From: Wanpeng Li <liwp.linux@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Fengguang Wu <fengguang.wu@intel.com>,
Rob Landley <rob@landley.net>,
Alexander Viro <viro@zeniv.linux.org.uk>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Lucas De Marchi <lucas.demarchi@profusion.mobi>,
Andrew Morton <akpm@linux-foundation.org>,
"David S. Miller" <davem@davemloft.net>, Jan Kara <jack@suse.cz>,
Mel Gorman <mgorman@suse.de>, Minchan Kim <minchan.kim@gmail.com>,
David Howells <dhowells@redhat.com>,
James Morris <james.l.morris@oracle.com>,
Ingo Molnar <mingo@elte.hu>,
Michel Lespinasse <walken@google.com>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
Gavin Shan <shangw@linux.vnet.ibm.com>,
Wanpeng Li <liwp.linux@gmail.com>
Subject: Re: [PATCH v2] remove no longer use of pdflush interface
Date: Wed, 6 Jun 2012 11:21:27 +0800 [thread overview]
Message-ID: <20120606032127.GA11121@kernel> (raw)
In-Reply-To: <20120605152845.8b633881.akpm@linux-foundation.org>
On Tue, Jun 05, 2012 at 03:28:45PM -0700, Andrew Morton wrote:
Hi Andrew,
>I do agree with the intent of the patch and the creation of
>proc_deprecated() seems a good idea - something we can use in the
>future.
Yes, actually I think many interfaces in /proc which will be removed in
the near future can take advantage of this function.
>
>> --- a/kernel/sysctl.c
>> +++ b/kernel/sysctl.c
>> @@ -1095,11 +1095,9 @@ static struct ctl_table vm_table[] = {
>> .extra1 = &zero,
>> },
>> {
>> - .procname = "nr_pdflush_threads",
>> - .data = &nr_pdflush_threads,
>> - .maxlen = sizeof nr_pdflush_threads,
>> - .mode = 0444 /* read-only*/,
>> - .proc_handler = proc_dointvec,
>> + .procname = "nr_pdflush_threads",
>> + .mode = 0444 /* read-only */,
>> + .proc_handler = proc_deprecated,
>> },
>> {
>> .procname = "swappiness",
>> @@ -2505,6 +2503,15 @@ int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
>>
>> #endif /* CONFIG_PROC_SYSCTL */
>>
>> +/* notice associated proc deprecated */
>> +int proc_deprecated(struct ctl_table *table, int write,
>> + void __user *buffer, size_t *lenp, loff_t *ppos)
>> +{
>> + printk(KERN_WARNING "%s exported in /proc is deprecated\n",
>> + table->procname);
>> + return -ENOSYS;
>> +}
>
>I see a couple of things here.
>
>Firstly, I'd change the text from "deprecated" to "is scheduled for
>removal". Which implies that the function should be called
>proc_obsolete().
>
>
>Secondly, this code will permit unprivileged users to flood the logs,
>by repeatedly reading /proc/sys/vm/nr_pdflush_threads. We try to avoid
>this, as it is a form of denial-of-service attack.
>
>This is a bit hard to fix. The typical way of addressing this is to
>use printk_once(), so the message only appears once per boot. But that
>doesn't work for a generic function - we'd need to add one bit of state
>to the ctl_table to do this. We can of course do that, but it's not
>obvious that it's _worth_ doing that just for handling obsolete
>entries.
>
>So perhaps the solution is to give up on the generic proc_obsolete()
>idea, and just add a handler specifically for nr_pdflush_threads, whcih
>uses printk_once().
What about modify the generic proc_obsolete just to put the warning message into
the buffer, then transfer to userspace, in order to users can see this warning.Do
you think this is a better idea?
Regards,
Wanpeng
next prev parent reply other threads:[~2012-06-06 3:21 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-05 9:26 [PATCH v2] remove no longer use of pdflush interface Wanpeng Li
2012-06-05 14:45 ` Gavin Shan
2012-06-06 3:00 ` Wanpeng Li
2012-06-05 22:28 ` Andrew Morton
2012-06-06 3:21 ` Wanpeng Li [this message]
2012-06-06 4:01 ` Andrew Morton
2012-06-06 7:31 ` Boaz Harrosh
2012-06-06 7:36 ` Boaz Harrosh
2012-06-06 7:37 ` Boaz Harrosh
2012-06-06 9:32 ` Wanpeng Li
2012-06-06 10:55 ` Wanpeng Li
2012-06-06 13:26 ` Fengguang Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120606032127.GA11121@kernel \
--to=liwp.linux@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=fengguang.wu@intel.com \
--cc=jack@suse.cz \
--cc=james.l.morris@oracle.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lucas.demarchi@profusion.mobi \
--cc=mgorman@suse.de \
--cc=minchan.kim@gmail.com \
--cc=mingo@elte.hu \
--cc=rob@landley.net \
--cc=shangw@linux.vnet.ibm.com \
--cc=viro@zeniv.linux.org.uk \
--cc=walken@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.