lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTin42kucqLbErGA4GlGPZEIPQV2DFkiHkEVSYiI9@mail.gmail.com>
Date:	Mon, 24 May 2010 06:43:22 +0200
From:	Michael Kerrisk <mtk.manpages@...glemail.com>
To:	OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
Cc:	Jens Axboe <jens.axboe@...cle.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Miklos Szeredi <miklos@...redi.hu>,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [patch] pipe: add support for shrinking and growing pipes

On Mon, May 24, 2010 at 3:43 AM, OGAWA Hirofumi
<hirofumi@...l.parknet.co.jp> wrote:
> Jens Axboe <jens.axboe@...cle.com> writes:
>
>>> > We can easily make F_GETPIPE_SZ return bytes, but I don't think passing
>>> > in bytes to F_SETPIPE_SZ makes a lot of sense. The pipe array must be a
>>> > power of 2 in pages. So the question is if that makes the API cleaner,
>>> > passing in number of pages but returning bytes? Or pass in bytes all
>>> > around, but have F_SETPIPE_SZ round to the nearest multiple of pow2 in
>>> > pages if need be. Then it would return a size at least what was passed
>>> > in, or error.
>
> I really think "power of 2 in pages" is simply current implementation
> detail, not detail of pipe API.

That's a good point.

>>> I'd recommend this: Pass it in and out in bytes. Don't round to a
>>> power of 2. Require the user to know what they are doing. Give an
>>> error if the user doesn't supply a power-of-2 * page-size for
>>> F_SETPIPE_SZ. (Again, consider the case of architectures  with
>>> switchable page sizes.)
>>
>> But is there much point in erroring on an incorrect size? If the
>> application says "I need at least 120kb of space in there", kernel
>> returns "OK, you got 128kb". Would returning -1/EINVAL for that case
>> really make a better API? Doesn't seem like it to me.
>
> FWIW, my first impression of this was setsockopt(SO_RCV/SNDBUF) of unix
> socket. Well, API itself wouldn't say "at least this size" or "exactly
> this size", so, in here, important thing is consistency of interfaces, I
> think. (And the both is sane API at least for me if those had
> consistency in the system.)
>
> Well, so how about set/get in bytes, and kernel will set "at least
> specified size" actually like setsockopt(SO_RCV/SNDBUF)?

The "at least" idea makes sense. So, I'd change my recommendation to:

Pass the buffer size in and out in bytes (for consistency with other
APIs). Round the input (F_SETPIPE_SZ) value up as required by the
implementation. For the output (F_GETPIPE_SZ) value do one of the
following:
a) Return the value given on input.
b) Return the rounded up value actually used by the kernel.

I suspect (b) might be more useful: if an application cares enough
about pipe size to want to change it, then at least some such
applications might care to know exactly the size that the kernel used.
(And: I can't see any downside to (b).)

One other comment about the interface. We have

                if (!capable(CAP_SYS_ADMIN) && arg > pipe_max_pages)
                        return -EINVAL;

The usual error on a capability denied is EPERM. Please change.

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Author of "The Linux Programming Interface" http://blog.man7.org/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ