lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Sun, 29 Nov 2009 23:59:20 -0500
From:	Amerigo Wang <amwang@...hat.com>
To:	linux-kernel@...r.kernel.org
Cc:	Jan Engelhardt <jengelh@...ozas.de>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Amerigo Wang <amwang@...hat.com>,
	James Morris <jmorris@...ei.org>, akpm@...ux-foundation.org,
	stable@...nel.org, Ingo Molnar <mingo@...e.hu>
Subject: [Patch] 'sysctl_max_map_count' should be non-negative


Jan Engelhardt reported we have this problem:

setting max_map_count to a value large enough results in programs dying
at first try.
This is on 2.6.31.6.

15:59 borg:/proc/sys/vm # echo $[1<<31-1] >max_map_count
15:59 borg:/proc/sys/vm # cat max_map_count
1073741824
15:59 borg:/proc/sys/vm # echo $[1<<31] >max_map_count
15:59 borg:/proc/sys/vm # cat max_map_count
Killed


This is because we have a chance to make 'max_map_count' negative.
but it's meaningless. Make it only accept non-negative values.

Reported-by: Jan Engelhardt <jengelh@...ozas.de>
Signed-off-by: WANG Cong <amwang@...hat.com>
Cc: Ingo Molnar <mingo@...e.hu>
Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>
Cc: James Morris <jmorris@...ei.org>
Cc: Alexey Dobriyan <adobriyan@...il.com>
Cc: stable@...nel.org

---
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 0d949c5..212360e 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -1245,7 +1245,8 @@ static struct ctl_table vm_table[] = {
 		.data		= &sysctl_max_map_count,
 		.maxlen		= sizeof(sysctl_max_map_count),
 		.mode		= 0644,
-		.proc_handler	= &proc_dointvec
+		.proc_handler	= &proc_dointvec_minmax,
+		.extra1		= &zero,
 	},
 #else
 	{
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ