Re: [PATCH v2 3/9] sysctl: add unsigned int range support

From: Kees Cook
Date: Mon Feb 13 2017 - 15:21:18 EST

On Fri, Feb 10, 2017 at 4:36 PM, Luis R. Rodriguez <mcgrof@xxxxxxxxxx> wrote:
> To keep parity with regular int interfaces provide the an unsigned
> int proc_douintvec_minmax() which allows you to specify a range of
> allowed valid numbers.
> Adding proc_douintvec_minmax_sysadmin() is easy but we can wait for
> an actual user for that.
> Cc: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
> Cc: Heinrich Schuchardt <xypron.glpk@xxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> Cc: Ingo Molnar <mingo@xxxxxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Luis R. Rodriguez <mcgrof@xxxxxxxxxx>

Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>

This looks sensible. :)


Kees Cook
Pixel Security