From: Alexey Gladkov <legion@kernel.org>
To: Sven Schnelle <svens@linux.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] ucounts: add missing data type changes
Date: Wed, 21 Jul 2021 14:43:01 +0200 [thread overview]
Message-ID: <20210721124301.btbciip4biph2cxd@example.org> (raw)
In-Reply-To: <yt9dtuknaluh.fsf@linux.ibm.com>
On Wed, Jul 21, 2021 at 02:32:38PM +0200, Sven Schnelle wrote:
> Alexey Gladkov <legion@kernel.org> writes:
>
> > On Wed, Jul 21, 2021 at 01:58:00PM +0200, Sven Schnelle wrote:
> >> commit f9c82a4ea89c3 ("Increase size of ucounts to atomic_long_t")
> >> changed the data type of ucounts/ucounts_max to long, but missed to
> >> adjust a few other places. This is noticeable on big endian platforms
> >> from user space because the /proc/sys/user/max_*_names files all
> >> contain 0.
> >
> > I didn't increase them because I didn't want to increase the maximum
> > number of namespaces.
> >
> > Your patch not only fixes the described problem, but also increases the
> > maximum number of namespaces.
> >
> >> Fixes: f9c82a4ea89c ("Increase size of ucounts to atomic_long_t")
> >> Signed-off-by: Sven Schnelle <svens@linux.ibm.com>
> >> ---
> >> fs/notify/fanotify/fanotify_user.c | 11 +++++++----
> >> kernel/ucount.c | 18 ++++++++++--------
> >> kernel/user_namespace.c | 2 +-
> >> 3 files changed, 18 insertions(+), 13 deletions(-)
> >>
> >> diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
> >> index 64864fb40b40..995379ddce86 100644
> >> --- a/fs/notify/fanotify/fanotify_user.c
> >> +++ b/fs/notify/fanotify/fanotify_user.c
> >> @@ -54,22 +54,25 @@ static int fanotify_max_queued_events __read_mostly;
> >>
> >> #include <linux/sysctl.h>
> >>
> >> +static unsigned long long_max = LONG_MAX;
> >
> > I think this should be INT_MAX.
>
> Thanks. I'll change the code to use SYSCTL_INT_MAX instead and send a
> v2.
>
> >> struct ctl_table fanotify_table[] = {
> >> {
> >> .procname = "max_user_groups",
> >> .data = &init_user_ns.ucount_max[UCOUNT_FANOTIFY_GROUPS],
> >> - .maxlen = sizeof(int),
> >> + .maxlen = sizeof(long),
> >> .mode = 0644,
> >> - .proc_handler = proc_dointvec_minmax,
> >> + .proc_handler = proc_doulongvec_minmax,
> >> .extra1 = SYSCTL_ZERO,
> >> + .extra2 = &long_max,
> >> },
> >> {
> >> .procname = "max_user_marks",
> >> .data = &init_user_ns.ucount_max[UCOUNT_FANOTIFY_MARKS],
> >> - .maxlen = sizeof(int),
> >> + .maxlen = sizeof(long),
> >> .mode = 0644,
> >> - .proc_handler = proc_dointvec_minmax,
> >> + .proc_handler = proc_doulongvec_minmax,
> >> .extra1 = SYSCTL_ZERO,
> >> + .extra2 = &long_max,
> >> },
> >> {
> >> .procname = "max_queued_events",
> >> diff --git a/kernel/ucount.c b/kernel/ucount.c
> >> index 87799e2379bd..681ea1b1a06f 100644
> >> --- a/kernel/ucount.c
> >> +++ b/kernel/ucount.c
> >> @@ -58,14 +58,16 @@ static struct ctl_table_root set_root = {
> >> .permissions = set_permissions,
> >> };
> >>
> >> -#define UCOUNT_ENTRY(name) \
> >> - { \
> >> - .procname = name, \
> >> - .maxlen = sizeof(int), \
> >> - .mode = 0644, \
> >> - .proc_handler = proc_dointvec_minmax, \
> >> - .extra1 = SYSCTL_ZERO, \
> >> - .extra2 = SYSCTL_INT_MAX, \
> >> +static unsigned long long_max = LONG_MAX;
> >> +
> >> +#define UCOUNT_ENTRY(name) \
> >> + { \
> >> + .procname = name, \
> >> + .maxlen = sizeof(long), \
> >> + .mode = 0644, \
> >> + .proc_handler = proc_doulongvec_minmax, \
> >> + .extra1 = SYSCTL_ZERO, \
> >> + .extra2 = &long_max, \
> >> }
> >> static struct ctl_table user_table[] = {
> >> UCOUNT_ENTRY("max_user_namespaces"),
> >> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
> >> index ef82d401dde8..d8ad4c261253 100644
> >> --- a/kernel/user_namespace.c
> >> +++ b/kernel/user_namespace.c
> >> @@ -120,7 +120,7 @@ int create_user_ns(struct cred *new)
> >> ns->group = group;
> >> INIT_WORK(&ns->work, free_user_ns);
> >> for (i = 0; i < MAX_PER_NAMESPACE_UCOUNTS; i++) {
> >> - ns->ucount_max[i] = INT_MAX;
> >> + ns->ucount_max[i] = LONG_MAX;
>
> Guess this should also stay at INT_MAX?
Yes.
> >> }
> >> set_rlimit_ucount_max(ns, UCOUNT_RLIMIT_NPROC, rlimit(RLIMIT_NPROC));
> >> set_rlimit_ucount_max(ns, UCOUNT_RLIMIT_MSGQUEUE, rlimit(RLIMIT_MSGQUEUE));
> >> --
> >> 2.25.1
> >>
>
--
Rgrds, legion
prev parent reply other threads:[~2021-07-21 12:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-21 11:58 [PATCH] ucounts: add missing data type changes Sven Schnelle
2021-07-21 12:27 ` Alexey Gladkov
2021-07-21 12:32 ` Sven Schnelle
2021-07-21 12:43 ` Alexey Gladkov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210721124301.btbciip4biph2cxd@example.org \
--to=legion@kernel.org \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=svens@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.