Re: + sysctl-error-on-bad-sysctl-tables.patch added to -mm tree

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alexey Dobriyan <adobriyan@sw.ru>
To: akpm@linux-foundation.org
Cc: linux-kernel@vger.kernel.org, ebiederm@xmission.com
Subject: Re: + sysctl-error-on-bad-sysctl-tables.patch added to -mm tree
Date: Fri, 10 Aug 2007 12:09:52 +0400	[thread overview]
Message-ID: <20070810080952.GA6670@localhost.sw.ru> (raw)
In-Reply-To: <200708092211.l79MBoVR022139@imap1.linux-foundation.org>

On Thu, Aug 09, 2007 at 03:11:50PM -0700, akpm@linux-foundation.org wrote:
> Subject: sysctl: Error on bad sysctl tables
> From: Eric W. Biederman <ebiederm@xmission.com>
> 
> After going through the kernels sysctl tables several times it has become
> clear that code review and testing is just not effective in prevent
> problematic sysctl tables from being used in the stable kernel.  I certainly
> can't seem to fix the problems as fast as they are introduced.
> 
> Therefore this patch adds sysctl_check_table which is called when a sysctl
> table is registered and checks to see if we have a problematic sysctl table.
> 
> The biggest part of the code is the table of valid binary sysctl entries, but
> since we have frozen our set of binary sysctls this table should not need to
> change, and it makes it much easier to detect when someone unintentionally
> adds a new binary sysctl value.
> 
> As best as I can determine all of the several hundred errors spewed on boot up
> now are legitimate.

It gives false positive on kernel.pty.nr:

	sysctl table check failed: /kernel/pty/nr .1.62.2 No data

However, ->data is set in unix98_pty_init().

next prev parent reply	other threads:[~2007-08-10  8:10 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-08-09 22:11 + sysctl-error-on-bad-sysctl-tables.patch added to -mm tree akpm
2007-08-10  8:09 ` Alexey Dobriyan [this message]
2007-08-10  9:22   ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070810080952.GA6670@localhost.sw.ru \
    --to=adobriyan@sw.ru \
    --cc=akpm@linux-foundation.org \
    --cc=ebiederm@xmission.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.