* [PATCH] sysctl: Handle error writing UINT_MAX to u32 fields
@ 2016-06-18 1:12 Subash Abhinov Kasiviswanathan
2016-06-18 2:07 ` kbuild test robot
0 siblings, 1 reply; 2+ messages in thread
From: Subash Abhinov Kasiviswanathan @ 2016-06-18 1:12 UTC (permalink / raw)
To: linux-mm; +Cc: Subash Abhinov Kasiviswanathan, Heinrich Schuchardt
We have scripts which write to certain fields on 3.18 kernels but
this seems to be failing on 4.4 kernels. An entry which we write
to here is xfrm_aevent_rseqth which is u32.
echo 4294967295 > /proc/sys/net/core/xfrm_aevent_rseqth
Commit 230633d109e35b0a24277498e773edeb79b4a331 ("kernel/sysctl.c:
detect overflows when converting to int") prevented writing to
sysctl entries when integer overflow occurs.
However, this does not apply to unsigned integers.
Heinrich suggested that we introduce a new option to handle 64 bit
limits and set min as 0 and max as UINT_MAX. This might not work
as it leads to issues similar to __do_proc_doulongvec_minmax.
static int __do_proc_doulongvec_minmax(void *data, struct ctl_table
{
i = (unsigned long *) data; //This cast is causing to
read beyond the size of data (u32)
vleft = table->maxlen / sizeof(unsigned long); //vleft is 0
because maxlen is sizeof(u32) which is lesser than sizeof(unsigned
long) on x86_64.
Introduce a new proc handler proc_douintvec. Sample output when
changing the proc_handler of xfrm_aevent_rseqth
dev0# cat /proc/sys/net/core/xfrm_aevent_rseqth
2
dev0# echo 4294967295 > /proc/sys/net/core/xfrm_aevent_rseqth
dev0# cat /proc/sys/net/core/xfrm_aevent_rseqth
4294967295
dev0#
dev0# echo -1 > /proc/sys/net/core/xfrm_aevent_rseqth
bash: echo: write error: Invalid argument
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
---
include/linux/sysctl.h | 2 ++
kernel/sysctl.c | 32 ++++++++++++++++++++++++++++++++
2 files changed, 34 insertions(+)
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index fa7bc29..ef17db6c 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -41,6 +41,8 @@ extern int proc_dostring(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
extern int proc_dointvec(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
+extern int proc_douintvec(struct ctl_table *, int,
+ void __user *, size_t *, loff_t *);
extern int proc_dointvec_minmax(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
extern int proc_dointvec_jiffies(struct ctl_table *, int,
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 87b2fc3..72b0248 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -2122,6 +2122,21 @@ static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
return 0;
}
+static int do_proc_douintvec_conv(bool *negp, unsigned long *lvalp,
+ int *valp,
+ int write, void *data)
+{
+ if (write) {
+ if (*negp)
+ return -EINVAL;
+ *valp = *lvalp;
+ } else {
+ unsigned int val = *valp;
+ *lvalp = (unsigned long)val;
+ }
+ return 0;
+}
+
static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
@@ -2245,6 +2260,16 @@ int proc_dointvec(struct ctl_table *table, int write,
NULL,NULL);
}
+/**
+ * proc_douintvec - read a vector of unsigned integers
+ */
+int proc_douintvec(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ return do_proc_dointvec(table,write,buffer,lenp,ppos,
+ do_proc_douintvec_conv, NULL);
+}
+
/*
* Taint values can only be increased
* This means we can safely use a temporary.
@@ -2840,6 +2865,12 @@ int proc_dointvec(struct ctl_table *table, int write,
return -ENOSYS;
}
+int proc_douintvec(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ return -ENOSYS;
+}
+
int proc_dointvec_minmax(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos)
{
@@ -2885,6 +2916,7 @@ int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
* exception granted :-)
*/
EXPORT_SYMBOL(proc_dointvec);
+EXPORT_SYMBOL(proc_douintvec);
EXPORT_SYMBOL(proc_dointvec_jiffies);
EXPORT_SYMBOL(proc_dointvec_minmax);
EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
--
1.9.1
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] sysctl: Handle error writing UINT_MAX to u32 fields
2016-06-18 1:12 [PATCH] sysctl: Handle error writing UINT_MAX to u32 fields Subash Abhinov Kasiviswanathan
@ 2016-06-18 2:07 ` kbuild test robot
0 siblings, 0 replies; 2+ messages in thread
From: kbuild test robot @ 2016-06-18 2:07 UTC (permalink / raw)
To: Subash Abhinov Kasiviswanathan; +Cc: kbuild-all, linux-mm, Heinrich Schuchardt
[-- Attachment #1: Type: text/plain, Size: 4308 bytes --]
Hi,
[auto build test WARNING on v4.7-rc3]
[also build test WARNING on next-20160617]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Subash-Abhinov-Kasiviswanathan/sysctl-Handle-error-writing-UINT_MAX-to-u32-fields/20160618-091421
reproduce: make htmldocs
All warnings (new ones prefixed by >>):
>> kernel/sysctl.c:2268: warning: No description found for parameter 'table'
>> kernel/sysctl.c:2268: warning: No description found for parameter 'write'
>> kernel/sysctl.c:2268: warning: No description found for parameter 'buffer'
>> kernel/sysctl.c:2268: warning: No description found for parameter 'lenp'
>> kernel/sysctl.c:2268: warning: No description found for parameter 'ppos'
include/linux/jbd2.h:442: warning: No description found for parameter 'i_transaction'
include/linux/jbd2.h:442: warning: No description found for parameter 'i_next_transaction'
include/linux/jbd2.h:442: warning: No description found for parameter 'i_list'
include/linux/jbd2.h:442: warning: No description found for parameter 'i_vfs_inode'
include/linux/jbd2.h:442: warning: No description found for parameter 'i_flags'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_rsv_handle'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_reserved'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_type'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_line_no'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_start_jiffies'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_requested_credits'
include/linux/jbd2.h:498: warning: No description found for parameter 'h_lockdep_map'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_chkpt_bhs[JBD2_NR_BATCH]'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_devname[BDEVNAME_SIZE+24]'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_average_commit_time'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_min_batch_time'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_max_batch_time'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_commit_callback'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_failed_commit'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_chksum_driver'
include/linux/jbd2.h:1038: warning: No description found for parameter 'j_csum_seed'
fs/jbd2/transaction.c:429: warning: No description found for parameter 'rsv_blocks'
fs/jbd2/transaction.c:429: warning: No description found for parameter 'gfp_mask'
fs/jbd2/transaction.c:429: warning: No description found for parameter 'type'
fs/jbd2/transaction.c:429: warning: No description found for parameter 'line_no'
fs/jbd2/transaction.c:505: warning: No description found for parameter 'type'
fs/jbd2/transaction.c:505: warning: No description found for parameter 'line_no'
fs/jbd2/transaction.c:635: warning: No description found for parameter 'gfp_mask'
vim +/table +2268 kernel/sysctl.c
2252 * values from/to the user buffer, treated as an ASCII string.
2253 *
2254 * Returns 0 on success.
2255 */
2256 int proc_dointvec(struct ctl_table *table, int write,
2257 void __user *buffer, size_t *lenp, loff_t *ppos)
2258 {
2259 return do_proc_dointvec(table,write,buffer,lenp,ppos,
2260 NULL,NULL);
2261 }
2262
2263 /**
2264 * proc_douintvec - read a vector of unsigned integers
2265 */
2266 int proc_douintvec(struct ctl_table *table, int write,
2267 void __user *buffer, size_t *lenp, loff_t *ppos)
> 2268 {
2269 return do_proc_dointvec(table,write,buffer,lenp,ppos,
2270 do_proc_douintvec_conv, NULL);
2271 }
2272
2273 /*
2274 * Taint values can only be increased
2275 * This means we can safely use a temporary.
2276 */
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/octet-stream, Size: 6370 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-06-18 2:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-06-18 1:12 [PATCH] sysctl: Handle error writing UINT_MAX to u32 fields Subash Abhinov Kasiviswanathan
2016-06-18 2:07 ` kbuild test robot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox