Re: [PATCH] sysctl: min-max range check is broken

From: Eric W. Biederman
Date: Thu Feb 05 2009 - 16:40:26 EST

Next message: Dave Airlie: "Re: [Bug #12608] 2.6.29-rc powerpc G5 Xorg legacy_mem regression"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 01/15] ide: include <asm/ide.h> only when needed"
In reply to: Alexey Dobriyan: "Re: [PATCH] sysctl: min-max range check is broken"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alexey Dobriyan <adobriyan@xxxxxxxxx> writes:

>> Yep. There is an inconsistency here. Given how sysctl is used and
>> tested, and the fact I could not find where it appears that anyone is
>> passing an array into min/max I would say that the proc version is
>> correct and the sysctl version is wrong.
>>
>> The untested patch below looks like it will fix the this.
>>
>> I don't know if there are any cases where we use minmax with an array
>> of integers but I don't see the point of using an array of minmax
>> values at this point.
>
> Multiple values, each one is bounded by it's own set of values.

Nack. That is a change to the users of sysctl. An array
of minmax values appears to be a brand new extension therefore
we should not make this change.

If we want new behavior we should introduce new helpers.

>> For the original sysctl design it may have made
>> some sense. New code should be one value per file.
>
> So leave them alone.

Sure. My point is that we don't care about this for new code.
Old code was tested and used with the proc version.

NO ONE uses sys_sysctl NO ONE.

>> --- a/kernel/sysctl.c
>> +++ b/kernel/sysctl.c
>> @@ -2916,9 +2916,9 @@ int sysctl_intvec(struct ctl_table *table,
>> int value;
>> if (get_user(value, vec + i))
>> return -EFAULT;
>> - if (min && value < min[i])
>> + if (min && value < *min)
>> return -EINVAL;
>> - if (max && value > max[i])
>> + if (max && value > *max)
>> return -EINVAL;
>
> Correct way is:
>
> min[i] <= val[i] <= max[i]
>
> This is what sysctl_intvec() does.

Therefore sysctl_intvec is wrong because it does not match
proc_dointvec_minmax. proc_dointvec_minmax is definitive as that what
people use and test. sysctl_intvec is a vestigial appendage that
was never really used, and it is already deprecated and scheduled for
remove because of this.

The only way to support the case of arrays of minmax values is to
show code that cares. I did not see anyone passing in an array
in .extra one. So you are advocating code that will walk around
and read random values from the kernels .data section. Which
is VERY broken.

Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dave Airlie: "Re: [Bug #12608] 2.6.29-rc powerpc G5 Xorg legacy_mem regression"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 01/15] ide: include <asm/ide.h> only when needed"
In reply to: Alexey Dobriyan: "Re: [PATCH] sysctl: min-max range check is broken"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]