On 05/07/2018 06:39 PM, Luis R. Rodriguez wrote: > On Mon, May 07, 2018 at 04:59:09PM -0400, Waiman Long wrote: >> A user can write arbitrary integer values to msgmni and shmmni sysctl >> parameters without getting error, but the actual limit is really >> IPCMNI (32k). This can mislead users as they think they can get a >> value that is not real. >> >> The right limits are now set for msgmni and shmmni so that the users >> will become aware if they set a value outside of the acceptable range. >> >> Signed-off-by: Waiman Long <longman@xxxxxxxxxx> >> --- >> ipc/ipc_sysctl.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c >> index 8ad93c2..f87cb29 100644 >> --- a/ipc/ipc_sysctl.c >> +++ b/ipc/ipc_sysctl.c >> @@ -99,6 +99,7 @@ static int proc_ipc_auto_msgmni(struct ctl_table *table, int write, >> static int zero; >> static int one = 1; >> static int int_max = INT_MAX; >> +static int ipc_mni = IPCMNI; >> >> static struct ctl_table ipc_kern_table[] = { >> { >> @@ -120,7 +121,9 @@ static int proc_ipc_auto_msgmni(struct ctl_table *table, int write, >> .data = &init_ipc_ns.shm_ctlmni, >> .maxlen = sizeof(init_ipc_ns.shm_ctlmni), >> .mode = 0644, >> - .proc_handler = proc_ipc_dointvec, >> + .proc_handler = proc_ipc_dointvec_minmax, >> + .extra1 = &zero, >> + .extra2 = &ipc_mni, >> }, >> { >> .procname = "shm_rmid_forced", >> @@ -147,7 +150,7 @@ static int proc_ipc_auto_msgmni(struct ctl_table *table, int write, >> .mode = 0644, >> .proc_handler = proc_ipc_dointvec_minmax, >> .extra1 = &zero, >> - .extra2 = &int_max, >> + .extra2 = &ipc_mni, >> }, >> { >> .procname = "auto_msgmni", >> -- >> 1.8.3.1 > It seems negative values are not allowed, if true then having > a caller to use proc_douintvec_minmax() would help with ensuring > no invalid negative input values are used as well. > > Luis Negative value doesn't mean sense here. So it is true that we can use proc_douintvec_minmax() instead. However, the data types themselves are defined as "int". So I think it is better to keep using proc_dointvec_minmax() to be consistent with the data type. Cheers, Longman