iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel
History
Christian Brauner 91ae202e2c sysctl: return -EINVAL if val violates minmax 
[ Upstream commit e260ad01f0aa9e96b5386d5cd7184afd949dc457 ]

Currently when userspace gives us a values that overflow e.g.  file-max
and other callers of __do_proc_doulongvec_minmax() we simply ignore the
new value and leave the current value untouched.

This can be problematic as it gives the illusion that the limit has
indeed be bumped when in fact it failed.  This commit makes sure to
return EINVAL when an overflow is detected.  Please note that this is a
userspace facing change.

Link: http://lkml.kernel.org/r/20190210203943.8227-4-christian@brauner.io
Signed-off-by: Christian Brauner <christian@brauner.io>
Acked-by: Luis Chamberlain <mcgrof@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Joe Lawrence <joe.lawrence@redhat.com>
Cc: Waiman Long <longman@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-06-15 11:53:59 +02:00
..
bpf
bpf: devmap: fix use-after-free Read in __dev_map_entry_free
2019-05-31 06:46:04 -07:00
cgroup
cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock
2019-05-31 06:46:19 -07:00
configs
kconfig: tinyconfig: remove stale stack protector fixups
2018-06-15 07:15:28 +09:00
debug
kdb: Don't back trace on a cpu that didn't round up
2019-02-12 19:47:19 +01:00
dma
dma-direct: do not include SME mask in the DMA supported check
2019-01-13 09:51:05 +01:00
events
perf/core: Fix perf_event_disable_inatomic() race
2019-05-10 17:54:09 +02:00
gcov
gcov: remove CONFIG_GCOV_FORMAT_AUTODETECT
2018-06-08 18:56:02 +09:00
irq
genirq: Prevent use-after-free and work list corruption
2019-05-10 17:54:10 +02:00
livepatch
Merge branch 'for-4.19/upstream' into for-linus
2018-08-20 18:33:50 +02:00
locking
locking/rwsem: Prevent decrement of reader count before increment
2019-05-22 07:37:34 +02:00
power
x86/power: Fix 'nosmt' vs hibernation triple fault during resume
2019-06-11 12:20:52 +02:00
printk
printk: Fix panic caused by passing log_buf_len to command line
2018-11-13 11:08:48 -08:00
rcu
rcuperf: Fix cleanup path for invalid perf_type strings
2019-05-31 06:46:30 -07:00
sched
jump_label: move 'asm goto' support test to Kconfig
2019-06-04 08:02:34 +02:00
time
timekeeping: Force upper bound for setting CLOCK_REALTIME
2019-05-31 06:46:29 -07:00
trace
tracing: Avoid memory leak in predicate_parse()
2019-06-09 09:17:14 +02:00
.gitignore
acct.c
acct_on(): don't mess with freeze protection
2019-05-31 06:46:05 -07:00
async.c
audit_fsnotify.c
fsnotify: add fsnotify_add_inode_mark() wrappers
2018-05-18 14:58:22 +02:00
audit_tree.c
\n
2018-08-17 09:41:28 -07:00
audit_watch.c
audit: fix use-after-free in audit_add_watch
2018-07-18 11:43:36 -04:00
audit.c
audit: use ktime_get_coarse_real_ts64() for timestamps
2018-07-17 14:45:08 -04:00
audit.h
auditfilter.c
audit: fix a memory leak bug
2019-05-31 06:46:17 -07:00
auditsc.c
audit/stable-4.18 PR 20180814
2018-08-15 10:46:54 -07:00
backtracetest.c
bounds.c
kbuild: fix kernel/bounds.c 'W=1' warning
2018-11-13 11:08:47 -08:00
capability.c
compat.c
time: Enable get/put_compat_itimerspec64 always
2018-06-24 14:39:47 +02:00
configs.c
context_tracking.c
cpu_pm.c
cpu.c
x86/power: Fix 'nosmt' vs hibernation triple fault during resume
2019-06-11 12:20:52 +02:00
crash_core.c
kernel/crash_core.c: print timestamp using time64_t
2018-08-22 10:52:47 -07:00
crash_dump.c
cred.c
delayacct.c
delayacct: Use raw_spinlocks
2018-04-27 14:34:51 +02:00
dma.c
proc: introduce proc_create_single{,_data}
2018-05-16 07:23:35 +02:00
elfcore.c
exec_domain.c
proc: introduce proc_create_single{,_data}
2018-05-16 07:23:35 +02:00
exit.c
cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting
2019-04-05 22:33:13 +02:00
extable.c
fail_function.c
bpf/error-inject/kprobes: Clear current_kprobe and enable preempt in kprobe
2018-06-21 12:33:19 +02:00
fork.c
userfaultfd: use RCU to free the task struct when fork fails
2019-05-22 07:37:41 +02:00
freezer.c
PM / reboot: Eliminate race between reboot and suspend
2018-08-06 12:35:20 +02:00
futex_compat.c
futex.c
locking/futex: Allow low-level atomic operations to return -EAGAIN
2019-05-10 17:54:11 +02:00
groups.c
hung_task.c
kernel: hung_task.c: disable on suspend
2019-04-20 09:16:02 +02:00
iomem.c
memremap: split devm_memremap_pages() and memremap() infrastructure
2018-05-15 23:08:33 -07:00
irq_work.c
irq_work: Do not raise an IPI when queueing work on the local CPU
2019-05-31 06:46:19 -07:00
jump_label.c
jump_label: move 'asm goto' support test to Kconfig
2019-06-04 08:02:34 +02:00
kallsyms.c
kallsyms, x86: Export addresses of PTI entry trampolines
2018-08-14 19:12:29 -03:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kconfig: include kernel/Kconfig.preempt from init/Kconfig
2018-08-02 08:06:54 +09:00
kcov.c
kernel/kcov.c: mark write_comp_data() as notrace
2019-02-12 19:47:20 +01:00
kexec_core.c
kexec: yield to scheduler when loading kimage segments
2018-06-15 07:55:24 +09:00
kexec_file.c
treewide: Use array_size() in vzalloc()
2018-06-12 16:19:22 -07:00
kexec_internal.h
kexec.c
kexec: add call to LSM hook in original kexec_load syscall
2018-07-16 12:31:57 -07:00
kmod.c
kprobes.c
kprobes: Fix error check when reusing optimized probes
2019-04-27 09:36:37 +02:00
ksysfs.c
kthread.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-08-13 11:25:07 -07:00
latencytop.c
Makefile
kbuild: move bin2c back to scripts/ from scripts/basic/
2018-07-18 01:18:05 +09:00
memremap.c
mm, devm_memremap_pages: add MEMORY_DEVICE_PRIVATE support
2019-01-13 09:51:04 +01:00
module_signing.c
modsign: log module name in the event of an error
2018-07-02 11:36:17 +02:00
module-internal.h
modsign: log module name in the event of an error
2018-07-02 11:36:17 +02:00
module.c
jump_label: move 'asm goto' support test to Kconfig
2019-06-04 08:02:34 +02:00
notifier.c
nsproxy.c
padata.c
panic.c
panic: avoid deadlocks in re-entrant console drivers
2018-12-29 13:37:57 +01:00
params.c
kernel/params.c: downgrade warning for unsafe parameters
2018-04-11 10:28:37 -07:00
pid_namespace.c
Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2018-04-03 19:15:32 -07:00
pid.c
Fix failure path in alloc_pid()
2019-01-13 09:51:06 +01:00
profile.c
ptrace.c
ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
2019-05-04 09:20:22 +02:00
range.c
reboot.c
PM / reboot: Eliminate race between reboot and suspend
2018-08-06 12:35:20 +02:00
relay.c
relay: check return of create_buf_file() properly
2019-03-13 14:02:35 -07:00
resource.c
libnvdimm for 4.18
2018-06-08 17:21:52 -07:00
rseq.c
rseq: uapi: Declare rseq_cs field as union, update includes
2018-07-10 22:18:52 +02:00
seccomp.c
audit/stable-4.18 PR 20180605
2018-06-06 16:34:00 -07:00
signal.c
kernel/signal.c: trace_signal_deliver when signal_group_exit
2019-06-09 09:17:20 +02:00
smp.c
cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM
2019-02-12 19:47:25 +01:00
smpboot.c
smpboot: Remove cpumask from the API
2018-07-03 09:20:44 +02:00
smpboot.h
softirq.c
nohz: Fix missing tick reprogram when interrupting an inline softirq
2018-08-03 15:52:10 +02:00
stacktrace.c
stop_machine.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-08-13 11:25:07 -07:00
sys_ni.c
Merge branch 'core-rseq-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-06-10 10:17:09 -07:00
sys.c
kernel/sys.c: remove duplicated include
2018-09-20 22:01:11 +02:00
sysctl_binary.c
staging: irda: remove remaining remants of irda code removal
2018-04-16 11:26:49 +02:00
sysctl.c
sysctl: return -EINVAL if val violates minmax
2019-06-15 11:53:59 +02:00
task_work.c
taskstats.c
test_kprobes.c
kprobes: Remove jprobe API implementation
2018-06-21 12:33:05 +02:00
torture.c
torture: Keep old-school dmesg format
2018-06-25 11:30:10 -07:00
tracepoint.c
tracepoint: Fix tracepoint array element size mismatch
2018-10-17 15:35:29 -04:00
tsacct.c
ucount.c
headers: untangle kmemleak.h from mm.h
2018-04-05 21:36:27 -07:00
uid16.c
fs: add do_fchownat(), ksys_fchown() helpers and ksys_{,l}chown() wrappers
2018-04-02 20:15:59 +02:00
uid16.h
kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c
2018-04-02 20:15:30 +02:00
umh.c
umh: fix race condition
2018-06-07 16:56:28 -04:00
up.c
user_namespace.c
userns: also map extents in the reverse map to kernel IDs
2018-11-13 11:09:00 -08:00
user-return-notifier.c
user.c
userns: use irqsave variant of refcount_dec_and_lock()
2018-08-22 10:52:47 -07:00
utsname_sysctl.c
sys: don't hold uts_sem while accessing userspace memory
2018-08-11 02:05:53 -05:00
utsname.c
uts: create "struct uts_namespace" from kmem_cache
2018-04-11 10:28:35 -07:00
watchdog_hld.c
watchdog: Mark watchdog touch functions as notrace
2018-08-30 12:56:40 +02:00
watchdog.c
watchdog: Respect watchdog cpumask on CPU hotplug
2019-04-03 06:26:29 +02:00
workqueue_internal.h
workqueue: Set worker->desc to workqueue name by default
2018-05-18 08:47:13 -07:00
workqueue.c
workqueue: Try to catch flush_work() without INIT_WORK().
2019-05-02 09:58:56 +02:00