[PATCH] iouring:added boundary value check for io_uring_group systl

Subramanya Swamy <subramanya.swamy.linux@xxxxxxxxx> · Mon, 15 Jan 2024 12:49:25 +0000

/proc/sys/kernel/io_uring_group takes gid as input
added boundary value check to accept gid in range of
0<=gid<=4294967294 & Documentation is updated for same

Signed-off-by: Subramanya Swamy <subramanya.swamy.linux@xxxxxxxxx>
---
 Documentation/admin-guide/sysctl/kernel.rst | 9 ++++-----
 io_uring/io_uring.c                         | 8 ++++++--
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst
index 6584a1f9bfe3..3f96007aa971 100644
--- a/Documentation/admin-guide/sysctl/kernel.rst
+++ b/Documentation/admin-guide/sysctl/kernel.rst
@@ -469,11 +469,10 @@ shrinks the kernel's attack surface.
 io_uring_group
 ==============
 
-When io_uring_disabled is set to 1, a process must either be
-privileged (CAP_SYS_ADMIN) or be in the io_uring_group group in order
-to create an io_uring instance.  If io_uring_group is set to -1 (the
-default), only processes with the CAP_SYS_ADMIN capability may create
-io_uring instances.
+When io_uring_disabled is set to 1, only processes with the
+CAP_SYS_ADMIN may create io_uring instances or process must be in the
+io_uring_group group in order to create an io_uring_instance.
+io_uring_group is set to 0.This is the default setting.
 
 
 kexec_load_disabled
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index 09b6d860deba..0ed91b69643d 100644
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -146,7 +146,9 @@ static void io_queue_sqe(struct io_kiocb *req);
 struct kmem_cache *req_cachep;
 
 static int __read_mostly sysctl_io_uring_disabled;
-static int __read_mostly sysctl_io_uring_group = -1;
+static unsigned int __read_mostly sysctl_io_uring_group;
+static unsigned int min_gid;
+static unsigned int max_gid  = 4294967294;  /*4294967294 is the max guid*/
 
 #ifdef CONFIG_SYSCTL
 static struct ctl_table kernel_io_uring_disabled_table[] = {
@@ -164,7 +166,9 @@ static struct ctl_table kernel_io_uring_disabled_table[] = {
 		.data		= &sysctl_io_uring_group,
 		.maxlen		= sizeof(gid_t),
 		.mode		= 0644,
-		.proc_handler	= proc_dointvec,
+		.proc_handler	= proc_douintvec_minmax,
+		.extra1         = &min_gid,
+		.extra2         = &max_gid,
 	},
 	{},
 };
-- 
2.34.1








