[PATCH 5/6] sysctl: ensure sysctl_nr_open is not greater than files_stat.max_files

Jinliang Zheng <alexjlzheng@xxxxxxxxx> · Sun, 24 Nov 2024 02:13:08 +0800

Introduce proc_douintvec_nropen_minmax(), ensure the value of
sysctl_nr_open is not greater than files_stat.max_files.

Signed-off-by: Jinliang Zheng <alexjlzheng@xxxxxxxxxxx>
---
 fs/file_table.c        |  2 +-
 include/linux/sysctl.h |  2 ++
 kernel/sysctl.c        | 21 +++++++++++++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/fs/file_table.c b/fs/file_table.c
index 01faa9c2869e..43838354ce6d 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -128,7 +128,7 @@ static struct ctl_table fs_stat_sysctls[] = {
 		.data		= &sysctl_nr_open,
 		.maxlen		= sizeof(unsigned int),
 		.mode		= 0644,
-		.proc_handler	= proc_douintvec_minmax,
+		.proc_handler	= proc_douintvec_nropen_minmax,
 		.extra1		= &sysctl_nr_open_min,
 		.extra2		= &sysctl_nr_open_max,
 	},
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 4ecf945de956..ed7400841f82 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -72,6 +72,8 @@ int proc_douintvec(const struct ctl_table *, int, void *, size_t *, loff_t *);
 int proc_dointvec_minmax(const struct ctl_table *, int, void *, size_t *, loff_t *);
 int proc_douintvec_minmax(const struct ctl_table *table, int write, void *buffer,
 		size_t *lenp, loff_t *ppos);
+int proc_douintvec_nropen_minmax(const struct ctl_table *, int, void *,
+		size_t *, loff_t *);
 int proc_dou8vec_minmax(const struct ctl_table *table, int write, void *buffer,
 			size_t *lenp, loff_t *ppos);
 int proc_dointvec_jiffies(const struct ctl_table *, int, void *, size_t *, loff_t *);
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 5ee2bfc7fcbe..d8ce18368ab3 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -944,6 +944,27 @@ int proc_douintvec_minmax(const struct ctl_table *table, int write,
 				 do_proc_douintvec_minmax_conv, &param);
 }
 
+/*
+ * Used for 'sysctl -w fs.nr_open', ensuring its value will not be greater
+ * than files_stat.max_files.
+ */
+int proc_douintvec_nropen_minmax(const struct ctl_table *table, int write,
+		void *buffer, size_t *lenp, loff_t *ppos)
+{
+	unsigned int file_max;
+	struct do_proc_douintvec_minmax_conv_param param = {
+		.min = (unsigned int *) table->extra1,
+		.max = (unsigned int *) table->extra2,
+	};
+
+	file_max = min_t(unsigned int, files_stat.max_files,
+			*(unsigned int *)table->extra2);
+	if (write)
+		param.max = &file_max;
+	return do_proc_douintvec(table, write, buffer, lenp, ppos,
+				 do_proc_douintvec_minmax_conv, &param);
+}
+
 /**
  * proc_dou8vec_minmax - read a vector of unsigned chars with min/max values
  * @table: the sysctl table
-- 
2.41.1








