[PATCH] sys-limits.h: new file for crypto and safe I/O

Sat, 05 May 2018 10:38:02 -0700 

* lib/af_alg.c: Include sys-limits.h.
(MAX_RW_COUNT): Remove.  Use replaced by SYS_BUFSIZE_MAX.
(afalg_stream): Also reject negative sizes for sendfile; they
should not happen and the code is a bit cleaner and faster this way.
* lib/safe-read.c: Include sys-limits.h.
(BUGGY_READ_MAXIMUM): Remove.  All uses replaced by SYS_BUFSIZE_MAX.
* lib/sys-limits.h: New file, with values and commentary derived
from the old safe-read.c and from GNU Emacs sysdep.c.
* modules/crypto/md5, modules/crypto/sha1, modules/crypto/sha256:
* modules/crypto/sha512, modules/safe-read, modules/safe-write:
Add lib/sys-limits.h to Files section.
---
 ChangeLog             | 15 +++++++++++++++
 lib/af_alg.c          |  6 +++---
 lib/safe-read.c       | 12 +++---------
 lib/sys-limits.h      | 42 ++++++++++++++++++++++++++++++++++++++++++
 modules/crypto/md5    |  1 +
 modules/crypto/sha1   |  1 +
 modules/crypto/sha256 |  1 +
 modules/crypto/sha512 |  1 +
 modules/safe-read     |  1 +
 modules/safe-write    |  1 +
 10 files changed, 69 insertions(+), 12 deletions(-)
 create mode 100644 lib/sys-limits.h

diff --git a/ChangeLog b/ChangeLog
index 0b38ffe79..0f6501469 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2018-05-05  Paul Eggert  <egg...@cs.ucla.edu>
+
+       sys-limits.h: new file for crypto and safe I/O
+       * lib/af_alg.c: Include sys-limits.h.
+       (MAX_RW_COUNT): Remove.  Use replaced by SYS_BUFSIZE_MAX.
+       (afalg_stream): Also reject negative sizes for sendfile; they
+       should not happen and the code is a bit cleaner and faster this way.
+       * lib/safe-read.c: Include sys-limits.h.
+       (BUGGY_READ_MAXIMUM): Remove.  All uses replaced by SYS_BUFSIZE_MAX.
+       * lib/sys-limits.h: New file, with values and commentary derived
+       from the old safe-read.c and from GNU Emacs sysdep.c.
+       * modules/crypto/md5, modules/crypto/sha1, modules/crypto/sha256:
+       * modules/crypto/sha512, modules/safe-read, modules/safe-write:
+       Add lib/sys-limits.h to Files section.
+
 2018-05-05  Bruno Haible  <br...@clisp.org>
 
        af_alg: Improve function signature.
diff --git a/lib/af_alg.c b/lib/af_alg.c
index 91f565d43..1f4a6aab5 100644
--- a/lib/af_alg.c
+++ b/lib/af_alg.c
@@ -30,8 +30,8 @@
 
 #include "af_alg.h"
 
-/* from linux/include/linux/fs.h: (INT_MAX & PAGE_MASK).  */
-#define MAX_RW_COUNT 0x7FFFF000
+#include "sys-limits.h"
+
 #define BLOCKSIZE 32768
 
 int
@@ -70,7 +70,7 @@ afalg_stream (FILE * stream, const char *alg, void *resblock, 
ssize_t hashlen)
   /* if file is a regular file, attempt sendfile to pipe the data.  */
   if (!fstat (fileno (stream), &st)
       && (S_ISREG (st.st_mode) || S_TYPEISSHM (&st) || S_TYPEISTMO (&st))
-      && st.st_size && st.st_size <= MAX_RW_COUNT)
+      && 0 < st.st_size && st.st_size <= SYS_BUFSIZE_MAX)
     {
       if (sendfile (ofd, fileno (stream), NULL, st.st_size) != st.st_size)
         {
diff --git a/lib/safe-read.c b/lib/safe-read.c
index 65415b044..25b8a3b9b 100644
--- a/lib/safe-read.c
+++ b/lib/safe-read.c
@@ -37,7 +37,7 @@
 # define IS_EINTR(x) 0
 #endif
 
-#include <limits.h>
+#include "sys-limits.h"
 
 #ifdef SAFE_WRITE
 # define safe_rw safe_write
@@ -55,12 +55,6 @@
 size_t
 safe_rw (int fd, void const *buf, size_t count)
 {
-  /* Work around a bug in Tru64 5.1.  Attempting to read more than
-     INT_MAX bytes fails with errno == EINVAL.  See
-     <https://lists.gnu.org/r/bug-gnu-utils/2002-04/msg00010.html>.
-     When decreasing COUNT, keep it block-aligned.  */
-  enum { BUGGY_READ_MAXIMUM = INT_MAX & ~8191 };
-
   for (;;)
     {
       ssize_t result = rw (fd, buf, count);
@@ -69,8 +63,8 @@ safe_rw (int fd, void const *buf, size_t count)
         return result;
       else if (IS_EINTR (errno))
         continue;
-      else if (errno == EINVAL && BUGGY_READ_MAXIMUM < count)
-        count = BUGGY_READ_MAXIMUM;
+      else if (errno == EINVAL && SYS_BUFSIZE_MAX < count)
+        count = SYS_BUFSIZE_MAX;
       else
         return result;
     }
diff --git a/lib/sys-limits.h b/lib/sys-limits.h
new file mode 100644
index 000000000..ee0fcff71
--- /dev/null
+++ b/lib/sys-limits.h
@@ -0,0 +1,42 @@
+/* System call limits
+
+   Copyright 2018 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _SYS_LIMITS_H
+#define _SYS_LIMITS_H
+
+#include <limits.h>
+
+/* Maximum number of bytes to read or write in a single system call.
+   This can be useful for system calls like sendfile on GNU/Linux,
+   which do not handle more than MAX_RW_COUNT bytes correctly.
+   The Linux kernel MAX_RW_COUNT is at least INT_MAX >> 20 << 20,
+   where the 20 comes from the Hexagon port with 1 MiB pages; use that
+   as an approximation, as the exact value may not be available to us.
+
+   Using this also works around a serious Linux bug before 2.6.16; see
+   <https://bugzilla.redhat.com/show_bug.cgi?id=612839>.
+
+   Using this also works around a Tru64 5.1 bug, where attempting
+   to read INT_MAX bytes fails with errno == EINVAL.  See
+   <https://lists.gnu.org/r/bug-gnu-utils/2002-04/msg00010.html>.
+
+   Using this is likely to work around similar bugs in other operating
+   systems.  */
+
+enum { SYS_BUFSIZE_MAX = INT_MAX >> 20 << 20 };
+
+#endif
diff --git a/modules/crypto/md5 b/modules/crypto/md5
index 3a4c75613..80f14c2fd 100644
--- a/modules/crypto/md5
+++ b/modules/crypto/md5
@@ -7,6 +7,7 @@ lib/md5.h
 lib/md5.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/md5.m4
 m4/linux-if-alg.m4
diff --git a/modules/crypto/sha1 b/modules/crypto/sha1
index a4d295049..3bdf0ea0a 100644
--- a/modules/crypto/sha1
+++ b/modules/crypto/sha1
@@ -7,6 +7,7 @@ lib/sha1.h
 lib/sha1.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/sha1.m4
 m4/linux-if-alg.m4
diff --git a/modules/crypto/sha256 b/modules/crypto/sha256
index 4acb27a74..d7c373581 100644
--- a/modules/crypto/sha256
+++ b/modules/crypto/sha256
@@ -7,6 +7,7 @@ lib/sha256.h
 lib/sha256.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/sha256.m4
 m4/linux-if-alg.m4
diff --git a/modules/crypto/sha512 b/modules/crypto/sha512
index 1fa3f3601..d6f9b9986 100644
--- a/modules/crypto/sha512
+++ b/modules/crypto/sha512
@@ -7,6 +7,7 @@ lib/sha512.h
 lib/sha512.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/sha512.m4
 m4/linux-if-alg.m4
diff --git a/modules/safe-read b/modules/safe-read
index 3bcdf7821..f19e14b8c 100644
--- a/modules/safe-read
+++ b/modules/safe-read
@@ -4,6 +4,7 @@ An interface to the read() function that retries after 
interrupts.
 Files:
 lib/safe-read.h
 lib/safe-read.c
+lib/sys-limits.h
 m4/safe-read.m4
 
 Depends-on:
diff --git a/modules/safe-write b/modules/safe-write
index 5e9049620..f09c0abdd 100644
--- a/modules/safe-write
+++ b/modules/safe-write
@@ -5,6 +5,7 @@ Files:
 lib/safe-write.h
 lib/safe-write.c
 lib/safe-read.c
+lib/sys-limits.h
 m4/safe-write.m4
 m4/safe-read.m4
 
-- 
2.17.0

Reply via email to