On Thu, Mar 01, 2018 at 12:43:39PM -0500, Waiman Long wrote:
> A user can write arbitrary integer values to msgmni and shmmni sysctl
> parameters without getting error, but the actual limit is really
> IPCMNI (32k). This can mislead users as they think they can get a
> value that is not real.
>
> Enforcing the limit by failing the sysctl parameter write, however,
> can break existing user applications. Instead, the range clamping flag
> is set to enforce the limit without failing existing user code. Users
> can easily figure out if the sysctl parameter value is out of range
> by either reading back the parameter value or checking the kernel
> ring buffer for warning.
>
> Signed-off-by: Waiman Long <longman@xxxxxxxxxx>
> ---
> ipc/ipc_sysctl.c | 20 +++++++++++++++++---
> 1 file changed, 17 insertions(+), 3 deletions(-)
>
> diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c
> index 8ad93c2..8eb7268 100644
> --- a/ipc/ipc_sysctl.c
> +++ b/ipc/ipc_sysctl.c
> @@ -41,12 +41,21 @@ static int proc_ipc_dointvec(struct ctl_table *table, int write,
> static int proc_ipc_dointvec_minmax(struct ctl_table *table, int write,
> void __user *buffer, size_t *lenp, loff_t *ppos)
> {
> + int ret;
> struct ctl_table ipc_table;
>
> memcpy(&ipc_table, table, sizeof(ipc_table));
> ipc_table.data = get_ipc(table);
>
> - return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
> + ret = proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
> +
> + /*
> + * Copy back the CTL_FLAGS_OOR_WARNED flag which may be set in
> + * the temporary ctl_table entry.
> + */
> + table->flags |= (ipc_table.flags & CTL_FLAGS_OOR_WARNED);
Again, why is this needed? Cant' we do this for the developer somehow?
Seems fragile, and if we can do it why not?
Luis
