lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Jun 2019 23:27:51 +0800 From: Zhiqiang Liu <liuzhiqiang26@...wei.com> To: Kees Cook <keescook@...omium.org>, <akpm@...ux-foundation.org> CC: <mcgrof@...nel.org>, <linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>, <ebiederm@...ssion.com>, <pbonzini@...hat.com>, <viro@...iv.linux.org.uk>, <adobriyan@...il.com>, <mingfangsen@...wei.com>, <wangxiaogang3@...wei.com>, "Zhoukang (A)" <zhoukang7@...wei.com>, <netdev@...r.kernel.org>, <netdev@...r.kernel.org> Subject: Re: [PATCH next] sysctl: add proc_dointvec_jiffies_minmax to limit the min/max write value > On Wed, May 15, 2019 at 10:53:55PM +0800, Zhiqiang Liu wrote: > > (Please include akpm on CC for next versions of this, as he's likely > the person to take this patch.) Thanks for your advice. And sorry to reply you so late. >>>> In proc_dointvec_jiffies func, the write value is only checked >>>> whether it is larger than INT_MAX. If the write value is less >>>> than zero, it can also be successfully writen in the data. > > This appears to be "be design", but I see many "unsigned int" users > that might be tricked into giant values... (for example, see > net/netfilter/nf_conntrack_standalone.c) > > Should proc_dointvec_jiffies() just be fixed to disallow negative values > entirely? Looking at the implementation, it seems to be very intentional > about accepting negative values. > > However, when I looked through a handful of proc_dointvec_jiffies() > users, it looks like they're all expecting a positive value. Many in the > networking subsystem are, in fact, writing to unsigned long variables, > as I mentioned. > I totally agree with you. And I also cannot find an scenario that expects negative values. Consideing the "negative" scenario may be exist, I add the proc_dointvec_jiffies_minmax like proc_dointvec_minmax. > Are there real-world cases of wanting to set a negative jiffie value > via proc_dointvec_jiffies()? Until now, I do not find such cases. >>>> >>>> Here, we add a new func, proc_dointvec_jiffies_minmax, to limit the >>>> min/max write value, which is similar to the proc_dointvec_minmax func. >>>> > > If proc_dointvec_jiffies() can't just be fixed, where will the new > function get used? It seems all the "unsigned int" users could benefit. > I tend to add the proc_dointvec_jiffies_minmax func to provide more choices and not change the previous use of proc_dointvec_jiffies func. Thanks for your reply again.
Powered by blists - more mailing lists