| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ffef8850-7523-ad63-165d-2bde9a98e340@etsukata.com>
Date: Tue, 25 Jun 2019 13:40:05 +0900
From: Eiichi Tsukata <devel@...ukata.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: jslaby@...e.com, davem@...emloft.net, kuznet@....inr.ac.ru,
yoshfuji@...ux-ipv6.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH 1/2] tty: ldisc: Fix misuse of proc_dointvec
"ldisc_autoload"
On 2019/06/25 12:32, Greg KH wrote:
> On Tue, Jun 25, 2019 at 12:08:00PM +0900, Eiichi Tsukata wrote:
>> /proc/sys/dev/tty/ldisc_autoload assumes given value to be 0 or 1. Use
>> proc_dointvec_minmax instead of proc_dointvec.
>>
>> Fixes: 7c0cca7c847e "(tty: ldisc: add sysctl to prevent autoloading of ldiscs)"
>> Signed-off-by: Eiichi Tsukata <devel@...ukata.com>
>> ---
>> drivers/tty/tty_ldisc.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/tty/tty_ldisc.c b/drivers/tty/tty_ldisc.c
>> index e38f104db174..a8ea7a35c94e 100644
>> --- a/drivers/tty/tty_ldisc.c
>> +++ b/drivers/tty/tty_ldisc.c
>> @@ -863,7 +863,7 @@ static struct ctl_table tty_table[] = {
>> .data = &tty_ldisc_autoload,
>> .maxlen = sizeof(tty_ldisc_autoload),
>> .mode = 0644,
>> - .proc_handler = proc_dointvec,
>> + .proc_handler = proc_dointvec_minmax,
>> .extra1 = &zero,
>> .extra2 = &one,
>
> Ah, nice catch. But this really isn't an issue as if you use a bigger
> value, things will not "break", right?
>
Someone may misuse -1 to disable ldisc autoload, but basically it does not
"break".
Thanks,
Eiichi
Powered by blists - more mailing lists