From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: [PATCH] net: Limit socket I/O iovec total length to INT_MAX. Date: Fri, 29 Oct 2010 18:32:58 +0100 Message-ID: <20101029173258.GW19804@ZenIV.linux.org.uk> References: <20101028.112231.232747062.davem@davemloft.net> <1288360820.2092.34.camel@dan> <20101029164532.GV19804@ZenIV.linux.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: David Miller , netdev@vger.kernel.org, jon.maloy@ericsson.com, allan.stephens@windriver.com, Dan Rosenberg To: Linus Torvalds Return-path: Received: from zeniv.linux.org.uk ([195.92.253.2]:50241 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755065Ab0J2RdC (ORCPT ); Fri, 29 Oct 2010 13:33:02 -0400 Content-Disposition: inline In-Reply-To: Sender: netdev-owner@vger.kernel.org List-ID: On Fri, Oct 29, 2010 at 10:01:19AM -0700, Linus Torvalds wrote: > On Fri, Oct 29, 2010 at 9:45 AM, Al Viro wrote: > > > > I don't see anything obviously broken (and we obviously have allowed > > iov_len == 0 cases all along, so if anything, breakage won't be new). > > However, I wonder if things like sendmsg() for datagrams have warranties > > against silent truncation. ?Davem? > > You missed that discussion - my argument is that anybody who thinks > that they can send a single packet that is 2GB+ in size are already > screwed. And the packet protocol will have some inherent upper limit > anyway (possibly introduced by just allocation issues, but quite > likely inherent to the protocol itself) Sure, but... do we want to send something truncated in that case or should we just fail? Note that with your change previously deliberately b0rken iovecs (anything with sum of lengths equal to 1<<31 on 32bit) will get a chance to be accepted *OR* (much more likely) get rejected with unexpected error value. It may well be OK, but I'd like to hear from network folks...