From: Andrew Morton <akpm@linux-foundation.org>
To: Michal Hocko <mhocko@suse.cz>
Cc: CAI Qian <caiqian@redhat.com>, linux-mm <linux-mm@kvack.org>,
Nishanth Aravamudan <nacc@us.ibm.com>
Subject: Re: [RFC] /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_overcommit_hugepages
Date: Wed, 5 Jan 2011 12:59:59 -0800 [thread overview]
Message-ID: <20110105125959.c6e3d90a.akpm@linux-foundation.org> (raw)
In-Reply-To: <20110105084357.GA21349@tiehlicka.suse.cz>
On Wed, 5 Jan 2011 09:43:57 +0100
Michal Hocko <mhocko@suse.cz> wrote:
> ...
>
> proc_doulongvec_minmax may fail if the given buffer doesn't represent
> a valid number. If we provide something invalid we will initialize the
> resulting value (nr_overcommit_huge_pages in this case) to a random
> value from the stack.
>
> The issue was introduced by a3d0c6aa when the default handler has been
> replaced by the helper function where we do not check the return value.
>
> Reproducer:
> echo "" > /proc/sys/vm/nr_overcommit_hugepages
>
> ...
>
> --- a/mm/hugetlb.c
> +++ b/mm/hugetlb.c
> @@ -1928,7 +1928,8 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy,
>
> table->data = &tmp;
> table->maxlen = sizeof(unsigned long);
> - proc_doulongvec_minmax(table, write, buffer, length, ppos);
> + if (proc_doulongvec_minmax(table, write, buffer, length, ppos))
> + return -EINVAL;
proc_doulongvec_minmax() can return -EFAULT or -ENOMEM. It is
incorrect to unconditionally convert those into -EINVAL.
> if (write) {
> NODEMASK_ALLOC(nodemask_t, nodes_allowed,
hm, the code doesn't check that NODEMASK_ALLOC succeeded. That
NODEMASK_ALLOC conversion was quite sloppy.
--- a/mm/hugetlb.c~hugetlb-check-the-return-value-of-string-conversion-in-sysctl-handler-fix
+++ a/mm/hugetlb.c
@@ -1859,14 +1859,16 @@ static int hugetlb_sysctl_handler_common
{
struct hstate *h = &default_hstate;
unsigned long tmp;
+ int ret;
if (!write)
tmp = h->max_huge_pages;
table->data = &tmp;
table->maxlen = sizeof(unsigned long);
- if (proc_doulongvec_minmax(table, write, buffer, length, ppos))
- return -EINVAL;
+ ret = proc_doulongvec_minmax(table, write, buffer, length, ppos);
+ if (ret)
+ goto out;
if (write) {
NODEMASK_ALLOC(nodemask_t, nodes_allowed,
@@ -1881,8 +1883,8 @@ static int hugetlb_sysctl_handler_common
if (nodes_allowed != &node_states[N_HIGH_MEMORY])
NODEMASK_FREE(nodes_allowed);
}
-
- return 0;
+out:
+ return ret;
}
int hugetlb_sysctl_handler(struct ctl_table *table, int write,
@@ -1920,22 +1922,24 @@ int hugetlb_overcommit_handler(struct ct
{
struct hstate *h = &default_hstate;
unsigned long tmp;
+ int ret;
if (!write)
tmp = h->nr_overcommit_huge_pages;
table->data = &tmp;
table->maxlen = sizeof(unsigned long);
- if (proc_doulongvec_minmax(table, write, buffer, length, ppos))
- return -EINVAL;
+ ret = proc_doulongvec_minmax(table, write, buffer, length, ppos);
+ if (ret)
+ goto out;
if (write) {
spin_lock(&hugetlb_lock);
h->nr_overcommit_huge_pages = tmp;
spin_unlock(&hugetlb_lock);
}
-
- return 0;
+out:
+ return ret;
}
#endif /* CONFIG_SYSCTL */
_
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom policy in Canada: sign http://dissolvethecrtc.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2011-01-05 21:00 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1060163918.101411.1293793346203.JavaMail.root@zmail06.collab.prod.int.phx2.redhat.com>
2010-12-31 11:08 ` [RFC] /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_overcommit_hugepages CAI Qian
2011-01-04 9:56 ` Michal Hocko
2011-01-04 10:21 ` CAI Qian
2011-01-04 10:52 ` Michal Hocko
2011-01-05 4:52 ` CAI Qian
2011-01-05 8:43 ` Michal Hocko
2011-01-05 8:54 ` CAI Qian
2011-01-05 9:51 ` Michal Hocko
2011-01-05 15:36 ` CAI Qian
2011-01-05 15:59 ` Michal Hocko
2011-01-05 16:42 ` CAI Qian
2011-01-05 16:44 ` Michal Hocko
2011-01-05 17:00 ` CAI Qian
2011-01-05 20:59 ` Andrew Morton [this message]
2011-01-06 10:04 ` PATCH: hugetlb: handle NODEMASK_ALLOC failure correctly Michal Hocko
2011-01-06 20:38 ` Andrew Morton
2011-01-06 22:23 ` Michal Hocko
2011-01-04 17:21 ` [RFC] /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_overcommit_hugepages Eric B Munson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110105125959.c6e3d90a.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=caiqian@redhat.com \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.cz \
--cc=nacc@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).