From nobody Wed Jan 7 03:59:15 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C77FE784B3 for ; Mon, 2 Oct 2023 11:55:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236831AbjJBLzY (ORCPT ); Mon, 2 Oct 2023 07:55:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236814AbjJBLzU (ORCPT ); Mon, 2 Oct 2023 07:55:20 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 881A1D7; Mon, 2 Oct 2023 04:55:16 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 2F5271F747; Mon, 2 Oct 2023 11:55:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1696247715; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=X22Y+6WPb42oCP5h0wWLFGV3a8KruDFVfrKrZX+kvrI=; b=dEDsGfTSVcjDoo+qxrOtbu33nbW5qJQmgsTJPjhMtMfNpGxNL0hfP+9DWEGtFRiQRJxahb nyq5Tqea/siHVK6Y85k1at3PHoTAWhcz3RZuYI2haOjcSwyURixPo0+ux2Xvk6GeyTHaNj VptL+6/9tXXTxergBbNj1QaqFMRPZoc= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1696247715; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=X22Y+6WPb42oCP5h0wWLFGV3a8KruDFVfrKrZX+kvrI=; b=clkwmVDoOPCbZRayDxKuJ38iOQBoxrLwVfD2SXjfOIn+32hraGDKv+BJmHUzlS4+iD+k6b PMg0fiLujJbTRGCQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 1671E13434; Mon, 2 Oct 2023 11:55:15 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id m98eBKOvGmU9FAAAMHmgww (envelope-from ); Mon, 02 Oct 2023 11:55:15 +0000 From: Cyril Hrubis To: Ingo Molnar , Peter Zijlstra , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Ben Segall , Mel Gorman , Daniel Bristot de Oliveira , Valentin Schneider , linux-kernel@vger.kernel.org, Jonathan Corbet , linux-doc@vger.kernel.org Cc: ltp@lists.linux.it, Cyril Hrubis Subject: [PATCH v3 1/3] sched/rt: Disallow writing invalid values to sched_rt_period_us Date: Mon, 2 Oct 2023 13:55:51 +0200 Message-ID: <20231002115553.3007-2-chrubis@suse.cz> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231002115553.3007-1-chrubis@suse.cz> References: <20231002115553.3007-1-chrubis@suse.cz> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" The validation of the value written to sched_rt_period_us was broken because: - the sysclt_sched_rt_period is declared as unsigned int - parsed by proc_do_intvec() - the range is asserted after the value parsed by proc_do_intvec() Because of this negative values written to the file were written into a unsigned integer that were later on interpreted as large positive integers which did passed the check: if (sysclt_sched_rt_period <=3D 0) return EINVAL; This commit fixes the parsing by setting explicit range for both perid_us and runtime_us into the sched_rt_sysctls table and processes the values with proc_dointvec_minmax() instead. Alternatively if we wanted to use full range of unsigned int for the period value we would have to split the proc_handler and use proc_douintvec() for it however even the Documentation/scheduller/sched-rt-group.rst describes the range as 1 to INT_MAX. As far as I can tell the only problem this causes is that the sysctl file allows writing negative values which when read back may confuse userspace. There is also a LTP test being submitted for these sysctl files at: http://patchwork.ozlabs.org/project/ltp/patch/20230901144433.2526-1-chrubis= @suse.cz/ Signed-off-by: Cyril Hrubis --- kernel/sched/rt.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c index 0597ba0f85ff..aed3d55de2dd 100644 --- a/kernel/sched/rt.c +++ b/kernel/sched/rt.c @@ -37,6 +37,8 @@ static struct ctl_table sched_rt_sysctls[] =3D { .maxlen =3D sizeof(unsigned int), .mode =3D 0644, .proc_handler =3D sched_rt_handler, + .extra1 =3D SYSCTL_ONE, + .extra2 =3D SYSCTL_INT_MAX, }, { .procname =3D "sched_rt_runtime_us", @@ -44,6 +46,8 @@ static struct ctl_table sched_rt_sysctls[] =3D { .maxlen =3D sizeof(int), .mode =3D 0644, .proc_handler =3D sched_rt_handler, + .extra1 =3D SYSCTL_NEG_ONE, + .extra2 =3D SYSCTL_INT_MAX, }, { .procname =3D "sched_rr_timeslice_ms", @@ -2985,9 +2989,6 @@ static int sched_rt_global_constraints(void) #ifdef CONFIG_SYSCTL static int sched_rt_global_validate(void) { - if (sysctl_sched_rt_period <=3D 0) - return -EINVAL; - if ((sysctl_sched_rt_runtime !=3D RUNTIME_INF) && ((sysctl_sched_rt_runtime > sysctl_sched_rt_period) || ((u64)sysctl_sched_rt_runtime * @@ -3018,7 +3019,7 @@ static int sched_rt_handler(struct ctl_table *table, = int write, void *buffer, old_period =3D sysctl_sched_rt_period; old_runtime =3D sysctl_sched_rt_runtime; =20 - ret =3D proc_dointvec(table, write, buffer, lenp, ppos); + ret =3D proc_dointvec_minmax(table, write, buffer, lenp, ppos); =20 if (!ret && write) { ret =3D sched_rt_global_validate(); --=20 2.41.0