tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

sysctl.c: fix underflow value setting risk in vm_table

Apart from subsystem specific .proc_handler handler, all ctl_tables with
extra1 and extra2 members set should use proc_dointvec_minmax instead of
proc_dointvec, or the limit set in extra* never work and potentially echo
underflow values(negative numbers) is likely make system unstable.

Especially vfs_cache_pressure and zone_reclaim_mode, -1 is apparently not
a valid value, but we can set to them. And then kernel may crash.

# echo -1 > /proc/sys/vm/vfs_cache_pressure

Link: https://lkml.kernel.org/r/20201223105535.2875-1-linf@wangsu.com
Signed-off-by: Lin Feng <linf@wangsu.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Lin Feng and committed by
Linus Torvalds 3b3376f2 45089437

+4 -4
+4 -4
kernel/sysctl.c
··· 2962 2962 .data = &block_dump, 2963 2963 .maxlen = sizeof(block_dump), 2964 2964 .mode = 0644, 2965 - .proc_handler = proc_dointvec, 2965 + .proc_handler = proc_dointvec_minmax, 2966 2966 .extra1 = SYSCTL_ZERO, 2967 2967 }, 2968 2968 { ··· 2970 2970 .data = &sysctl_vfs_cache_pressure, 2971 2971 .maxlen = sizeof(sysctl_vfs_cache_pressure), 2972 2972 .mode = 0644, 2973 - .proc_handler = proc_dointvec, 2973 + .proc_handler = proc_dointvec_minmax, 2974 2974 .extra1 = SYSCTL_ZERO, 2975 2975 }, 2976 2976 #if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \ ··· 2980 2980 .data = &sysctl_legacy_va_layout, 2981 2981 .maxlen = sizeof(sysctl_legacy_va_layout), 2982 2982 .mode = 0644, 2983 - .proc_handler = proc_dointvec, 2983 + .proc_handler = proc_dointvec_minmax, 2984 2984 .extra1 = SYSCTL_ZERO, 2985 2985 }, 2986 2986 #endif ··· 2990 2990 .data = &node_reclaim_mode, 2991 2991 .maxlen = sizeof(node_reclaim_mode), 2992 2992 .mode = 0644, 2993 - .proc_handler = proc_dointvec, 2993 + .proc_handler = proc_dointvec_minmax, 2994 2994 .extra1 = SYSCTL_ZERO, 2995 2995 }, 2996 2996 {