On Sun, Feb 10, 2019 at 09:39:43PM +0100, Christian Brauner wrote:
> Currently when userspace gives us a values that overflow e.g. file-max and
> other callers of __do_proc_doulongvec_minmax() we simply
> ignore the new value and leave the current value untouched. This can be
> problematic as it gives the illusion that the limit has indeed be bumped
> when in fact it failed.
> This commit makes sure to return EINVAL when an overflow is detected.
> Please note that this is a userspace facing change.
>
Acked-by: Luis Chamberlain <mcgrof@xxxxxxxxxx>
Luis
> Signed-off-by: Christian Brauner <christian@xxxxxxxxxx>
> ---
> /* Changelog */
> v4:
> - patch introduced
>
> v1-v3:
> - patch not present
> ---
> kernel/sysctl.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index c4a44b7ccb8a..516bc8a2812d 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -2846,8 +2846,10 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int
> if (neg)
> continue;
> val = convmul * val / convdiv;
> - if ((min && val < *min) || (max && val > *max))
> - continue;
> + if ((min && val < *min) || (max && val > *max)) {
> + err = -EINVAL;
> + break;
> + }
> *i = val;
> } else {
> val = convdiv * (*i) / convmul;
> --
> 2.20.1
>
