Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp3735025ybi; Tue, 2 Jul 2019 12:33:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqzbuzAtMOkTo59LZdr35CcSJ4q7pk9avbZwbFsc8beAdyNsckeaCdiRxZh7FqgFFlAoGMec X-Received: by 2002:a17:902:59c8:: with SMTP id d8mr38209950plj.55.1562095984230; Tue, 02 Jul 2019 12:33:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562095984; cv=none; d=google.com; s=arc-20160816; b=wQJtvJ0o5Nu1f0LBZlBfusKTPXiozyPn3SKkQVbECZB2ZyATwpmjxL1TSLpn5bEgCo fqJvSGRMAJE4nqJyEkbAQY81emFEY8tUpym+oAmoJ5i/IuDjP37KyfYxA5nL6JxiJhDH zoDBGZlYUxHKEucMV2BWbctIpJgbv0/NpIQa1OgUwF9xpg9RntVzTyocqZupbl51+SyS VG8Fs1+zuP+ZoegKgiP2GBZ7v0gT1eGMN5qDjupn4KExBMtqf0WnHf9a09eD92auGvDH mKvh67TUSkTQpKt99+Y4iQyW0DVNGFz9twiykSwCXKB0+2S7V3c1vnZjsutTPmXL4gUW loyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=/l7tQXDVVs21mlFttWTKF5GQ9EhRP7J1hjh79A4b/Lg=; b=u/tI6pfazx1a06GLY1R4VI8U9bViw4z8dth3/11G0AzCXSYpVH5ZOJShFP2UywNQKl P+sPvuTxsC43HtEWnM+k+5NVkqGet7fK6bJodffDU6240CTx3oRRvBnvUTPHCkFA9ut4 1bhvqSg0GPDXwecz4GRBzwdxWlOm6JP5Nv1mnr7dJL3rVXZGRken9Ecva1ztyLuttIpp i2M+UamGEih7oDHDw2+TOi+KONfj8q3aV+Udzs7XL4SUZB5AwAeAKR3w6xqC1vEpLN/v s9pTL5N8FSN+sAKgBEjY66IxodggBaRsPQpHljn33sA5h0h2abrJ6zSA+ghChs4vHBgd DxOA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a32si13771148pla.178.2019.07.02.12.32.48; Tue, 02 Jul 2019 12:33:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727110AbfGBTc0 (ORCPT + 99 others); Tue, 2 Jul 2019 15:32:26 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:43609 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726291AbfGBTc0 (ORCPT ); Tue, 2 Jul 2019 15:32:26 -0400 Received: by mail-pg1-f195.google.com with SMTP id f25so8170141pgv.10; Tue, 02 Jul 2019 12:32:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=/l7tQXDVVs21mlFttWTKF5GQ9EhRP7J1hjh79A4b/Lg=; b=iID4vGin5rQQbD+cClMm5N4VlFD4pYbHnKJLXuVQP6KTQIEA2Jrja2CZkorOtg5Rfb j1OFL8X9GTL7Wub+pdSJAUc/LMyZFuZyXNqjKtcmvn2kkccgh1VHKQCjGK1ka99UYMfx 0AaTpaHmXfPl3/sFWKwpLANDXsZSIKyeo/32bAqUG5G3c2VehiGXsiHcm9Yh4NaGBD/G 5UlGt1e+mR5hlto29Hr2xzYRTTaIUm9H0da4Aew3Y6d2oF+FR71mJggtlzL3GMpxrdzV 8KF6Xyj8Y16MxU7ihs0OlzJQUpqK+uHaTryLSagr6OGEuzzqggZMT6dN0dISP7WdCR21 RGrg== X-Gm-Message-State: APjAAAVKwZgx2Bf7adUHNnXv+AR9/cL+ItAXHjwQjV85UNBu9XY6ObTm RzQQ/xxvI/iGdbe1BAUw36o= X-Received: by 2002:a17:90a:8a15:: with SMTP id w21mr7526225pjn.134.1562095945194; Tue, 02 Jul 2019 12:32:25 -0700 (PDT) Received: from 42.do-not-panic.com (42.do-not-panic.com. [157.230.128.187]) by smtp.gmail.com with ESMTPSA id v3sm14307182pfm.188.2019.07.02.12.32.23 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Tue, 02 Jul 2019 12:32:23 -0700 (PDT) Received: by 42.do-not-panic.com (Postfix, from userid 1000) id BEC0140251; Tue, 2 Jul 2019 19:32:22 +0000 (UTC) Date: Tue, 2 Jul 2019 19:32:22 +0000 From: Luis Chamberlain To: Zhiqiang Liu Cc: Kees Cook , akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, ebiederm@xmission.com, pbonzini@redhat.com, viro@zeniv.linux.org.uk, adobriyan@gmail.com, mingfangsen@huawei.com, wangxiaogang3@huawei.com, "Zhoukang (A)" , netdev@vger.kernel.org Subject: Re: [PATCH next] sysctl: add proc_dointvec_jiffies_minmax to limit the min/max write value Message-ID: <20190702193222.GP19023@42.do-not-panic.com> References: <032e024f-2b1b-a980-1b53-d903bc8db297@huawei.com> <3e421384-a9cb-e534-3370-953c56883516@huawei.com> <201905150945.C9D1F811F@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 04, 2019 at 11:27:51PM +0800, Zhiqiang Liu wrote: > > On Wed, May 15, 2019 at 10:53:55PM +0800, Zhiqiang Liu wrote: > >>>> In proc_dointvec_jiffies func, the write value is only checked > >>>> whether it is larger than INT_MAX. If the write value is less > >>>> than zero, it can also be successfully writen in the data. > > > > This appears to be "be design", but I see many "unsigned int" users > > that might be tricked into giant values... (for example, see > > net/netfilter/nf_conntrack_standalone.c) > > > > Should proc_dointvec_jiffies() just be fixed to disallow negative values > > entirely? Looking at the implementation, it seems to be very intentional > > about accepting negative values. > > > > However, when I looked through a handful of proc_dointvec_jiffies() > > users, it looks like they're all expecting a positive value. Many in the > > networking subsystem are, in fact, writing to unsigned long variables, > > as I mentioned. > > > I totally agree with you. And I also cannot find an scenario that expects > negative values. Consideing the "negative" scenario may be exist, I add the > proc_dointvec_jiffies_minmax like proc_dointvec_minmax. If no negative values exist, and there is no real point to it, then just rename the existing one and update the docs. Luis