From nobody Fri Dec 19 12:13:20 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 193A1CA0FE4 for ; Fri, 1 Sep 2023 15:43:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240430AbjIAPnf (ORCPT ); Fri, 1 Sep 2023 11:43:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38356 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232257AbjIAPne (ORCPT ); Fri, 1 Sep 2023 11:43:34 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B16CDAC for ; Fri, 1 Sep 2023 08:43:30 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 49F222185C; Fri, 1 Sep 2023 15:43:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1693583008; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=X22Y+6WPb42oCP5h0wWLFGV3a8KruDFVfrKrZX+kvrI=; b=j2w7idNvpsdasC8k9o4UjWYg0GmmwLGvJn3L+KECAZXvwhHbKrJH9kwAhFAGTf5Ejr4YmS d0ylgnUNDvU80KXCiO7QsZUbnS6ujoT4aJO1/OSb0Yt70rk/4tDsEHAeQC3zgZkSbVJSPq 84XtCzXmnjhtX32qlNqzFs5ljkB18pY= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1693583008; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=X22Y+6WPb42oCP5h0wWLFGV3a8KruDFVfrKrZX+kvrI=; b=ARYPH/QxTzimqqGZhj0glQTXxC3DTZpRcQS0a5O2P27QT89b2Cf+kwRftiLSZUcuaDmDhw 7foatph2F0wwylDg== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 2701D13582; Fri, 1 Sep 2023 15:43:28 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id 51FqCKAG8mQuBwAAMHmgww (envelope-from ); Fri, 01 Sep 2023 15:43:28 +0000 From: Cyril Hrubis To: Ingo Molnar , Peter Zijlstra , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Ben Segall , Mel Gorman , Daniel Bristot de Oliveira , Valentin Schneider , linux-kernel@vger.kernel.org Cc: ltp@lists.linux.it, Cyril Hrubis Subject: [PATCH] sched/rt: Disallow writing invalid values to sched_rt_period_us Date: Fri, 1 Sep 2023 17:43:55 +0200 Message-ID: <20230901154355.5351-1-chrubis@suse.cz> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" The validation of the value written to sched_rt_period_us was broken because: - the sysclt_sched_rt_period is declared as unsigned int - parsed by proc_do_intvec() - the range is asserted after the value parsed by proc_do_intvec() Because of this negative values written to the file were written into a unsigned integer that were later on interpreted as large positive integers which did passed the check: if (sysclt_sched_rt_period <=3D 0) return EINVAL; This commit fixes the parsing by setting explicit range for both perid_us and runtime_us into the sched_rt_sysctls table and processes the values with proc_dointvec_minmax() instead. Alternatively if we wanted to use full range of unsigned int for the period value we would have to split the proc_handler and use proc_douintvec() for it however even the Documentation/scheduller/sched-rt-group.rst describes the range as 1 to INT_MAX. As far as I can tell the only problem this causes is that the sysctl file allows writing negative values which when read back may confuse userspace. There is also a LTP test being submitted for these sysctl files at: http://patchwork.ozlabs.org/project/ltp/patch/20230901144433.2526-1-chrubis= @suse.cz/ Signed-off-by: Cyril Hrubis --- kernel/sched/rt.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c index 0597ba0f85ff..aed3d55de2dd 100644 --- a/kernel/sched/rt.c +++ b/kernel/sched/rt.c @@ -37,6 +37,8 @@ static struct ctl_table sched_rt_sysctls[] =3D { .maxlen =3D sizeof(unsigned int), .mode =3D 0644, .proc_handler =3D sched_rt_handler, + .extra1 =3D SYSCTL_ONE, + .extra2 =3D SYSCTL_INT_MAX, }, { .procname =3D "sched_rt_runtime_us", @@ -44,6 +46,8 @@ static struct ctl_table sched_rt_sysctls[] =3D { .maxlen =3D sizeof(int), .mode =3D 0644, .proc_handler =3D sched_rt_handler, + .extra1 =3D SYSCTL_NEG_ONE, + .extra2 =3D SYSCTL_INT_MAX, }, { .procname =3D "sched_rr_timeslice_ms", @@ -2985,9 +2989,6 @@ static int sched_rt_global_constraints(void) #ifdef CONFIG_SYSCTL static int sched_rt_global_validate(void) { - if (sysctl_sched_rt_period <=3D 0) - return -EINVAL; - if ((sysctl_sched_rt_runtime !=3D RUNTIME_INF) && ((sysctl_sched_rt_runtime > sysctl_sched_rt_period) || ((u64)sysctl_sched_rt_runtime * @@ -3018,7 +3019,7 @@ static int sched_rt_handler(struct ctl_table *table, = int write, void *buffer, old_period =3D sysctl_sched_rt_period; old_runtime =3D sysctl_sched_rt_runtime; =20 - ret =3D proc_dointvec(table, write, buffer, lenp, ppos); + ret =3D proc_dointvec_minmax(table, write, buffer, lenp, ppos); =20 if (!ret && write) { ret =3D sched_rt_global_validate(); --=20 2.41.0