From: "Luis R. Rodriguez" <mcgrof@kernel.org>
To: viro@zeniv.linux.org.uk, akpm@linux-foundation.org,
ebiederm@xmission.com, keescook@chromium.org, acme@redhat.com,
mingo@kernel.org, mgorman@suse.de, subashab@codeaurora.org
Cc: jeyu@redhat.com, rusty@rustcorp.com.au, swhiteho@redhat.com,
deepa.kernel@gmail.com, matt@codeblueprint.co.uk,
adobriyan@gmail.com, bp@suse.de, zlpnobody@gmail.com,
dmitry.torokhov@gmail.com, shuah@kernel.org,
torvalds@linux-foundation.org, linux@roeck-us.net,
linux-kernel@vger.kernel.org,
"Luis R. Rodriguez" <mcgrof@kernel.org>,
Heinrich Schuchardt <xypron.glpk@gmx.de>,
"David S. Miller" <davem@davemloft.net>,
Ingo Molnar <mingo@redhat.com>
Subject: [PATCH v3 5/5] sysctl: add unsigned int range support
Date: Thu, 18 May 2017 20:35:54 -0700 [thread overview]
Message-ID: <20170519033554.18592-6-mcgrof@kernel.org> (raw)
In-Reply-To: <20170519033554.18592-1-mcgrof@kernel.org>
To keep parity with regular int interfaces provide the an unsigned
int proc_douintvec_minmax() which allows you to specify a range of
allowed valid numbers.
Adding proc_douintvec_minmax_sysadmin() is easy but we can wait for
an actual user for that.
Cc: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org>
---
fs/proc/proc_sysctl.c | 4 ++-
include/linux/sysctl.h | 3 +++
kernel/sysctl.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 72 insertions(+), 1 deletion(-)
diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
index ee6feba8b6c0..8f9d564d0969 100644
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -1065,7 +1065,8 @@ static int sysctl_check_table_array(const char *path, struct ctl_table *table)
{
int err = 0;
- if (table->proc_handler == proc_douintvec) {
+ if ((table->proc_handler == proc_douintvec) ||
+ (table->proc_handler == proc_douintvec_minmax)) {
if (table->maxlen != sizeof(unsigned int))
err |= sysctl_err(path, table, "array now allowed");
}
@@ -1083,6 +1084,7 @@ static int sysctl_check_table(const char *path, struct ctl_table *table)
if ((table->proc_handler == proc_dostring) ||
(table->proc_handler == proc_dointvec) ||
(table->proc_handler == proc_douintvec) ||
+ (table->proc_handler == proc_douintvec_minmax) ||
(table->proc_handler == proc_dointvec_minmax) ||
(table->proc_handler == proc_dointvec_jiffies) ||
(table->proc_handler == proc_dointvec_userhz_jiffies) ||
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 80d07816def0..225001d437ae 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -47,6 +47,9 @@ extern int proc_douintvec(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
extern int proc_dointvec_minmax(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
+extern int proc_douintvec_minmax(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp,
+ loff_t *ppos);
extern int proc_dointvec_jiffies(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
extern int proc_dointvec_userhz_jiffies(struct ctl_table *, int,
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index d12078fc215f..df9f2a367882 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -2567,6 +2567,65 @@ int proc_dointvec_minmax(struct ctl_table *table, int write,
do_proc_dointvec_minmax_conv, ¶m);
}
+struct do_proc_douintvec_minmax_conv_param {
+ unsigned int *min;
+ unsigned int *max;
+};
+
+static int do_proc_douintvec_minmax_conv(unsigned long *lvalp,
+ unsigned int *valp,
+ int write, void *data)
+{
+ struct do_proc_douintvec_minmax_conv_param *param = data;
+
+ if (write) {
+ unsigned int val = *lvalp;
+
+ if ((param->min && *param->min > val) ||
+ (param->max && *param->max < val))
+ return -ERANGE;
+
+ if (*lvalp > UINT_MAX)
+ return -EINVAL;
+ *valp = val;
+ } else {
+ unsigned int val = *valp;
+ *lvalp = (unsigned long) val;
+ }
+
+ return 0;
+}
+
+/**
+ * proc_douintvec_minmax - read a vector of unsigned ints with min/max values
+ * @table: the sysctl table
+ * @write: %TRUE if this is a write to the sysctl file
+ * @buffer: the user buffer
+ * @lenp: the size of the user buffer
+ * @ppos: file position
+ *
+ * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
+ * values from/to the user buffer, treated as an ASCII string. Negative
+ * strings are not allowed.
+ *
+ * This routine will ensure the values are within the range specified by
+ * table->extra1 (min) and table->extra2 (max). There is a final sanity
+ * check for UINT_MAX to avoid having to support wrap around uses from
+ * userspace.
+ *
+ * Returns 0 on success.
+ */
+int proc_douintvec_minmax(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ struct do_proc_douintvec_minmax_conv_param param = {
+ .min = (unsigned int *) table->extra1,
+ .max = (unsigned int *) table->extra2,
+ };
+ return do_proc_douintvec(table, write, buffer, lenp, ppos,
+ do_proc_douintvec_minmax_conv, ¶m);
+}
+
static void validate_coredump_safety(void)
{
#ifdef CONFIG_COREDUMP
@@ -3066,6 +3125,12 @@ int proc_dointvec_minmax(struct ctl_table *table, int write,
return -ENOSYS;
}
+int proc_douintvec_minmax(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ return -ENOSYS;
+}
+
int proc_dointvec_jiffies(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos)
{
@@ -3108,6 +3173,7 @@ EXPORT_SYMBOL(proc_dointvec);
EXPORT_SYMBOL(proc_douintvec);
EXPORT_SYMBOL(proc_dointvec_jiffies);
EXPORT_SYMBOL(proc_dointvec_minmax);
+EXPORT_SYMBOL_GPL(proc_douintvec_minmax);
EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
EXPORT_SYMBOL(proc_dostring);
--
2.11.0
prev parent reply other threads:[~2017-05-19 3:36 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-29 19:29 [PATCH] sysctl: add proper unsigned int support Luis R. Rodriguez
2017-01-30 12:56 ` Alexey Dobriyan
2017-02-01 19:56 ` Luis R. Rodriguez
2017-02-09 1:28 ` Luis R. Rodriguez
2017-02-09 1:32 ` Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 0/9] sysctl: add and fix " Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 1/9] sysctl: fix lax sysctl_check_table() sanity check Luis R. Rodriguez
2017-02-13 20:13 ` Kees Cook
2017-02-11 0:36 ` [PATCH v2 2/9] sysctl: add proper unsigned int support Luis R. Rodriguez
2017-02-13 20:19 ` Kees Cook
2017-05-16 22:25 ` Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 3/9] sysctl: add unsigned int range support Luis R. Rodriguez
2017-02-13 20:21 ` Kees Cook
2017-02-11 0:36 ` [PATCH v2 4/9] test_sysctl: add dedicated proc sysctl test driver Luis R. Rodriguez
2017-02-13 20:27 ` Kees Cook
2017-02-11 0:36 ` [PATCH v2 5/9] test_sysctl: add generic script to expand on tests Luis R. Rodriguez
2017-02-13 20:30 ` Kees Cook
2017-05-16 22:55 ` Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 6/9] test_sysctl: test against PAGE_SIZE for int Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 7/9] test_sysctl: add simple proc_dointvec() case Luis R. Rodriguez
2017-02-13 22:00 ` Kees Cook
2017-05-16 22:46 ` Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 8/9] test_sysctl: add simple proc_douintvec() case Luis R. Rodriguez
2017-02-11 0:36 ` [PATCH v2 9/9] test_sysctl: test against int proc_dointvec() array support Luis R. Rodriguez
2017-02-13 22:07 ` Kees Cook
2017-05-16 22:40 ` Luis R. Rodriguez
2017-02-13 20:11 ` [PATCH v2 0/9] sysctl: add and fix proper unsigned int support Kees Cook
2017-05-19 3:35 ` [PATCH v3 0/5] sysctl: few fixes Luis R. Rodriguez
2017-05-19 3:35 ` [PATCH v3 1/5] sysctl: fix lax sysctl_check_table() sanity check Luis R. Rodriguez
2017-05-22 22:40 ` Andrew Morton
2017-05-19 3:35 ` [PATCH v3 2/5] sysctl: kdoc'ify sysctl_writes_strict Luis R. Rodriguez
2017-05-19 3:35 ` [PATCH v3 3/5] sysctl: fold sysctl_writes_strict checks into helper Luis R. Rodriguez
2017-05-19 3:35 ` [PATCH v3 4/5] sysctl: simplify unsigned int support Luis R. Rodriguez
2017-05-19 3:35 ` Luis R. Rodriguez [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170519033554.18592-6-mcgrof@kernel.org \
--to=mcgrof@kernel.org \
--cc=acme@redhat.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=bp@suse.de \
--cc=davem@davemloft.net \
--cc=deepa.kernel@gmail.com \
--cc=dmitry.torokhov@gmail.com \
--cc=ebiederm@xmission.com \
--cc=jeyu@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@roeck-us.net \
--cc=matt@codeblueprint.co.uk \
--cc=mgorman@suse.de \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=rusty@rustcorp.com.au \
--cc=shuah@kernel.org \
--cc=subashab@codeaurora.org \
--cc=swhiteho@redhat.com \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=xypron.glpk@gmx.de \
--cc=zlpnobody@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.