queue-3.18/sysctl-handle-overflow-for-file-max.patch

   1 From 886a87a7e354b77985cde72a5af70665faa888d3 Mon Sep 17 00:00:00 2001
   2 From: Christian Brauner <christian@brauner.io>
   3 Date: Thu, 7 Mar 2019 16:29:43 -0800
   4 Subject: sysctl: handle overflow for file-max
   5
   6 [ Upstream commit 32a5ad9c22852e6bd9e74bdec5934ef9d1480bc5 ]
   7
   8 Currently, when writing
   9
  10   echo 18446744073709551616 > /proc/sys/fs/file-max
  11
  12 /proc/sys/fs/file-max will overflow and be set to 0.  That quickly
  13 crashes the system.
  14
  15 This commit sets the max and min value for file-max.  The max value is
  16 set to long int.  Any higher value cannot currently be used as the
  17 percpu counters are long ints and not unsigned integers.
  18
  19 Note that the file-max value is ultimately parsed via
  20 __do_proc_doulongvec_minmax().  This function does not report error when
  21 min or max are exceeded.  Which means if a value largen that long int is
  22 written userspace will not receive an error instead the old value will be
  23 kept.  There is an argument to be made that this should be changed and
  24 __do_proc_doulongvec_minmax() should return an error when a dedicated min
  25 or max value are exceeded.  However this has the potential to break
  26 userspace so let's defer this to an RFC patch.
  27
  28 Link: http://lkml.kernel.org/r/20190107222700.15954-3-christian@brauner.io
  29 Signed-off-by: Christian Brauner <christian@brauner.io>
  30 Acked-by: Kees Cook <keescook@chromium.org>
  31 Cc: Alexey Dobriyan <adobriyan@gmail.com>
  32 Cc: Al Viro <viro@zeniv.linux.org.uk>
  33 Cc: Dominik Brodowski <linux@dominikbrodowski.net>
  34 Cc: "Eric W. Biederman" <ebiederm@xmission.com>
  35 Cc: Joe Lawrence <joe.lawrence@redhat.com>
  36 Cc: Luis Chamberlain <mcgrof@kernel.org>
  37 Cc: Waiman Long <longman@redhat.com>
  38 [christian@brauner.io: v4]
  39   Link: http://lkml.kernel.org/r/20190210203943.8227-3-christian@brauner.io
  40 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
  41 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  42 Signed-off-by: Sasha Levin <sashal@kernel.org>
  43 ---
  44  kernel/sysctl.c | 3 +++
  45  1 file changed, 3 insertions(+)
  46
  47 diff --git a/kernel/sysctl.c b/kernel/sysctl.c
  48 index 27f8aa765493..a68fed9f6922 100644
  49 --- a/kernel/sysctl.c
  50 +++ b/kernel/sysctl.c
  51 @@ -125,6 +125,7 @@ static int __maybe_unused one = 1;
  52  static int __maybe_unused two = 2;
  53  static int __maybe_unused four = 4;
  54  static unsigned long one_ul = 1;
  55 +static unsigned long long_max = LONG_MAX;
  56  static int one_hundred = 100;
  57  #ifdef CONFIG_PRINTK
  58  static int ten_thousand = 10000;
  59 @@ -1521,6 +1522,8 @@ static struct ctl_table fs_table[] = {
  60                 .maxlen         = sizeof(files_stat.max_files),
  61                 .mode           = 0644,
  62                 .proc_handler   = proc_doulongvec_minmax,
  63 +               .extra1         = &zero,
  64 +               .extra2         = &long_max,
  65         },
  66         {
  67                 .procname       = "nr_open",
  68 --
  69 2.19.1
  70