integer overflow at usec to nsec conversion
Example of unhandled overflows:
# echo 18446744073709651 > cpu.rt_runtime_us
# cat cpu.rt_runtime_us
99
# echo 18446744073709900 > cpu.rt_period_us
# cat cpu.rt_period_us
348
After this patch they will fail with -EINVAL.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/155125501739.293431.5252197504404771496.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
kernel/sched/rt.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
index 90fa23d36565..1e6b909dca36 100644
--- a/kernel/sched/rt.c
+++ b/kernel/sched/rt.c
@@ -2555,6 +2555,8 @@ int sched_group_set_rt_runtime(struct task_group *tg, long rt_runtime_us)
rt_runtime = (u64)rt_runtime_us * NSEC_PER_USEC;
if (rt_runtime_us < 0)
rt_runtime = RUNTIME_INF;
+ else if ((u64)rt_runtime_us > U64_MAX / NSEC_PER_USEC)
+ return -EINVAL;
return tg_set_rt_bandwidth(tg, rt_period, rt_runtime);
}
@@ -2575,6 +2577,9 @@ int sched_group_set_rt_period(struct task_group *tg, u64 rt_period_us)
{
u64 rt_runtime, rt_period;
+ if (rt_period_us > U64_MAX / NSEC_PER_USEC)
+ return -EINVAL;
+
rt_period = rt_period_us * NSEC_PER_USEC;
rt_runtime = tg->rt_bandwidth.rt_runtime;
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [tip:sched/core] sched/core: Handle overflow in cpu_shares_write_u64
2019-02-27 8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
@ 2019-04-19 12:16 ` tip-bot for Konstantin Khlebnikov
0 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Konstantin Khlebnikov @ 2019-04-19 12:16 UTC (permalink / raw)
To: linux-tip-commits
Cc: tglx, a.p.zijlstra, hpa, khlebnikov, peterz, linux-kernel,
torvalds, mingo
Commit-ID: 5b61d50ab4ef590f5e1d4df15cd2cea5f5715308
Gitweb: https://git.kernel.org/tip/5b61d50ab4ef590f5e1d4df15cd2cea5f5715308
Author: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
AuthorDate: Wed, 27 Feb 2019 11:10:18 +0300
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 19 Apr 2019 13:42:10 +0200
sched/core: Handle overflow in cpu_shares_write_u64
Bit shift in scale_load() could overflow shares. This patch saturates
it to MAX_SHARES like following sched_group_set_shares().
Example:
# echo 9223372036854776832 > cpu.shares
# cat cpu.shares
Before patch: 1024
After pattch: 262144
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/155125501891.293431.3345233332801109696.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
kernel/sched/core.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index fb09eaad1d3a..685b1541ce51 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6507,6 +6507,8 @@ static void cpu_cgroup_attach(struct cgroup_taskset *tset)
static int cpu_shares_write_u64(struct cgroup_subsys_state *css,
struct cftype *cftype, u64 shareval)
{
+ if (shareval > scale_load_down(ULONG_MAX))
+ shareval = MAX_SHARES;
return sched_group_set_shares(css_tg(css), scale_load(shareval));
}
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [tip:sched/core] sched/core: Check quota and period overflow at usec to nsec conversion
2019-02-27 8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
@ 2019-04-19 12:17 ` tip-bot for Konstantin Khlebnikov
0 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Konstantin Khlebnikov @ 2019-04-19 12:17 UTC (permalink / raw)
To: linux-tip-commits
Cc: hpa, a.p.zijlstra, peterz, tglx, linux-kernel, mingo, torvalds,
khlebnikov
Commit-ID: 1a8b4540db732ca16c9e43ac7c08b1b8f0b252d8
Gitweb: https://git.kernel.org/tip/1a8b4540db732ca16c9e43ac7c08b1b8f0b252d8
Author: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
AuthorDate: Wed, 27 Feb 2019 11:10:20 +0300
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 19 Apr 2019 13:42:10 +0200
sched/core: Check quota and period overflow at usec to nsec conversion
Large values could overflow u64 and pass following sanity checks.
# echo 18446744073750000 > cpu.cfs_period_us
# cat cpu.cfs_period_us
40448
# echo 18446744073750000 > cpu.cfs_quota_us
# cat cpu.cfs_quota_us
40448
After this patch they will fail with -EINVAL.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/155125502079.293431.3947497929372138600.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
kernel/sched/core.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 685b1541ce51..de8ab411826c 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6611,8 +6611,10 @@ static int tg_set_cfs_quota(struct task_group *tg, long cfs_quota_us)
period = ktime_to_ns(tg->cfs_bandwidth.period);
if (cfs_quota_us < 0)
quota = RUNTIME_INF;
- else
+ else if ((u64)cfs_quota_us <= U64_MAX / NSEC_PER_USEC)
quota = (u64)cfs_quota_us * NSEC_PER_USEC;
+ else
+ return -EINVAL;
return tg_set_cfs_bandwidth(tg, period, quota);
}
@@ -6634,6 +6636,9 @@ static int tg_set_cfs_period(struct task_group *tg, long cfs_period_us)
{
u64 quota, period;
+ if ((u64)cfs_period_us > U64_MAX / NSEC_PER_USEC)
+ return -EINVAL;
+
period = (u64)cfs_period_us * NSEC_PER_USEC;
quota = tg->cfs_bandwidth.quota;
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-04-19 19:04 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-27 8:10 [PATCH 1/3] sched/rt: check integer overflow at usec to nsec conversion Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 2/3] sched/core: handle overflow in cpu_shares_write_u64 Konstantin Khlebnikov
2019-04-19 12:16 ` [tip:sched/core] sched/core: Handle " tip-bot for Konstantin Khlebnikov
2019-02-27 8:10 ` [PATCH 3/3] sched/core: check quota and period overflow at usec to nsec conversion Konstantin Khlebnikov
2019-04-19 12:17 ` [tip:sched/core] sched/core: Check " tip-bot for Konstantin Khlebnikov
2019-04-19 12:16 ` [tip:sched/core] sched/rt: Check integer " tip-bot for Konstantin Khlebnikov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).