[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180807135453.nhatdtw25wa6dtzm@quack2.suse.cz>
Date: Tue, 7 Aug 2018 15:54:53 +0200
From: Jan Kara <jack@...e.cz>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Jan Kara <jack@...e.cz>, Chengguang Xu <cgxu519@....com>,
mgorman@...hsingularity.net, jlayton@...hat.com,
ak@...ux.intel.com, mawilcox@...rosoft.com,
tim.c.chen@...ux.intel.com, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Al Viro <viro@...IV.linux.org.uk>
Subject: Re: [PATCH] mm: adjust max read count in generic_file_buffered_read()
On Mon 06-08-18 15:59:27, Andrew Morton wrote:
> On Mon, 6 Aug 2018 12:22:03 +0200 Jan Kara <jack@...e.cz> wrote:
>
> > On Fri 20-07-18 16:14:29, Andrew Morton wrote:
> > > On Thu, 19 Jul 2018 10:58:12 +0200 Jan Kara <jack@...e.cz> wrote:
> > >
> > > > On Thu 19-07-18 16:17:26, Chengguang Xu wrote:
> > > > > When we try to truncate read count in generic_file_buffered_read(),
> > > > > should deliver (sb->s_maxbytes - offset) as maximum count not
> > > > > sb->s_maxbytes itself.
> > > > >
> > > > > Signed-off-by: Chengguang Xu <cgxu519@....com>
> > > >
> > > > Looks good to me. You can add:
> > > >
> > > > Reviewed-by: Jan Kara <jack@...e.cz>
> > >
> > > Yup.
> > >
> > > What are the runtime effects of this bug?
> >
> > Good question. I think ->readpage() could be called for index beyond
> > maximum file size supported by the filesystem leading to weird filesystem
> > behavior due to overflows in internal calculations.
> >
>
> Sure. But is it possible for userspace to trigger this behaviour?
> Possibly all callers have already sanitized the arguments by this stage
> in which case the statement is arguably redundant.
So I don't think there's any sanitization going on before
generic_file_buffered_read(). E.g. I don't see any s_maxbytes check on
ksys_read() -> vfs_read() -> __vfs_read() -> new_sync_read() ->
call_read_iter() -> generic_file_read_iter() ->
generic_file_buffered_read() path... However now thinking about this again:
We are guaranteed i_size is within s_maxbytes (places modifying i_size
are checking for this) and generic_file_buffered_read() stops when it
should read beyond i_size. So in the end I don't think there's any breakage
possible and the patch is not necessary?
Honza
--
Jan Kara <jack@...e.com>
SUSE Labs, CR
Powered by blists - more mailing lists