From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm@xmission.com (Eric W. Biederman) Subject: Re: IPv4: sysctl table check failed [was: mmotm 2010-10-07-14-08 uploaded] Date: Thu, 07 Oct 2010 17:54:48 -0700 Message-ID: References: <201010072140.o97Le69i025659@imap1.linux-foundation.org> <4CAE4479.6010606@gmail.com> <1286490135.6536.75.camel@edumazet-laptop> <20101007152806.119d1522.akpm@linux-foundation.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Eric Dumazet , Jiri Slaby , linux-kernel@vger.kernel.org, mm-commits@vger.kernel.org, ML netdev , "David S. Miller" To: Andrew Morton Return-path: In-Reply-To: <20101007152806.119d1522.akpm@linux-foundation.org> (Andrew Morton's message of "Thu, 7 Oct 2010 15:28:06 -0700") Sender: linux-kernel-owner@vger.kernel.org List-Id: netdev.vger.kernel.org Andrew Morton writes: > On Fri, 08 Oct 2010 00:22:15 +0200 > Eric Dumazet wrote: > >> Le vendredi 08 octobre 2010 __ 00:06 +0200, Jiri Slaby a __crit : >> > On 10/07/2010 11:08 PM, akpm@linux-foundation.org wrote: >> > > The mm-of-the-moment snapshot 2010-10-07-14-08 has been uploaded to >> > >> > Hi, I got bunch of "sysctl table check failed" below. All seem to be >> > related to ipv4: >> >> I would say, sysctl check is buggy :( >> >> min/max are optional >> >> [PATCH] sysctl: min/max bounds are optional >> >> sysctl check complains when proc_doulongvec_minmax or >> proc_doulongvec_ms_jiffies_minmax are used by a vector of longs (with >> more than one element), with no min or max value specified. >> >> This is unexpected, given we had a bug on this min/max handling :) >> >> Reported-by: Jiri Slaby >> Signed-off-by: Eric Dumazet >> --- >> kernel/sysctl_check.c | 9 --------- >> 1 file changed, 9 deletions(-) >> >> diff --git a/kernel/sysctl_check.c b/kernel/sysctl_check.c >> index 04cdcf7..10b90d8 100644 >> --- a/kernel/sysctl_check.c >> +++ b/kernel/sysctl_check.c >> @@ -143,15 +143,6 @@ int sysctl_check_table(struct nsproxy *namespaces, struct ctl_table *table) >> if (!table->maxlen) >> set_fail(&fail, table, "No maxlen"); >> } >> - if ((table->proc_handler == proc_doulongvec_minmax) || >> - (table->proc_handler == proc_doulongvec_ms_jiffies_minmax)) { >> - if (table->maxlen > sizeof (unsigned long)) { >> - if (!table->extra1) >> - set_fail(&fail, table, "No min"); >> - if (!table->extra2) >> - set_fail(&fail, table, "No max"); >> - } >> - } >> #ifdef CONFIG_PROC_SYSCTL >> if (table->procname && !table->proc_handler) >> set_fail(&fail, table, "No proc_handler"); > > That will probably fix it ;) > > net-avoid-limits-overflow.patch is dependent on this patch. Unless > Eric B squeaks I'll plan on sending this patch in for 2.6.37. Oh. I see. I actually had a sanity check for the case that was failing. I probably spotted the buggy code and wanted to see if there was anything that cared. So sysctl_check was perfectly correct until the bug was removed from proc_doulongvec_minmax. Which also means we have been auditing the kernel for quite a while to make certain that it is safe not to increment min and max. Eric