Re: [PATCH] sched/fair: Null terminate buffer when updating tunable_scaling
From: Vincent Guittot
Date: Mon Sep 27 2021 - 12:50:38 EST
On Mon, 27 Sept 2021 at 13:46, Mel Gorman <mgorman@xxxxxxxxxxxxxxxxxxx> wrote:
>
> This patch null-terminates the temporary buffer in sched_scaling_write()
> so kstrtouint() does not return failure and checks the value is valid.
>
> Before
> $ cat /sys/kernel/debug/sched/tunable_scaling
> 1
> $ echo 0 > /sys/kernel/debug/sched/tunable_scaling
> -bash: echo: write error: Invalid argument
> $ cat /sys/kernel/debug/sched/tunable_scaling
> 1
>
> After
> $ cat /sys/kernel/debug/sched/tunable_scaling
> 1
> $ echo 0 > /sys/kernel/debug/sched/tunable_scaling
> $ cat /sys/kernel/debug/sched/tunable_scaling
> 0
> $ echo 3 > /sys/kernel/debug/sched/tunable_scaling
> -bash: echo: write error: Invalid argument
>
> Fixes: 8a99b6833c88 ("sched: Move SCHED_DEBUG sysctl to debugfs")
> Signed-off-by: Mel Gorman <mgorman@xxxxxxxxxxxxxxxxxxx>
Acked-by: Vincent Guittot <vincent.guittot@xxxxxxxxxx>
> ---
> kernel/sched/debug.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/sched/debug.c b/kernel/sched/debug.c
> index 49716228efb4..17a653b67006 100644
> --- a/kernel/sched/debug.c
> +++ b/kernel/sched/debug.c
> @@ -173,16 +173,22 @@ static ssize_t sched_scaling_write(struct file *filp, const char __user *ubuf,
> size_t cnt, loff_t *ppos)
> {
> char buf[16];
> + unsigned int scaling;
>
> if (cnt > 15)
> cnt = 15;
>
> if (copy_from_user(&buf, ubuf, cnt))
> return -EFAULT;
> + buf[cnt] = '\0';
>
> - if (kstrtouint(buf, 10, &sysctl_sched_tunable_scaling))
> + if (kstrtouint(buf, 10, &scaling))
> return -EINVAL;
>
> + if (scaling >= SCHED_TUNABLESCALING_END)
> + return -EINVAL;
> +
> + sysctl_sched_tunable_scaling = scaling;
> if (sched_update_scaling())
> return -EINVAL;
>