All of lore.kernel.org
 help / color / mirror / Atom feed
From: Andrew Morton <akpm@osdl.org>
To: Ulrich Drepper <drepper@redhat.com>
Cc: linux-kernel@vger.kernel.org, torvalds@osdl.org
Subject: Re: sched_setaffinity usability
Date: Thu, 18 Mar 2004 01:45:17 -0800	[thread overview]
Message-ID: <20040318014517.3cd232c4.akpm@osdl.org> (raw)
In-Reply-To: <40595842.5070708@redhat.com>

Ulrich Drepper <drepper@redhat.com> wrote:
>
>  The sched_setaffinity syscall currently has a usability problem.  The
>  size of cpumask_t is not visible outside the kernel and might change
>  from kernel to kernel.  So, if the user uses a large CPU bitset and
>  passes it to the kernel it is not known at all whether all the bits
>  provided in the bitmap are used.  The kernel simply copies the first
>  bytes, enough to fill in the cpumask_t object and ignores the rest.
> 
>  A simple check for a too large bitset is not good.  Programs which are
>  portable (to different kernels) and future safe should use large bitmap
>  sizes.  Instead the user should only be notified about the size problem
>  if any nonzero bit is ignored.

Perhaps the syscall itself should go look for set bits which are beyond the
current number of physical CPUs and fail the syscall if any are found.

Like this, if it was tested:


diff -puN kernel/sched.c~a kernel/sched.c
--- 25/kernel/sched.c~a	2004-03-18 01:25:29.697217008 -0800
+++ 25-akpm/kernel/sched.c	2004-03-18 01:42:32.312755816 -0800
@@ -2736,13 +2736,39 @@ asmlinkage long sys_sched_setaffinity(pi
 	cpumask_t new_mask;
 	int retval;
 	task_t *p;
+	int remainder;
+	unsigned long __user *up;
 
 	if (len < sizeof(new_mask))
 		return -EINVAL;
 
+	/* Avoid spending stupid amounts of time in the kernel */
+	if (len > 16384)
+		return -EINVAL;
+
 	if (copy_from_user(&new_mask, user_mask_ptr, sizeof(new_mask)))
 		return -EFAULT;
 
+	/*
+	 * Check that the user hasn't asked for any impossible CPUs outside
+	 * sizeof(cpumask_t).  set_cpus_allowed() will check for impossible
+	 * cpus inside sizeof(cpumask_t).
+	 */
+	remainder = len - sizeof(new_mask);	/* bytes */
+	up = user_mask_ptr + 1;
+	while (remainder > 0) {
+		unsigned long u;
+		int nr_bits;
+
+		if (get_user(u, up))
+			return -EFAULT;
+		nr_bits = min((int)sizeof(u), remainder);
+		if (find_next_bit(&u, nr_bits, 0) >= nr_bits)
+			return -EINVAL;
+		remainder -= sizeof(u);
+		up++;
+	}
+
 	read_lock(&tasklist_lock);
 
 	p = find_process_by_pid(pid);

_


  parent reply	other threads:[~2004-03-18  9:48 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-03-18  8:05 sched_setaffinity usability Ulrich Drepper
2004-03-18  8:12 ` Tim Hockin
2004-03-18  8:22   ` Ulrich Drepper
2004-03-18  8:47     ` Ulrich Drepper
2004-03-18  9:45 ` Andrew Morton [this message]
2004-03-18 10:10   ` Andrew Morton
2004-03-18 11:29 ` Ingo Molnar
2004-03-18 12:07   ` Christoph Hellwig
2004-03-18 12:31     ` Ingo Molnar
2004-03-19  8:05       ` Ulrich Drepper
2004-03-18 15:55     ` Linus Torvalds
2004-03-18 18:24       ` Ingo Molnar
2004-03-18 18:33         ` Andrew Morton
2004-03-18 18:39           ` Ingo Molnar
2004-03-18 18:55             ` Ingo Molnar
2004-03-18 20:01             ` Andrea Arcangeli
2004-03-18 20:28               ` Ingo Molnar
2004-03-18 20:49         ` David Lang
2004-03-18 20:57           ` Randy.Dunlap
2004-03-18 21:06           ` Ingo Molnar
2004-03-18 21:07         ` Davide Libenzi
2004-03-18 21:46           ` Ingo Molnar
2004-03-19  1:37             ` Davide Libenzi
2004-03-19  9:02         ` Helge Hafting
2004-03-21  9:51           ` Ingo Molnar
2004-03-19  0:00       ` Paul Jackson
2004-03-18 17:47 ` sched_setaffinity usability -- other issue Chris Friesen
     [not found] <1B0Ls-lY-27@gated-at.bofh.it>
     [not found] ` <1B42z-3Lx-5@gated-at.bofh.it>
     [not found]   ` <1B4Fh-4sQ-3@gated-at.bofh.it>
     [not found]     ` <1B86P-8gq-69@gated-at.bofh.it>
     [not found]       ` <1Bars-2s6-29@gated-at.bofh.it>
     [not found]         ` <1BaKU-2Lg-49@gated-at.bofh.it>
     [not found]           ` <1BaKX-2Lg-61@gated-at.bofh.it>
     [not found]             ` <1BaUR-2V0-41@gated-at.bofh.it>
2004-03-18 21:23               ` sched_setaffinity usability Andi Kleen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040318014517.3cd232c4.akpm@osdl.org \
    --to=akpm@osdl.org \
    --cc=drepper@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=torvalds@osdl.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.