linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] aio: Fix type of iterator variable in do_io_submit()
@ 2014-04-22 22:57 Eric Biggers
  2014-04-23 14:16 ` Matthew Wilcox
  0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2014-04-22 22:57 UTC (permalink / raw)
  To: viro; +Cc: bcrl, linux-fsdevel, linux-aio, linux-kernel, Eric Biggers

do_io_submit() iterated over the userspace iocb structure pointers using
a variable i of type 'int'.  This was wrong since 'nr', the number of
iocb structure pointers, could potentially be up to LONG_MAX /
sizeof(struct iocb *).  Fix it (and also remove the unnecessary
initialization to 0).

Signed-off-by: Eric Biggers <ebiggers3@gmail.com>
---
 fs/aio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/aio.c b/fs/aio.c
index 12a3de0e..4c96af7 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1441,7 +1441,7 @@ long do_io_submit(aio_context_t ctx_id, long nr,
 {
 	struct kioctx *ctx;
 	long ret = 0;
-	int i = 0;
+	long i;
 	struct blk_plug plug;
 
 	if (unlikely(nr < 0))
-- 
1.9.2


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] aio: Fix type of iterator variable in do_io_submit()
  2014-04-22 22:57 [PATCH] aio: Fix type of iterator variable in do_io_submit() Eric Biggers
@ 2014-04-23 14:16 ` Matthew Wilcox
  2014-04-23 14:42   ` Benjamin LaHaise
  0 siblings, 1 reply; 4+ messages in thread
From: Matthew Wilcox @ 2014-04-23 14:16 UTC (permalink / raw)
  To: Eric Biggers; +Cc: viro, bcrl, linux-fsdevel, linux-aio, linux-kernel

On Tue, Apr 22, 2014 at 05:57:03PM -0500, Eric Biggers wrote:
> do_io_submit() iterated over the userspace iocb structure pointers using
> a variable i of type 'int'.  This was wrong since 'nr', the number of
> iocb structure pointers, could potentially be up to LONG_MAX /
> sizeof(struct iocb *).  Fix it (and also remove the unnecessary
> initialization to 0).

You're not wrong, but do we *really* want users to be able to submit
144115188075855872 I/Os with a single system call?  How about limiting
them to a single billion?  Given that they have to allocate 64GB of
*control* data structures to submit this many I/Os, I think this will
be sufficient for many years to come.

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] aio: Fix type of iterator variable in do_io_submit()
  2014-04-23 14:16 ` Matthew Wilcox
@ 2014-04-23 14:42   ` Benjamin LaHaise
  2014-04-23 15:24     ` Eric Biggers
  0 siblings, 1 reply; 4+ messages in thread
From: Benjamin LaHaise @ 2014-04-23 14:42 UTC (permalink / raw)
  To: Matthew Wilcox; +Cc: Eric Biggers, viro, linux-fsdevel, linux-aio, linux-kernel

On Wed, Apr 23, 2014 at 10:16:17AM -0400, Matthew Wilcox wrote:
> On Tue, Apr 22, 2014 at 05:57:03PM -0500, Eric Biggers wrote:
> > do_io_submit() iterated over the userspace iocb structure pointers using
> > a variable i of type 'int'.  This was wrong since 'nr', the number of
> > iocb structure pointers, could potentially be up to LONG_MAX /
> > sizeof(struct iocb *).  Fix it (and also remove the unnecessary
> > initialization to 0).
> 
> You're not wrong, but do we *really* want users to be able to submit
> 144115188075855872 I/Os with a single system call?  How about limiting
> them to a single billion?  Given that they have to allocate 64GB of
> *control* data structures to submit this many I/Os, I think this will
> be sufficient for many years to come.

Practically speaking, this change has no effect.  The io_submit() syscall 
will exit far before we even hit INT_MAX because of the limits on the 
number of iocbs.

		-ben
-- 
"Thought is the essence of where you are now."

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] aio: Fix type of iterator variable in do_io_submit()
  2014-04-23 14:42   ` Benjamin LaHaise
@ 2014-04-23 15:24     ` Eric Biggers
  0 siblings, 0 replies; 4+ messages in thread
From: Eric Biggers @ 2014-04-23 15:24 UTC (permalink / raw)
  To: Benjamin LaHaise
  Cc: Matthew Wilcox, viro, linux-fsdevel, linux-aio, linux-kernel

On Wed, Apr 23, 2014 at 10:42:37AM -0400, Benjamin LaHaise wrote:
> Practically speaking, this change has no effect.  The io_submit() syscall 
> will exit far before we even hit INT_MAX because of the limits on the 
> number of iocbs.

Yes it looks like it doesn't actually make a difference due to the default
'aio-max-nr' limit of 1048576 (although you actually can submit just over twice
this many).  In my opinion this change should still be made so that the
correctness of the code doesn't rely on that nonlocal assumption, however.
And/or the explicit limit of (LONG_MAX / sizeof(struct iocb *)) elements could
be changed to something lower, as Matthew suggested.

Eric

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-04-23 15:25 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-04-22 22:57 [PATCH] aio: Fix type of iterator variable in do_io_submit() Eric Biggers
2014-04-23 14:16 ` Matthew Wilcox
2014-04-23 14:42   ` Benjamin LaHaise
2014-04-23 15:24     ` Eric Biggers

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).