Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp7076228ybi; Thu, 13 Jun 2019 09:10:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqyPQT38gonrwtTzRRbceUwwOiWsMW5PBuhYPApSJ5cLGGCdpLTWtYAtOGCFy8sYTiir93U8 X-Received: by 2002:a63:cc4e:: with SMTP id q14mr31024640pgi.84.1560442201640; Thu, 13 Jun 2019 09:10:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560442201; cv=none; d=google.com; s=arc-20160816; b=Ukm1ytFZ44/K0GbLJAIQchQNHO7zurROswxgyBn3UuZKO648h22mFsidGLZ42ZDu0T PBoOBy4mxnyOCZi/17eRETPoyzkHZyh0wM/N8GBWlJ8gGNWLZChTi3pQGMkH4zXYTUU0 U97qGiSUOcXKiRQb+5GURL10qomXb3wLnz+N4mfpu39NE+uJiEjAFRSwTc17VL75vkhY wlrPriovCI3KPoDQagSLp5Lu23mjrWWt2ajkeW9nL7iSThnlWGYGUn2PC9rPKrr/2U8T rNBcDTDrmnUjxWVuvj7sbdG96e/Tz49gkZhQiEi3DRA/gcwEqLaTac3aqfyvI6u/YqoI xj6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=1XdlMeRdGWhOBBocUu2HNN0IVSFmSqA1QrMnNUP/rXA=; b=vBc1Vp+kKJaNm9zq287Ma9HFO+qygl2au8GsNHQrNpqhB7l6JI2ixKBx8FUQt1UYSq xLdeU1Ph5dgCF/401AX4Rm/9nPTMmQr/+XVYf86idXumOz99gHpaHqbIu4q9AsLguyNQ JQ29koVL9LvHxtAygHx3vX1L6SrqtAomjAtngfBbqOxiBi1JwrpfdEDeDPcCYnVQEOX6 6shiQ5PvO8p+TMfcFqL6rXxWG8bdWnV6OMNfoY/ytzeUpHEhUUvyMv+24XlYi1/nolBC fOTaZmHmWG0AsUEFz+IF4bt5ZJGfCu0XjaSBFkppV6a9lou3JMEYl1nR01oE8wZmx70p K/uQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=aGKG4G7Z; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s12si85400pgv.158.2019.06.13.09.09.46; Thu, 13 Jun 2019 09:10:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=aGKG4G7Z; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391241AbfFMQJR (ORCPT + 99 others); Thu, 13 Jun 2019 12:09:17 -0400 Received: from mail.kernel.org ([198.145.29.99]:33458 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731265AbfFMIoc (ORCPT ); Thu, 13 Jun 2019 04:44:32 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D024F20851; Thu, 13 Jun 2019 08:44:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1560415472; bh=QIHr5DZea2YBgkl2djW9ZCWCAK7jRohgG63d0kYrtl0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aGKG4G7ZdPvzHFLPxWf2fIBfH0j+zwwc5U+YG+ptXlbFHwiS4eFvjc5xGQwUodhP+ iRLJhsSoSwMA1GnYbv6K3ZOggVOoMuZy2i2s2Zs3O7dJL4rw6Pn4cL3hzqSuQRXxVE U+doxolX5AukWcz+pg5ci2M+XXPe4XrQcixJDwdQ= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Christian Brauner , Luis Chamberlain , Kees Cook , Alexey Dobriyan , Al Viro , Dominik Brodowski , "Eric W. Biederman" , Joe Lawrence , Waiman Long , Andrew Morton , Linus Torvalds , Sasha Levin Subject: [PATCH 5.1 006/155] sysctl: return -EINVAL if val violates minmax Date: Thu, 13 Jun 2019 10:31:58 +0200 Message-Id: <20190613075653.075900261@linuxfoundation.org> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20190613075652.691765927@linuxfoundation.org> References: <20190613075652.691765927@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [ Upstream commit e260ad01f0aa9e96b5386d5cd7184afd949dc457 ] Currently when userspace gives us a values that overflow e.g. file-max and other callers of __do_proc_doulongvec_minmax() we simply ignore the new value and leave the current value untouched. This can be problematic as it gives the illusion that the limit has indeed be bumped when in fact it failed. This commit makes sure to return EINVAL when an overflow is detected. Please note that this is a userspace facing change. Link: http://lkml.kernel.org/r/20190210203943.8227-4-christian@brauner.io Signed-off-by: Christian Brauner Acked-by: Luis Chamberlain Cc: Kees Cook Cc: Alexey Dobriyan Cc: Al Viro Cc: Dominik Brodowski Cc: "Eric W. Biederman" Cc: Joe Lawrence Cc: Waiman Long Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Sasha Levin --- kernel/sysctl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kernel/sysctl.c b/kernel/sysctl.c index c9ec050bcf46..387efbaf464a 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -2874,8 +2874,10 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int if (neg) continue; val = convmul * val / convdiv; - if ((min && val < *min) || (max && val > *max)) - continue; + if ((min && val < *min) || (max && val > *max)) { + err = -EINVAL; + break; + } *i = val; } else { val = convdiv * (*i) / convmul; -- 2.20.1