Commit cb16e95f authored by Petr Holasek's avatar Petr Holasek Committed by Linus Torvalds

sysctl: add some missing input constraint checks

Add boundaries of allowed input ranges for: dirty_expire_centisecs,
drop_caches, overcommit_memory, page-cluster and panic_on_oom.
Signed-off-by: default avatarPetr Holasek <pholasek@redhat.com>
Acked-by: default avatarDave Young <hidave.darkstar@gmail.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 256c53a6
...@@ -45,7 +45,11 @@ static void drop_slab(void) ...@@ -45,7 +45,11 @@ static void drop_slab(void)
int drop_caches_sysctl_handler(ctl_table *table, int write, int drop_caches_sysctl_handler(ctl_table *table, int write,
void __user *buffer, size_t *length, loff_t *ppos) void __user *buffer, size_t *length, loff_t *ppos)
{ {
proc_dointvec_minmax(table, write, buffer, length, ppos); int ret;
ret = proc_dointvec_minmax(table, write, buffer, length, ppos);
if (ret)
return ret;
if (write) { if (write) {
if (sysctl_drop_caches & 1) if (sysctl_drop_caches & 1)
iterate_supers(drop_pagecache_sb, NULL); iterate_supers(drop_pagecache_sb, NULL);
......
...@@ -117,6 +117,7 @@ static int neg_one = -1; ...@@ -117,6 +117,7 @@ static int neg_one = -1;
static int zero; static int zero;
static int __maybe_unused one = 1; static int __maybe_unused one = 1;
static int __maybe_unused two = 2; static int __maybe_unused two = 2;
static int __maybe_unused three = 3;
static unsigned long one_ul = 1; static unsigned long one_ul = 1;
static int one_hundred = 100; static int one_hundred = 100;
#ifdef CONFIG_PRINTK #ifdef CONFIG_PRINTK
...@@ -971,14 +972,18 @@ static struct ctl_table vm_table[] = { ...@@ -971,14 +972,18 @@ static struct ctl_table vm_table[] = {
.data = &sysctl_overcommit_memory, .data = &sysctl_overcommit_memory,
.maxlen = sizeof(sysctl_overcommit_memory), .maxlen = sizeof(sysctl_overcommit_memory),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec, .proc_handler = proc_dointvec_minmax,
.extra1 = &zero,
.extra2 = &two,
}, },
{ {
.procname = "panic_on_oom", .procname = "panic_on_oom",
.data = &sysctl_panic_on_oom, .data = &sysctl_panic_on_oom,
.maxlen = sizeof(sysctl_panic_on_oom), .maxlen = sizeof(sysctl_panic_on_oom),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec, .proc_handler = proc_dointvec_minmax,
.extra1 = &zero,
.extra2 = &two,
}, },
{ {
.procname = "oom_kill_allocating_task", .procname = "oom_kill_allocating_task",
...@@ -1006,7 +1011,8 @@ static struct ctl_table vm_table[] = { ...@@ -1006,7 +1011,8 @@ static struct ctl_table vm_table[] = {
.data = &page_cluster, .data = &page_cluster,
.maxlen = sizeof(int), .maxlen = sizeof(int),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec, .proc_handler = proc_dointvec_minmax,
.extra1 = &zero,
}, },
{ {
.procname = "dirty_background_ratio", .procname = "dirty_background_ratio",
...@@ -1054,7 +1060,8 @@ static struct ctl_table vm_table[] = { ...@@ -1054,7 +1060,8 @@ static struct ctl_table vm_table[] = {
.data = &dirty_expire_interval, .data = &dirty_expire_interval,
.maxlen = sizeof(dirty_expire_interval), .maxlen = sizeof(dirty_expire_interval),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec, .proc_handler = proc_dointvec_minmax,
.extra1 = &zero,
}, },
{ {
.procname = "nr_pdflush_threads", .procname = "nr_pdflush_threads",
...@@ -1130,6 +1137,8 @@ static struct ctl_table vm_table[] = { ...@@ -1130,6 +1137,8 @@ static struct ctl_table vm_table[] = {
.maxlen = sizeof(int), .maxlen = sizeof(int),
.mode = 0644, .mode = 0644,
.proc_handler = drop_caches_sysctl_handler, .proc_handler = drop_caches_sysctl_handler,
.extra1 = &one,
.extra2 = &three,
}, },
#ifdef CONFIG_COMPACTION #ifdef CONFIG_COMPACTION
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment