Merge branch 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull sysctl fixes from Al Viro:
"Fixups to regressions in sysctl series"

* 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
sysctl: reject gigantic reads/write to sysctl files
cdrom: fix an incorrect __user annotation on cdrom_sysctl_info
trace: fix an incorrect __user annotation on stack_trace_sysctl
random: fix an incorrect __user annotation on proc_do_entropy
net/sysctl: remove leftover __user annotations on neigh_proc_dointvec*
net/sysctl: use cpumask_parse in flow_limit_cpu_sysctl

Linus Torvalds 5 years ago 1c383726 3a8557e1

+14 -13

7 changed files

expand all

drivers

cdrom

cdrom.c

char

random.c

proc

proc_sysctl.c

include

linux

ftrace.h

net

neighbour.h

kernel

trace

trace_stack.c

net

core

sysctl_net_core.c

+1 -1

drivers/cdrom/cdrom.c

··· 3535 3535 } 3536 3536 3537 3537 static int cdrom_sysctl_info(struct ctl_table *ctl, int write, 3538 - void __user *buffer, size_t *lenp, loff_t *ppos) 3538 + void *buffer, size_t *lenp, loff_t *ppos) 3539 3539 { 3540 3540 int pos; 3541 3541 char *info = cdrom_sysctl_settings.info;

+1 -1

drivers/char/random.c

··· 2087 2087 * Return entropy available scaled to integral bits 2088 2088 */ 2089 2089 static int proc_do_entropy(struct ctl_table *table, int write, 2090 - void __user *buffer, size_t *lenp, loff_t *ppos) 2090 + void *buffer, size_t *lenp, loff_t *ppos) 2091 2091 { 2092 2092 struct ctl_table fake_table; 2093 2093 int entropy_count;

fs/proc/proc_sysctl.c

··· 565 565 if (!table->proc_handler) 566 566 goto out; 567 567 568 + /* don't even try if the size is too large */ 569 + if (count > KMALLOC_MAX_SIZE) 570 + return -ENOMEM; 571 + 568 572 if (write) { 569 573 kbuf = memdup_user_nul(ubuf, count); 570 574 if (IS_ERR(kbuf)) {

+2 -3

include/linux/ftrace.h

··· 342 342 343 343 extern int stack_tracer_enabled; 344 344 345 - int stack_trace_sysctl(struct ctl_table *table, int write, 346 - void __user *buffer, size_t *lenp, 347 - loff_t *ppos); 345 + int stack_trace_sysctl(struct ctl_table *table, int write, void *buffer, 346 + size_t *lenp, loff_t *ppos); 348 347 349 348 /* DO NOT MODIFY THIS VARIABLE DIRECTLY! */ 350 349 DECLARE_PER_CPU(int, disable_stack_tracer);

+3 -4

include/net/neighbour.h

··· 392 392 void neigh_seq_stop(struct seq_file *, void *); 393 393 394 394 int neigh_proc_dointvec(struct ctl_table *ctl, int write, 395 - void __user *buffer, size_t *lenp, loff_t *ppos); 395 + void *buffer, size_t *lenp, loff_t *ppos); 396 396 int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, 397 - void __user *buffer, 397 + void *buffer, 398 398 size_t *lenp, loff_t *ppos); 399 399 int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write, 400 - void __user *buffer, 401 - size_t *lenp, loff_t *ppos); 400 + void *buffer, size_t *lenp, loff_t *ppos); 402 401 403 402 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, 404 403 proc_handler *proc_handler);

+2 -3

kernel/trace/trace_stack.c

··· 515 515 #endif /* CONFIG_DYNAMIC_FTRACE */ 516 516 517 517 int 518 - stack_trace_sysctl(struct ctl_table *table, int write, 519 - void __user *buffer, size_t *lenp, 520 - loff_t *ppos) 518 + stack_trace_sysctl(struct ctl_table *table, int write, void *buffer, 519 + size_t *lenp, loff_t *ppos) 521 520 { 522 521 int was_enabled; 523 522 int ret;

+1 -1

net/core/sysctl_net_core.c

··· 128 128 return -ENOMEM; 129 129 130 130 if (write) { 131 - ret = cpumask_parse_user(buffer, *lenp, mask); 131 + ret = cpumask_parse(buffer, mask); 132 132 if (ret) 133 133 goto done; 134 134