On Sat, Mar 28, 2020 at 02:52:55PM -0700, Kees Cook wrote:
> On Sat, Mar 28, 2020 at 10:14:53PM +0100, Alexey Gladkov wrote:
> > On Sat, Mar 28, 2020 at 01:28:28PM -0700, Kees Cook wrote:
> > > On Fri, Mar 27, 2020 at 06:23:30PM +0100, Alexey Gladkov wrote:
> > > > [...]
> > > > + if (!kstrtouint(param->string, base, &result.uint_32)) {
> > > > + ctx->hidepid = result.uint_32;
> > >
> > > This need to bounds-check the value with a call to valid_hidepid(), yes?
> >
> > The kstrtouint returns 0 on success and -ERANGE on overflow [1].
>
> No, I mean, hidepid cannot be just any uint32 value. It must be in the
> enum. Is that checked somewhere else? It looked like the call to
> valid_hidepid() was removed.
The valid_hidepid() is called after parsing the hidepid parameter value.
Yes, it can be called inside this condition.
--
Rgrds, legion
