Re: [PATCH v2] mm: fix div by zero in bdi_ratio_from_pages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08.01.25 02:47, Stefan Roesch wrote:
During testing it has been detected, that it is possible to get div by
zero error in bdi_set_min_bytes. The error is caused by the function
bdi_ratio_from_pages(). bdi_ratio_from_pages() calls
global_dirty_limits. If the dirty threshold is 0, the div by zero is
raised. This can happen if the root user is setting:

echo 0 > /proc/sys/vm/dirty_ratio

The following is a test case:

echo 0 > /proc/sys/vm/dirty_ratio
cd /sys/class/bdi/<device>
echo 1 > strict_limit
echo 8192 > min_bytes

==> error is raised.

The problem is addressed by returning -EINVAL if dirty_ratio or
dirty_bytes is set to 0.

Reported-by: cheung wall <zzqq0103.hey@xxxxxxxxx>
Closes: https://lore.kernel.org/linux-mm/87pll35yd0.fsf@xxxxxxxxxxxx/T/#t
Signed-off-by: Stefan Roesch <shr@xxxxxxxxxxxx>

---
Changes in V2:
- check for -EINVAL in bdi_set_min_bytes()
- check for -EINVAL in bdi_set_max_bytes()
---
  mm/page-writeback.c | 6 ++++++
  1 file changed, 6 insertions(+)

diff --git a/mm/page-writeback.c b/mm/page-writeback.c
index d213ead95675..fcc486e0d5c2 100644
--- a/mm/page-writeback.c
+++ b/mm/page-writeback.c
@@ -692,6 +692,8 @@ static unsigned long bdi_ratio_from_pages(unsigned long pages)
  	unsigned long ratio;
global_dirty_limits(&background_thresh, &dirty_thresh);
+	if (!dirty_thresh)
+		return -EINVAL;
  	ratio = div64_u64(pages * 100ULL * BDI_RATIO_SCALE, dirty_thresh);
return ratio;
@@ -797,6 +799,8 @@ int bdi_set_min_bytes(struct backing_dev_info *bdi, u64 min_bytes)
  		return ret;
min_ratio = bdi_ratio_from_pages(pages);
+	if (min_ratio == -EINVAL)
+		return -EINVAL;
  	return __bdi_set_min_ratio(bdi, min_ratio);
  }
@@ -816,6 +820,8 @@ int bdi_set_max_bytes(struct backing_dev_info *bdi, u64 max_bytes)
  		return ret;
max_ratio = bdi_ratio_from_pages(pages);
+	if (max_ratio == -EINVAL)
+		return -EINVAL;

I would have done it slightly differently, something like:


diff --git a/mm/page-writeback.c b/mm/page-writeback.c
index d213ead956750..4b02f18f7d01f 100644
--- a/mm/page-writeback.c
+++ b/mm/page-writeback.c
@@ -685,13 +685,15 @@ static int bdi_check_pages_limit(unsigned long pages)
        return 0;
 }
-static unsigned long bdi_ratio_from_pages(unsigned long pages)
+static long bdi_ratio_from_pages(unsigned long pages)
 {
        unsigned long background_thresh;
        unsigned long dirty_thresh;
        unsigned long ratio;
global_dirty_limits(&background_thresh, &dirty_thresh);
+       if (!dirty_thresh)
+               return -EINVAL;
        ratio = div64_u64(pages * 100ULL * BDI_RATIO_SCALE, dirty_thresh);
return ratio;
@@ -790,13 +792,15 @@ int bdi_set_min_bytes(struct backing_dev_info *bdi, u64 min_bytes)
 {
        int ret;
        unsigned long pages = min_bytes >> PAGE_SHIFT;
-       unsigned long min_ratio;
+       long min_ratio;
ret = bdi_check_pages_limit(pages);
        if (ret)
                return ret;
min_ratio = bdi_ratio_from_pages(pages);
+       if (min_ratio < 0)
+               return min_ratio;
        return __bdi_set_min_ratio(bdi, min_ratio);
 }
@@ -809,13 +813,15 @@ int bdi_set_max_bytes(struct backing_dev_info *bdi, u64 max_bytes)
 {
        int ret;
        unsigned long pages = max_bytes >> PAGE_SHIFT;
-       unsigned long max_ratio;
+       long max_ratio;
ret = bdi_check_pages_limit(pages);
        if (ret)
                return ret;
max_ratio = bdi_ratio_from_pages(pages);
+       if (min_ratio < 0)
+               return min_ratio;
        return __bdi_set_max_ratio(bdi, max_ratio);
 }

--
Cheers,

David / dhildenb





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux