From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751954AbcFNXQC (ORCPT <rfc822;w@1wt.eu>);
	Tue, 14 Jun 2016 19:16:02 -0400
Received: from thejh.net ([37.221.195.125]:54573 "EHLO thejh.net"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751339AbcFNXQA (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 14 Jun 2016 19:16:00 -0400
Date: Wed, 15 Jun 2016 01:15:54 +0200
From: Jann Horn <jann@thejh.net>
To: Topi Miettinen <toiwoton@gmail.com>
Cc: linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Kees Cook <keescook@chromium.org>, Al Viro <viro@zeniv.linux.org.uk>,
        Alexey Dobriyan <adobriyan@gmail.com>,
        John Stultz <john.stultz@linaro.org>,
        Janis Danisevskis <jdanis@google.com>,
        Calvin Owens <calvinowens@fb.com>, Tejun Heo <tj@kernel.org>,
        Michal Hocko <mhocko@suse.com>, Oleg Nesterov <oleg@redhat.com>,
        Vladimir Davydov <vdavydov@virtuozzo.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Josh Triplett <josh@joshtriplett.org>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Aleksa Sarai <cyphar@cyphar.com>,
        Cyrill Gorcunov <gorcunov@openvz.org>, Ben Segall <bsegall@google.com>,
        Mateusz Guzik <mguzik@redhat.com>
Subject: Re: [RFC 11/18] limits: track and present RLIMIT_NPROC actual max
Message-ID: <20160614231554.GA18261@pc.thejh.net>
References: <1465847065-3577-1-git-send-email-toiwoton@gmail.com>
 <1465847065-3577-12-git-send-email-toiwoton@gmail.com>
 <20160613222719.GA3397@pc.thejh.net>
 <3eb3040e-8f73-60d3-f9bf-0c9eaf9ffce1@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="9amGYk9869ThD9tj"
Content-Disposition: inline
In-Reply-To: <3eb3040e-8f73-60d3-f9bf-0c9eaf9ffce1@gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


--9amGYk9869ThD9tj
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 14, 2016 at 03:40:35PM +0000, Topi Miettinen wrote:
> On 06/13/16 22:27, Jann Horn wrote:
> > On Mon, Jun 13, 2016 at 10:44:18PM +0300, Topi Miettinen wrote:
> >> Track maximum number of processes per user and present it
> >> in /proc/self/limits.
> >>
> >> Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
> >> ---
> >>  fs/proc/base.c        | 4 ++++
> >>  include/linux/sched.h | 1 +
> >>  kernel/fork.c         | 5 +++++
> >>  kernel/sys.c          | 5 +++++
> >>  4 files changed, 15 insertions(+)
> >>
> >> diff --git a/fs/proc/base.c b/fs/proc/base.c
> >> index 1df4fc8..02576c6 100644
> >> --- a/fs/proc/base.c
> >> +++ b/fs/proc/base.c
> >> @@ -670,6 +670,10 @@ static int proc_pid_limits(struct seq_file *m, st=
ruct pid_namespace *ns,
> >>  				seq_printf(m, "%-20lu\n", psecs);
> >>  			}
> >>  			break;
> >> +		case RLIMIT_NPROC:
> >> +			seq_printf(m, "%-20d\n",
> >> +				   atomic_read(&task->real_cred->user->max_processes));
> >=20
> > Don't you have to take an RCU read lock before dereferencing task->real=
_cred?
>=20
> In other comments in the series, cmpxchg loop was suggested, would that
> work here?

What would a cmpxchg loop have to do with missing RCU locking?

> > And shouldn't this be done with __task_cred(task) instead of task->real=
_cred?
>=20
> How about atomic_read(task_cred_xxx(task, user)->max_processes)?

No. You'd still end up dereferencing max_processes in the user_struct witho=
ut
any guarantee that it hasn't been freed. I think the code should look this =
way:

    case RLIMIT_NPROC:
        rcu_read_lock();
        seq_printf(m, "%-20d\n",
            atomic_read(&__task_cred(task)->user->max_processes));
        rcu_read_unlock();
        break;

--9amGYk9869ThD9tj
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJXYJAqAAoJED4KNFJOeCOoCtYP/2tFfSkJ8GvE+NSFbXvuQwYl
KbWPhHWZCZHtQ00zNM+AoNhPSzLw8DxKreMuk6h3keU5OchrkiyhNxA4WC1y3qiZ
WFFws/TSnRU7xgKY3LOHw23oSdoNqiCUQX8rdWgqMNL7zVYusAuGDkj01Lq64Bpi
DQHG/3dufLe9I63rsomjLR1L1UHqXgQjNChkylAlX4fC3TmEeIvpLGiMT8eNf0e7
Pr+bSNiIc4ZH+zbsdG/IkuCqcy05qfS7QMU/GbepPyZQXjnVvGLW07hihjsYnkcz
HRmFht+Lp77Gi75in6U2vPkJlY+idIqqzJ9an+Qk2rewCKBzEQiEi5Sp4CuJdwK6
6FEckkVRRR6Zbg5wXHDR1cQpiQ6CQ8eExniVMeB6Za2z1XAZArhz2YuwvJHqwhc0
Hoe71how4wP3rh1f3UurA+tz4Sa5T6m+W8BF7W1bOB86JT2KhflFNIZKiOgqBPXX
JZb9ACaoph8puHMxdLH8llDvV6h6nhaGR2lerXvHfygyLIPcJdd2u528jitHxk6M
6PyehMXh67tr7bD807dVDt9p58XSh7TnVxPBDJBAlDnZzU/8VAhCAP6l+TmL7sdD
JMYsmr9ZtWx/dnhjaXtlN2HDhUUw5U4YMhH4ER+b4SL3yxMAqPIcfT0x/uRFO2hw
nGQjYx9OSJPvdXWK27wA
=IVij
-----END PGP SIGNATURE-----

--9amGYk9869ThD9tj--