* + mm-fix-the-uninitialized-use-in-overcommit_policy_handler.patch added to -mm tree
@ 2021-09-24 2:22 akpm
0 siblings, 0 replies; only message in thread
From: akpm @ 2021-09-24 2:22 UTC (permalink / raw)
To: chenjun102, feng.tang, mhocko, mm-commits, rui.xiang, stable
The patch titled
Subject: mm: fix uninitialized use in overcommit_policy_handler
has been added to the -mm tree. Its filename is
mm-fix-the-uninitialized-use-in-overcommit_policy_handler.patch
This patch should soon appear at
https://ozlabs.org/~akpm/mmots/broken-out/mm-fix-the-uninitialized-use-in-overcommit_policy_handler.patch
and later at
https://ozlabs.org/~akpm/mmotm/broken-out/mm-fix-the-uninitialized-use-in-overcommit_policy_handler.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Chen Jun <chenjun102@huawei.com>
Subject: mm: fix uninitialized use in overcommit_policy_handler
We get an unexpected value of /proc/sys/vm/overcommit_memory after running
the following program:
int main()
{
int fd = open("/proc/sys/vm/overcommit_memory", O_RDWR)
write(fd, "1", 1);
write(fd, "2", 1);
close(fd);
}
write(fd, "2", 1) will pass *ppos = 1 to proc_dointvec_minmax.
proc_dointvec_minmax will return 0 without setting new_policy.
t.data = &new_policy;
ret = proc_dointvec_minmax(&t, write, buffer, lenp, ppos)
-->do_proc_dointvec
-->__do_proc_dointvec
if (write) {
if (proc_first_pos_non_zero_ignore(ppos, table))
goto out;
sysctl_overcommit_memory = new_policy;
so sysctl_overcommit_memory will be set to an uninitialized value.
Check whether new_policy has been changed by proc_dointvec_minmax.
Link: https://lkml.kernel.org/r/20210923020524.13289-1-chenjun102@huawei.com
Fixes: 56f3547bfa4d ("mm: adjust vm_committed_as_batch according to vm overcommit policy"
Signed-off-by: Chen Jun <chenjun102@huawei.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Reviewed-by: Feng Tang <feng.tang@intel.com>
Cc: Rui Xiang <rui.xiang@huawei.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
mm/util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/mm/util.c~mm-fix-the-uninitialized-use-in-overcommit_policy_handler
+++ a/mm/util.c
@@ -787,7 +787,7 @@ int overcommit_policy_handler(struct ctl
size_t *lenp, loff_t *ppos)
{
struct ctl_table t;
- int new_policy;
+ int new_policy = -1;
int ret;
/*
@@ -805,7 +805,7 @@ int overcommit_policy_handler(struct ctl
t = *table;
t.data = &new_policy;
ret = proc_dointvec_minmax(&t, write, buffer, lenp, ppos);
- if (ret)
+ if (ret || new_policy == -1)
return ret;
mm_compute_batch(new_policy);
_
Patches currently in -mm which might be from chenjun102@huawei.com are
mm-fix-the-uninitialized-use-in-overcommit_policy_handler.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-09-24 2:22 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-24 2:22 + mm-fix-the-uninitialized-use-in-overcommit_policy_handler.patch added to -mm tree akpm
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).