diff mbox series

[v2,5/6] sysctl/infiniband: Fixes infiniband sysctl bounds

Message ID 20250224095826.16458-6-nicolas.bouchinet@clip-os.org (mailing list archive)
State Not Applicable
Headers show
Series Fixes multiple sysctl bound checks | expand

Commit Message

Nicolas Bouchinet Feb. 24, 2025, 9:58 a.m. UTC 
From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>

Bound infiniband iwcm and ucma sysctl writings between SYSCTL_ZERO
and SYSCTL_INT_MAX.

The proc_handler has thus been updated to proc_dointvec_minmax.

Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
---
 drivers/infiniband/core/iwcm.c | 4 +++-
 drivers/infiniband/core/ucma.c | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

Comments

Leon Romanovsky Feb. 24, 2025, 1:41 p.m. UTC | #1 
On Mon, Feb 24, 2025 at 10:58:20AM +0100, nicolas.bouchinet@clip-os.org wrote:
> From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> 
> Bound infiniband iwcm and ucma sysctl writings between SYSCTL_ZERO
> and SYSCTL_INT_MAX.
> 
> The proc_handler has thus been updated to proc_dointvec_minmax.
> 
> Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> ---
>  drivers/infiniband/core/iwcm.c | 4 +++-
>  drivers/infiniband/core/ucma.c | 4 +++-
>  2 files changed, 6 insertions(+), 2 deletions(-)
> 

Acked-by: Leon Romanovsky <leon@kernel.org>

How do you want to proceed from here? Should I take to RDMA repository?

Thanks
Zhu Yanjun Feb. 25, 2025, 7:27 a.m. UTC | #2 
在 2025/2/24 10:58, nicolas.bouchinet@clip-os.org 写道:
> From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
>
> Bound infiniband iwcm and ucma sysctl writings between SYSCTL_ZERO
> and SYSCTL_INT_MAX.
>
> The proc_handler has thus been updated to proc_dointvec_minmax.

In this commit, the minimum and maximum are added to the proc_handler.

It seems that this will not introduce any risk.

I am fine with it.

Reviewed-by: Zhu Yanjun <yanjun.zhu@linux.dev>

Thanks,

Zhu Yanjun

>
> Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> ---
>   drivers/infiniband/core/iwcm.c | 4 +++-
>   drivers/infiniband/core/ucma.c | 4 +++-
>   2 files changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/infiniband/core/iwcm.c b/drivers/infiniband/core/iwcm.c
> index 7e3a55349e107..f4486cbd8f45a 100644
> --- a/drivers/infiniband/core/iwcm.c
> +++ b/drivers/infiniband/core/iwcm.c
> @@ -109,7 +109,9 @@ static struct ctl_table iwcm_ctl_table[] = {
>   		.data		= &default_backlog,
>   		.maxlen		= sizeof(default_backlog),
>   		.mode		= 0644,
> -		.proc_handler	= proc_dointvec,
> +		.proc_handler	= proc_dointvec_minmax,
> +		.extra1		= SYSCTL_ZERO,
> +		.extra2		= SYSCTL_INT_MAX,
>   	},
>   };
>   
> diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
> index 02f1666f3cbab..6e700b9740331 100644
> --- a/drivers/infiniband/core/ucma.c
> +++ b/drivers/infiniband/core/ucma.c
> @@ -69,7 +69,9 @@ static struct ctl_table ucma_ctl_table[] = {
>   		.data		= &max_backlog,
>   		.maxlen		= sizeof max_backlog,
>   		.mode		= 0644,
> -		.proc_handler	= proc_dointvec,
> +		.proc_handler	= proc_dointvec_minmax,
> +		.extra1		= SYSCTL_ZERO,
> +		.extra2		= SYSCTL_INT_MAX,
>   	},
>   };
>
Joel Granados March 3, 2025, 1:57 p.m. UTC | #3 
On Mon, Feb 24, 2025 at 03:41:05PM +0200, Leon Romanovsky wrote:
> On Mon, Feb 24, 2025 at 10:58:20AM +0100, nicolas.bouchinet@clip-os.org wrote:
> > From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> > 
> > Bound infiniband iwcm and ucma sysctl writings between SYSCTL_ZERO
> > and SYSCTL_INT_MAX.
> > 
> > The proc_handler has thus been updated to proc_dointvec_minmax.
> > 
> > Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> > ---
> >  drivers/infiniband/core/iwcm.c | 4 +++-
> >  drivers/infiniband/core/ucma.c | 4 +++-
> >  2 files changed, 6 insertions(+), 2 deletions(-)
> > 
> 
> Acked-by: Leon Romanovsky <leon@kernel.org>
> 
> How do you want to proceed from here? Should I take to RDMA repository?
> 
> Thanks
It would be great if we push this through RDMA. Here are a few comments:
1. Having the upper bound be SYSCTL_INT_MAX is not necessary (as it is
   silently capped by proc_dointvec_minmax, but it is good to have as it
   gives understanding on what the spread of the values are.

2. Having the lower bound capped by SYSCTL_ZERO is needed as it will
   prevent ppl trying to assing negative values to the unsigned integers

Please let me know if you will push this through RDMA, so I know to
remove it from sysctl.

Best

Reviewed-by: Joel Granados <joel.granados@kernel.org>
Leon Romanovsky March 3, 2025, 6:53 p.m. UTC | #4 
On Mon, Mar 03, 2025 at 02:57:29PM +0100, Joel Granados wrote:
> On Mon, Feb 24, 2025 at 03:41:05PM +0200, Leon Romanovsky wrote:
> > On Mon, Feb 24, 2025 at 10:58:20AM +0100, nicolas.bouchinet@clip-os.org wrote:
> > > From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> > > 
> > > Bound infiniband iwcm and ucma sysctl writings between SYSCTL_ZERO
> > > and SYSCTL_INT_MAX.
> > > 
> > > The proc_handler has thus been updated to proc_dointvec_minmax.
> > > 
> > > Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> > > ---
> > >  drivers/infiniband/core/iwcm.c | 4 +++-
> > >  drivers/infiniband/core/ucma.c | 4 +++-
> > >  2 files changed, 6 insertions(+), 2 deletions(-)
> > > 
> > 
> > Acked-by: Leon Romanovsky <leon@kernel.org>
> > 
> > How do you want to proceed from here? Should I take to RDMA repository?
> > 
> > Thanks
> It would be great if we push this through RDMA. Here are a few comments:
> 1. Having the upper bound be SYSCTL_INT_MAX is not necessary (as it is
>    silently capped by proc_dointvec_minmax, but it is good to have as it
>    gives understanding on what the spread of the values are.
> 
> 2. Having the lower bound capped by SYSCTL_ZERO is needed as it will
>    prevent ppl trying to assing negative values to the unsigned integers
> 
> Please let me know if you will push this through RDMA, so I know to
> remove it from sysctl.

Applied to RDMA tree.
https://web.git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git/commit/?h=wip/leon-for-next&id=f33cd9b3fd03a791296ab37550ffd26213a90c4e

> 
> Best
> 
> Reviewed-by: Joel Granados <joel.granados@kernel.org>

Thanks

> 
> -- 
> 
> Joel Granados
diff mbox series

Patch

diff --git a/drivers/infiniband/core/iwcm.c b/drivers/infiniband/core/iwcm.c
index 7e3a55349e107..f4486cbd8f45a 100644
--- a/drivers/infiniband/core/iwcm.c
+++ b/drivers/infiniband/core/iwcm.c
@@ -109,7 +109,9 @@  static struct ctl_table iwcm_ctl_table[] = {
 		.data		= &default_backlog,
 		.maxlen		= sizeof(default_backlog),
 		.mode		= 0644,
-		.proc_handler	= proc_dointvec,
+		.proc_handler	= proc_dointvec_minmax,
+		.extra1		= SYSCTL_ZERO,
+		.extra2		= SYSCTL_INT_MAX,
 	},
 };
 
diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
index 02f1666f3cbab..6e700b9740331 100644
--- a/drivers/infiniband/core/ucma.c
+++ b/drivers/infiniband/core/ucma.c
@@ -69,7 +69,9 @@  static struct ctl_table ucma_ctl_table[] = {
 		.data		= &max_backlog,
 		.maxlen		= sizeof max_backlog,
 		.mode		= 0644,
-		.proc_handler	= proc_dointvec,
+		.proc_handler	= proc_dointvec_minmax,
+		.extra1		= SYSCTL_ZERO,
+		.extra2		= SYSCTL_INT_MAX,
 	},
 };