Commit f8fbb47c authored by Linus Torvalds's avatar Linus Torvalds

Merge branch 'for-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull ucounts fix from Eric Biederman:
 "This fixes the ucount sysctls on big endian architectures.

  The counts were expanded to be longs instead of ints, and the sysctl
  code was overlooked, so only the low 32bit were being processed. On
  litte endian just processing the low 32bits is fine, but on 64bit big
  endian processing just the low 32bits results in the high order bits
  instead of the low order bits being processed and nothing works
  proper.

  This change took a little bit to mature as we have the SYSCTL_ZERO,
  and SYSCTL_INT_MAX macros that are only usable for sysctls operating
  on ints, but unfortunately are not obviously broken. Which resulted in
  the versions of this change working on big endian and not on little
  endian, because the int SYSCTL_ZERO when extended 64bit wound up being
  0x100000000. So we only allowed values greater than 0x100000000 and
  less than 0faff. Which unfortunately broken everything that tried to
  set the sysctls. (First reported with the windows subsystem for
  linux).

  I have tested this on x86_64 64bit after first reproducing the
  problems with the earlier version of this change, and then verifying
  the problems do not exist when we use appropriate long min and max
  values for extra1 and extra2"

* 'for-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  ucounts: add missing data type changes
parents 59cd4f43 f153c224
...@@ -54,22 +54,27 @@ static int fanotify_max_queued_events __read_mostly; ...@@ -54,22 +54,27 @@ static int fanotify_max_queued_events __read_mostly;
#include <linux/sysctl.h> #include <linux/sysctl.h>
static long ft_zero = 0;
static long ft_int_max = INT_MAX;
struct ctl_table fanotify_table[] = { struct ctl_table fanotify_table[] = {
{ {
.procname = "max_user_groups", .procname = "max_user_groups",
.data = &init_user_ns.ucount_max[UCOUNT_FANOTIFY_GROUPS], .data = &init_user_ns.ucount_max[UCOUNT_FANOTIFY_GROUPS],
.maxlen = sizeof(int), .maxlen = sizeof(long),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec_minmax, .proc_handler = proc_doulongvec_minmax,
.extra1 = SYSCTL_ZERO, .extra1 = &ft_zero,
.extra2 = &ft_int_max,
}, },
{ {
.procname = "max_user_marks", .procname = "max_user_marks",
.data = &init_user_ns.ucount_max[UCOUNT_FANOTIFY_MARKS], .data = &init_user_ns.ucount_max[UCOUNT_FANOTIFY_MARKS],
.maxlen = sizeof(int), .maxlen = sizeof(long),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec_minmax, .proc_handler = proc_doulongvec_minmax,
.extra1 = SYSCTL_ZERO, .extra1 = &ft_zero,
.extra2 = &ft_int_max,
}, },
{ {
.procname = "max_queued_events", .procname = "max_queued_events",
......
...@@ -55,22 +55,27 @@ struct kmem_cache *inotify_inode_mark_cachep __read_mostly; ...@@ -55,22 +55,27 @@ struct kmem_cache *inotify_inode_mark_cachep __read_mostly;
#include <linux/sysctl.h> #include <linux/sysctl.h>
static long it_zero = 0;
static long it_int_max = INT_MAX;
struct ctl_table inotify_table[] = { struct ctl_table inotify_table[] = {
{ {
.procname = "max_user_instances", .procname = "max_user_instances",
.data = &init_user_ns.ucount_max[UCOUNT_INOTIFY_INSTANCES], .data = &init_user_ns.ucount_max[UCOUNT_INOTIFY_INSTANCES],
.maxlen = sizeof(int), .maxlen = sizeof(long),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec_minmax, .proc_handler = proc_doulongvec_minmax,
.extra1 = SYSCTL_ZERO, .extra1 = &it_zero,
.extra2 = &it_int_max,
}, },
{ {
.procname = "max_user_watches", .procname = "max_user_watches",
.data = &init_user_ns.ucount_max[UCOUNT_INOTIFY_WATCHES], .data = &init_user_ns.ucount_max[UCOUNT_INOTIFY_WATCHES],
.maxlen = sizeof(int), .maxlen = sizeof(long),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec_minmax, .proc_handler = proc_doulongvec_minmax,
.extra1 = SYSCTL_ZERO, .extra1 = &it_zero,
.extra2 = &it_int_max,
}, },
{ {
.procname = "max_queued_events", .procname = "max_queued_events",
......
...@@ -58,14 +58,17 @@ static struct ctl_table_root set_root = { ...@@ -58,14 +58,17 @@ static struct ctl_table_root set_root = {
.permissions = set_permissions, .permissions = set_permissions,
}; };
#define UCOUNT_ENTRY(name) \ static long ue_zero = 0;
{ \ static long ue_int_max = INT_MAX;
.procname = name, \
.maxlen = sizeof(int), \ #define UCOUNT_ENTRY(name) \
.mode = 0644, \ { \
.proc_handler = proc_dointvec_minmax, \ .procname = name, \
.extra1 = SYSCTL_ZERO, \ .maxlen = sizeof(long), \
.extra2 = SYSCTL_INT_MAX, \ .mode = 0644, \
.proc_handler = proc_doulongvec_minmax, \
.extra1 = &ue_zero, \
.extra2 = &ue_int_max, \
} }
static struct ctl_table user_table[] = { static struct ctl_table user_table[] = {
UCOUNT_ENTRY("max_user_namespaces"), UCOUNT_ENTRY("max_user_namespaces"),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment