Linux-Fsdevel Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Josef Bacik <josef@toxicpanda.com>
To: Al Viro <viro@zeniv.linux.org.uk>, Christoph Hellwig <hch@lst.de>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	kernel-team@fb.com, willy@infradead.org
Subject: Re: [PATCH][v2] proc: use vmalloc for our kernel buffer
Date: Thu, 13 Aug 2020 13:19:18 -0400	[thread overview]
Message-ID: <9e4d3860-5829-df6f-aad4-44d07c62535b@toxicpanda.com> (raw)
In-Reply-To: <20200813162002.GX1236603@ZenIV.linux.org.uk>

On 8/13/20 12:20 PM, Al Viro wrote:
> On Thu, Aug 13, 2020 at 05:41:17PM +0200, Christoph Hellwig wrote:
>> On Thu, Aug 13, 2020 at 11:40:00AM -0400, Josef Bacik wrote:
>>> On 8/13/20 11:37 AM, Christoph Hellwig wrote:
>>>> On Thu, Aug 13, 2020 at 11:33:56AM -0400, Josef Bacik wrote:
>>>>> Since
>>>>>
>>>>>     sysctl: pass kernel pointers to ->proc_handler
>>>>>
>>>>> we have been pre-allocating a buffer to copy the data from the proc
>>>>> handlers into, and then copying that to userspace.  The problem is this
>>>>> just blind kmalloc()'s the buffer size passed in from the read, which in
>>>>> the case of our 'cat' binary was 64kib.  Order-4 allocations are not
>>>>> awesome, and since we can potentially allocate up to our maximum order,
>>>>> use vmalloc for these buffers.
>>>>>
>>>>> Fixes: 32927393dc1c ("sysctl: pass kernel pointers to ->proc_handler")
>>>>> Signed-off-by: Josef Bacik <josef@toxicpanda.com>
>>>>> ---
>>>>> v1->v2:
>>>>> - Make vmemdup_user_nul actually do the right thing...sorry about that.
>>>>>
>>>>>    fs/proc/proc_sysctl.c  |  6 +++---
>>>>>    include/linux/string.h |  1 +
>>>>>    mm/util.c              | 27 +++++++++++++++++++++++++++
>>>>>    3 files changed, 31 insertions(+), 3 deletions(-)
>>>>>
>>>>> diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
>>>>> index 6c1166ccdaea..207ac6e6e028 100644
>>>>> --- a/fs/proc/proc_sysctl.c
>>>>> +++ b/fs/proc/proc_sysctl.c
>>>>> @@ -571,13 +571,13 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *ubuf,
>>>>>    		goto out;
>>>>>      	if (write) {
>>>>> -		kbuf = memdup_user_nul(ubuf, count);
>>>>> +		kbuf = vmemdup_user_nul(ubuf, count);
>>>>
>>>> Given that this can also do a kmalloc and thus needs to be paired
>>>> with kvfree shouldn't it be kvmemdup_user_nul?
>>>>
>>>
>>> There's an existing vmemdup_user that does kvmalloc, so I followed the
>>> existing naming convention.  Do you want me to change them both?  Thanks,
>>
>> I personally would, and given that it only has a few users it might
>> even be feasible.
> 
> FWIW, how about following or combining that with "allocate count + 1 bytes on
> the read side"?  Allows some nice cleanups - e.g.
>                  len = sprintf(tmpbuf, "0x%04x", *(unsigned int *) table->data);
>                  if (len > left)
>                          len = left;
>                  memcpy(buffer, tmpbuf, len);
>                  if ((left -= len) > 0) {
>                          *((char *)buffer + len) = '\n';
>                          left--;
>                  }
> in sunrpc proc_dodebug() turns into
> 		left -= snprintf(buffer, left, "0x%04x\n",
> 				 *(unsigned int *) table->data);
> and that's not the only example.
> 

We wouldn't even need the extra +1 part, since we're only copying in how much 
the user wants anyway, we could just go ahead and convert this to

left -= snprintf(buffer, left, "0x%04x\n", *(unsigned int *) table->data);

and be fine, right?  Or am I misunderstanding what you're looking for?  Thanks,

Josef

  reply	other threads:[~2020-08-13 17:19 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-13 14:53 [PATCH] " Josef Bacik
2020-08-13 14:59 ` Matthew Wilcox
2020-08-13 15:08   ` Josef Bacik
2020-08-13 15:33 ` [PATCH][v2] " Josef Bacik
2020-08-13 15:37   ` Christoph Hellwig
2020-08-13 15:40     ` Josef Bacik
2020-08-13 15:41       ` Christoph Hellwig
2020-08-13 16:20         ` Al Viro
2020-08-13 17:19           ` Josef Bacik [this message]
2020-08-13 17:31             ` Al Viro
2020-08-13 17:36               ` Josef Bacik
2020-08-13 21:10             ` David Laight
2020-08-13 21:31               ` Josef Bacik
2020-08-13 16:19 ` [PATCH] " David Laight
2020-08-13 16:21   ` Al Viro
2020-08-13 17:08   ` Josef Bacik

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9e4d3860-5829-df6f-aad4-44d07c62535b@toxicpanda.com \
    --to=josef@toxicpanda.com \
    --cc=hch@lst.de \
    --cc=kernel-team@fb.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    --cc=willy@infradead.org \
    --subject='Re: [PATCH][v2] proc: use vmalloc for our kernel buffer' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).