The patch titled
Subject: sysctl: returns -EINVAL when a negative value is passed to proc_doulongvec_minmax
has been added to the -mm tree. Its filename is
sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch
This patch should soon appear at
https://ozlabs.org/~akpm/mmots/broken-out/sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch
and later at
https://ozlabs.org/~akpm/mmotm/broken-out/sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Baokun Li <libaokun1@xxxxxxxxxx>
Subject: sysctl: returns -EINVAL when a negative value is passed to proc_doulongvec_minmax
When we pass a negative value to the proc_doulongvec_minmax() function,
the function returns 0, but the corresponding interface value does not
change.
we can easily reproduce this problem with the following commands:
cd /proc/sys/fs/epoll
echo -1 > max_user_watches; echo $?; cat max_user_watches
This function requires a non-negative number to be passed in, so when
a negative number is passed in, -EINVAL is returned.
Link: https://lkml.kernel.org/r/20211220092627.3744624-1-libaokun1@xxxxxxxxxx
Signed-off-by: Baokun Li <libaokun1@xxxxxxxxxx>
Reported-by: Hulk Robot <hulkci@xxxxxxxxxx>
Acked-by: Luis Chamberlain <mcgrof@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
kernel/sysctl.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
--- a/kernel/sysctl.c~sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax
+++ a/kernel/sysctl.c
@@ -1144,10 +1144,11 @@ static int __do_proc_doulongvec_minmax(v
err = proc_get_long(&p, &left, &val, &neg,
proc_wspace_sep,
sizeof(proc_wspace_sep), NULL);
- if (err)
+ if (err || neg) {
+ err = -EINVAL;
break;
- if (neg)
- continue;
+ }
+
val = convmul * val / convdiv;
if ((min && val < *min) || (max && val > *max)) {
err = -EINVAL;
_
Patches currently in -mm which might be from libaokun1@xxxxxxxxxx are
kfence-fix-memory-leak-when-cat-kfence-objects.patch
sysctl-returns-einval-when-a-negative-value-is-passed-to-proc_doulongvec_minmax.patch
