The patch titled Subject: sysctl: returns -EINVAL when a negative value is passed to proc_doulongvec_minmax has been added to the -mm tree. Its filename is sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch This patch should soon appear at https://ozlabs.org/~akpm/mmots/broken-out/sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch and later at https://ozlabs.org/~akpm/mmotm/broken-out/sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Baokun Li <libaokun1@xxxxxxxxxx> Subject: sysctl: returns -EINVAL when a negative value is passed to proc_doulongvec_minmax When we pass a negative value to the proc_doulongvec_minmax() function, the function returns 0, but the corresponding interface value does not change. we can easily reproduce this problem with the following commands: cd /proc/sys/fs/epoll echo -1 > max_user_watches; echo $?; cat max_user_watches This function requires a non-negative number to be passed in, so when a negative number is passed in, -EINVAL is returned. Link: https://lkml.kernel.org/r/20211220092627.3744624-1-libaokun1@xxxxxxxxxx Signed-off-by: Baokun Li <libaokun1@xxxxxxxxxx> Reported-by: Hulk Robot <hulkci@xxxxxxxxxx> Acked-by: Luis Chamberlain <mcgrof@xxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- kernel/sysctl.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/kernel/sysctl.c~sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax +++ a/kernel/sysctl.c @@ -1144,10 +1144,11 @@ static int __do_proc_doulongvec_minmax(v err = proc_get_long(&p, &left, &val, &neg, proc_wspace_sep, sizeof(proc_wspace_sep), NULL); - if (err) + if (err || neg) { + err = -EINVAL; break; - if (neg) - continue; + } + val = convmul * val / convdiv; if ((min && val < *min) || (max && val > *max)) { err = -EINVAL; _ Patches currently in -mm which might be from libaokun1@xxxxxxxxxx are kfence-fix-memory-leak-when-cat-kfence-objects.patch sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch