From: Luis Chamberlain <mcgrof@kernel.org>
To: Christian Brauner <christian@brauner.io>
Cc: akpm@linux-foundation.org, keescook@chromium.org,
linux-kernel@vger.kernel.org, ebiederm@xmission.com,
joe.lawrence@redhat.com, longman@redhat.com,
linux@dominikbrodowski.net, viro@zeniv.linux.org.uk,
adobriyan@gmail.com, linux-api@vger.kernel.org
Subject: Re: [RFC PATCH v4 3/3] sysctl: return -EINVAL if val violates minmax
Date: Mon, 11 Feb 2019 11:50:25 -0800 [thread overview]
Message-ID: <20190211195025.GT11489@garbanzo.do-not-panic.com> (raw)
In-Reply-To: <20190210203943.8227-4-christian@brauner.io>
On Sun, Feb 10, 2019 at 09:39:43PM +0100, Christian Brauner wrote:
> Currently when userspace gives us a values that overflow e.g. file-max and
> other callers of __do_proc_doulongvec_minmax() we simply
> ignore the new value and leave the current value untouched. This can be
> problematic as it gives the illusion that the limit has indeed be bumped
> when in fact it failed.
> This commit makes sure to return EINVAL when an overflow is detected.
> Please note that this is a userspace facing change.
>
Acked-by: Luis Chamberlain <mcgrof@kernel.org>
Luis
> Signed-off-by: Christian Brauner <christian@brauner.io>
> ---
> /* Changelog */
> v4:
> - patch introduced
>
> v1-v3:
> - patch not present
> ---
> kernel/sysctl.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index c4a44b7ccb8a..516bc8a2812d 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -2846,8 +2846,10 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int
> if (neg)
> continue;
> val = convmul * val / convdiv;
> - if ((min && val < *min) || (max && val > *max))
> - continue;
> + if ((min && val < *min) || (max && val > *max)) {
> + err = -EINVAL;
> + break;
> + }
> *i = val;
> } else {
> val = convdiv * (*i) / convmul;
> --
> 2.20.1
>
prev parent reply other threads:[~2019-02-11 19:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-10 20:39 [PATCH v4 0/3] sysctl: handle overflow for file-max Christian Brauner
2019-02-10 20:39 ` [PATCH v4 1/3] sysctl: handle overflow in proc_get_long Christian Brauner
2019-02-10 20:39 ` [PATCH v4 2/3] sysctl: handle overflow for file-max Christian Brauner
2019-02-10 20:39 ` [RFC PATCH v4 3/3] sysctl: return -EINVAL if val violates minmax Christian Brauner
2019-02-11 19:50 ` Luis Chamberlain [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190211195025.GT11489@garbanzo.do-not-panic.com \
--to=mcgrof@kernel.org \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=christian@brauner.io \
--cc=ebiederm@xmission.com \
--cc=joe.lawrence@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=longman@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.