Re: [PATCH 1/2] fanotify: Avoid lost events due to ENOMEM for unlimited queues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Feb 26, 2018 at 3:06 PM, Jan Kara <jack@xxxxxxx> wrote:
> On Thu 22-02-18 20:34:48, Amir Goldstein wrote:
>> On Thu, Feb 22, 2018 at 6:22 PM, Jan Kara <jack@xxxxxxx> wrote:
>> > On Thu 22-02-18 18:04:36, Amir Goldstein wrote:
>> >> On Wed, Feb 21, 2018 at 5:44 PM, Jan Kara <jack@xxxxxxx> wrote:
>> >> > Fanotify queues of unlimited length do not expect events can be lost.
>> >> > Since these queues are used for system auditing and other security
>> >>
>> >> Change looks good to me, but the reasoning is going backwards.
>> >> IMO, you should mention that we are going to change -ENOMEM
>> >> behavior to result in Q_OVERFLOW and user does not expect
>> >> Q_OVERFLOW from an UNLIMITED queue.
>> >
>> > See below.
>> >
>> >> > related tasks, loosing events can even have security implications. So
>> >> > avoid loosing events due to failure to allocate memory by making event
>> >> > allocation use __GFP_NOFAIL. Since the allocation is small (32-bytes),
>> >> > currently there is no practical difference of this change but still it
>> >> > is good to have the expectation explicitely documented.
>> >> >
>> >>
>> >> But if currently allocations cannot fail, then why do we need patch
>> >> 2/2 (queue overflow event). It is because small allocations can fail when
>> >> accounted to non-root memcg?
>> >
>> > Yes. So how about changelog like:
>> >
>> > Fanotify queues of unlimited length do not expect events can be lost.
>> > Since these queues are used for system auditing and other security
>> > related tasks, loosing events can even have security implications.
>> > Currently, since the allocation is small (32-bytes), it cannot fail
>> > however when we start accounting events in memcgs, allocation can start
>> > failing. So avoid loosing events due to failure to allocate memory by
>> > making event allocation use __GFP_NOFAIL.
>> >
>>
>> Very good.
>
> Can I add your reviewed-by to the patch then?
>

Yes, of course.

Thanks,
Amir.



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux