| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTim5k4zaqVR3EEua1YRF5z4F8nRhDxr61cvg0=6x@mail.gmail.com>
Date: Thu, 3 Mar 2011 09:47:12 +0800
From: Dave Young <hidave.darkstar@...il.com>
To: Petr Holasek <pholasek@...hat.com>
Cc: linux-kernel@...r.kernel.org, anton@...hat.com,
Alexander Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
Ingo Molnar <mingo@...e.hu>,
David Miller <davem@...emloft.net>,
Don Zickus <dzickus@...hat.com>, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH] sysctl: some input constraints checks were added for
/proc/sys/vm directory
On Thu, Mar 3, 2011 at 12:16 AM, Petr Holasek <pholasek@...hat.com> wrote:
> There were added boundaries of allowed input ranges for: dirty_expire_centisecs,
> drop_caches, overcommit_memory, page-cluster and panic_on_oom.
>
> Signed-off-by: Petr Holasek <pholasek@...hat.com>
> ---
> fs/drop_caches.c | 6 +++++-
> kernel/sysctl.c | 17 +++++++++++++----
> 2 files changed, 18 insertions(+), 5 deletions(-)
>
> diff --git a/fs/drop_caches.c b/fs/drop_caches.c
> index 2195c21..8e61858 100644
> --- a/fs/drop_caches.c
> +++ b/fs/drop_caches.c
> @@ -45,7 +45,11 @@ static void drop_slab(void)
> int drop_caches_sysctl_handler(ctl_table *table, int write,
> void __user *buffer, size_t *length, loff_t *ppos)
> {
> - proc_dointvec_minmax(table, write, buffer, length, ppos);
> + int ret;
> +
> + ret = proc_dointvec_minmax(table, write, buffer, length, ppos);
> + if (ret)
> + return ret;
s/space/tab, otherwise Acked-by: Dave Young <hidave.darkstar@...il.com>
> if (write) {
> if (sysctl_drop_caches & 1)
> iterate_supers(drop_pagecache_sb, NULL);
> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index 0f1bd83..e0a4d50 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -117,6 +117,7 @@ static int neg_one = -1;
> static int zero;
> static int __maybe_unused one = 1;
> static int __maybe_unused two = 2;
> +static int __maybe_unused three = 3;
> static unsigned long one_ul = 1;
> static int one_hundred = 100;
> #ifdef CONFIG_PRINTK
> @@ -978,14 +979,18 @@ static struct ctl_table vm_table[] = {
> .data = &sysctl_overcommit_memory,
> .maxlen = sizeof(sysctl_overcommit_memory),
> .mode = 0644,
> - .proc_handler = proc_dointvec,
> + .proc_handler = proc_dointvec_minmax,
> + .extra1 = &zero,
> + .extra2 = &two,
> },
> {
> .procname = "panic_on_oom",
> .data = &sysctl_panic_on_oom,
> .maxlen = sizeof(sysctl_panic_on_oom),
> .mode = 0644,
> - .proc_handler = proc_dointvec,
> + .proc_handler = proc_dointvec_minmax,
> + .extra1 = &zero,
> + .extra2 = &two,
> },
> {
> .procname = "oom_kill_allocating_task",
> @@ -1013,7 +1018,8 @@ static struct ctl_table vm_table[] = {
> .data = &page_cluster,
> .maxlen = sizeof(int),
> .mode = 0644,
> - .proc_handler = proc_dointvec,
> + .proc_handler = proc_dointvec_minmax,
> + .extra1 = &zero,
> },
> {
> .procname = "dirty_background_ratio",
> @@ -1061,7 +1067,8 @@ static struct ctl_table vm_table[] = {
> .data = &dirty_expire_interval,
> .maxlen = sizeof(dirty_expire_interval),
> .mode = 0644,
> - .proc_handler = proc_dointvec,
> + .proc_handler = proc_dointvec_minmax,
> + .extra1 = &zero,
> },
> {
> .procname = "nr_pdflush_threads",
> @@ -1137,6 +1144,8 @@ static struct ctl_table vm_table[] = {
> .maxlen = sizeof(int),
> .mode = 0644,
> .proc_handler = drop_caches_sysctl_handler,
> + .extra1 = &one,
> + .extra2 = &three,
> },
> #ifdef CONFIG_COMPACTION
> {
> --
> 1.7.1
>
>
--
Regards
dave
Powered by blists - more mailing lists