From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Christian Brauner <christian@brauner.io>,
Alexey Dobriyan <adobriyan@gmail.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Dominik Brodowski <linux@dominikbrodowski.net>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Joe Lawrence <joe.lawrence@redhat.com>,
Luis Chamberlain <mcgrof@kernel.org>,
Waiman Long <longman@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Sasha Levin <sashal@kernel.org>,
linux-fsdevel@vger.kernel.org
Subject: [PATCH AUTOSEL 4.9 07/87] sysctl: handle overflow for file-max
Date: Wed, 27 Mar 2019 14:19:20 -0400 [thread overview]
Message-ID: <20190327182040.17444-7-sashal@kernel.org> (raw)
In-Reply-To: <20190327182040.17444-1-sashal@kernel.org>
From: Christian Brauner <christian@brauner.io>
[ Upstream commit 32a5ad9c22852e6bd9e74bdec5934ef9d1480bc5 ]
Currently, when writing
echo 18446744073709551616 > /proc/sys/fs/file-max
/proc/sys/fs/file-max will overflow and be set to 0. That quickly
crashes the system.
This commit sets the max and min value for file-max. The max value is
set to long int. Any higher value cannot currently be used as the
percpu counters are long ints and not unsigned integers.
Note that the file-max value is ultimately parsed via
__do_proc_doulongvec_minmax(). This function does not report error when
min or max are exceeded. Which means if a value largen that long int is
written userspace will not receive an error instead the old value will be
kept. There is an argument to be made that this should be changed and
__do_proc_doulongvec_minmax() should return an error when a dedicated min
or max value are exceeded. However this has the potential to break
userspace so let's defer this to an RFC patch.
Link: http://lkml.kernel.org/r/20190107222700.15954-3-christian@brauner.io
Signed-off-by: Christian Brauner <christian@brauner.io>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Joe Lawrence <joe.lawrence@redhat.com>
Cc: Luis Chamberlain <mcgrof@kernel.org>
Cc: Waiman Long <longman@redhat.com>
[christian@brauner.io: v4]
Link: http://lkml.kernel.org/r/20190210203943.8227-3-christian@brauner.io
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
kernel/sysctl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index efd340a510a9..5515d578095b 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -125,6 +125,7 @@ static int __maybe_unused one = 1;
static int __maybe_unused two = 2;
static int __maybe_unused four = 4;
static unsigned long one_ul = 1;
+static unsigned long long_max = LONG_MAX;
static int one_hundred = 100;
static int one_thousand = 1000;
#ifdef CONFIG_PRINTK
@@ -1682,6 +1683,8 @@ static struct ctl_table fs_table[] = {
.maxlen = sizeof(files_stat.max_files),
.mode = 0644,
.proc_handler = proc_doulongvec_minmax,
+ .extra1 = &zero,
+ .extra2 = &long_max,
},
{
.procname = "nr_open",
--
2.19.1
next prev parent reply other threads:[~2019-03-27 18:40 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-27 18:19 [PATCH AUTOSEL 4.9 01/87] CIFS: fix POSIX lock leak and invalid ptr deref Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 02/87] h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 03/87] i2c: sis630: correct format strings Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 04/87] tracing: kdb: Fix ftdump to not sleep Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 05/87] gpio: gpio-omap: fix level interrupt idling Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 06/87] include/linux/relay.h: fix percpu annotation in struct rchan Sasha Levin
2019-03-27 18:19 ` Sasha Levin [this message]
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 08/87] enic: fix build warning without CONFIG_CPUMASK_OFFSTACK Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 09/87] scsi: hisi_sas: Set PHY linkrate when disconnected Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 10/87] mm/cma.c: cma_declare_contiguous: correct err handling Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 11/87] mm/page_ext.c: fix an imbalance with kmemleak Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 12/87] mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 13/87] mm/slab.c: kmemleak no scan alien caches Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 14/87] ocfs2: fix a panic problem caused by o2cb_ctl Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 15/87] f2fs: do not use mutex lock in atomic context Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 16/87] fs/file.c: initialize init_files.resize_wait Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 17/87] cifs: use correct format characters Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 18/87] dm thin: add sanity checks to thin-pool and external snapshot creation Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 19/87] cifs: Fix NULL pointer dereference of devname Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 20/87] fs: Make splice() and tee() take into account O_NONBLOCK flag on pipes Sasha Levin
2019-03-28 15:37 ` Slavomir Kaslev
2019-03-28 16:04 ` Steven Rostedt
2019-04-03 16:19 ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 21/87] jbd2: fix invalid descriptor block checksum Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 22/87] fs: fix guard_bio_eod to check for real EOD errors Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 23/87] tools lib traceevent: Fix buffer overflow in arg_eval Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 24/87] wil6210: check null pointer in _wil_cfg80211_merge_extra_ies Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 25/87] crypto: crypto4xx - add missing of_node_put after of_device_is_available Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 26/87] usb: chipidea: Grab the (legacy) USB PHY by phandle first Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 27/87] scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 28/87] coresight: etm4x: Add support to enable ETMv4.2 Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 29/87] ARM: 8840/1: use a raw_spinlock_t in unwind Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 30/87] iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 31/87] mmc: omap: fix the maximum timeout setting Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 32/87] e1000e: Fix -Wformat-truncation warnings Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 33/87] mlxsw: spectrum: Avoid " Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 34/87] IB/mlx4: Increase the timeout for CM cache Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 35/87] ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 36/87] scsi: megaraid_sas: return error when create DMA pool failed Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 37/87] perf test: Fix failure of 'evsel-tp-sched' test on s390 Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 38/87] SoC: imx-sgtl5000: add missing put_device() Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 39/87] media: sh_veu: Correct return type for mem2mem buffer helpers Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 40/87] media: s5p-jpeg: " Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 41/87] media: s5p-g2d: " Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 42/87] media: mx2_emmaprp: " Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 43/87] vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 44/87] HID: intel-ish-hid: avoid binding wrong ishtp_cl_device Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 45/87] leds: lp55xx: fix null deref on firmware load failure Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 46/87] iwlwifi: pcie: fix emergency path Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 47/87] ACPI / video: Refactor and fix dmi_is_desktop() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 48/87] kprobes: Prohibit probing on bsearch() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 49/87] ARM: 8833/1: Ensure that NEON code always compiles with Clang Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 50/87] ALSA: PCM: check if ops are defined before suspending PCM Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 51/87] usb: f_fs: Avoid crash due to out-of-scope stack ptr access Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 52/87] bcache: fix input overflow to cache set sysfs file io_error_halflife Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 53/87] bcache: fix input overflow to sequential_cutoff Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 54/87] bcache: improve sysfs_strtoul_clamp() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 55/87] genirq: Avoid summation loops for /proc/stat Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 56/87] iw_cxgb4: fix srqidx leak during connection abort Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 57/87] fbdev: fbmem: fix memory access if logo is bigger than the screen Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 58/87] cdrom: Fix race condition in cdrom_sysctl_register Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 59/87] e1000e: fix cyclic resets at link up with active tx Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 60/87] ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 61/87] locking/lockdep: Add debug_locks check in __lock_downgrade() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 62/87] efi/memattr: Don't bail on zero VA if it equals the region's PA Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 63/87] ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 64/87] soc: qcom: gsbi: Fix error handling in gsbi_probe() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 65/87] mt7601u: bump supported EEPROM version Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 66/87] ARM: avoid Cortex-A9 livelock on tight dmb loops Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 67/87] tty: increase the default flip buffer limit to 2*640K Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 68/87] powerpc/pseries: Perform full re-add of CPU for topology update post-migration Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 69/87] media: mt9m111: set initial frame size other than 0x0 Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 70/87] hwrng: virtio - Avoid repeated init of completion Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 71/87] soc/tegra: fuse: Fix illegal free of IO base address Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 72/87] HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 73/87] Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 74/87] hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 75/87] dmaengine: imx-dma: fix warning comparison of distinct pointer types Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 76/87] dmaengine: qcom_hidma: assign channel cookie correctly Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 77/87] netfilter: physdev: relax br_netfilter dependency Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 78/87] media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 79/87] regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 80/87] drm/nouveau: Stop using drm_crtc_force_disable Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 81/87] x86/build: Specify elf_i386 linker emulation explicitly for i386 objects Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 82/87] selinux: do not override context on context mounts Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 83/87] wlcore: Fix memory leak in case wl12xx_fetch_firmware failure Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 84/87] x86/build: Mark per-CPU symbols as absolute explicitly for LLD Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 85/87] dmaengine: tegra: avoid overflow of byte tracking Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 86/87] drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 87/87] ACPI / video: Extend chassis-type detection with a "Lunch Box" check Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190327182040.17444-7-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=christian@brauner.io \
--cc=ebiederm@xmission.com \
--cc=joe.lawrence@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=longman@redhat.com \
--cc=mcgrof@kernel.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).