sysctl: add unsigned int range support · tjh.dev/kernel@61d9b56

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

sysctl: add unsigned int range support

To keep parity with regular int interfaces provide the an unsigned int
proc_douintvec_minmax() which allows you to specify a range of allowed
valid numbers.

Adding proc_douintvec_minmax_sysadmin() is easy but we can wait for an
actual user for that.

Link: http://lkml.kernel.org/r/20170519033554.18592-6-mcgrof@kernel.org
Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Luis R. Rodriguez and committed by

Linus Torvalds 8 years ago 61d9b56a 4f2fec00

+72 -1

3 changed files

expand all

proc

proc_sysctl.c

include

linux

sysctl.h

kernel

sysctl.c

+3 -1

fs/proc/proc_sysctl.c

··· 1065 1065 { 1066 1066 int err = 0; 1067 1067 1068 - if (table->proc_handler == proc_douintvec) { 1068 + if ((table->proc_handler == proc_douintvec) || 1069 + (table->proc_handler == proc_douintvec_minmax)) { 1069 1070 if (table->maxlen != sizeof(unsigned int)) 1070 1071 err |= sysctl_err(path, table, "array now allowed"); 1071 1072 } ··· 1084 1083 if ((table->proc_handler == proc_dostring) || 1085 1084 (table->proc_handler == proc_dointvec) || 1086 1085 (table->proc_handler == proc_douintvec) || 1086 + (table->proc_handler == proc_douintvec_minmax) || 1087 1087 (table->proc_handler == proc_dointvec_minmax) || 1088 1088 (table->proc_handler == proc_dointvec_jiffies) || 1089 1089 (table->proc_handler == proc_dointvec_userhz_jiffies) ||

include/linux/sysctl.h

··· 47 47 void __user *, size_t *, loff_t *); 48 48 extern int proc_dointvec_minmax(struct ctl_table *, int, 49 49 void __user *, size_t *, loff_t *); 50 + extern int proc_douintvec_minmax(struct ctl_table *table, int write, 51 + void __user *buffer, size_t *lenp, 52 + loff_t *ppos); 50 53 extern int proc_dointvec_jiffies(struct ctl_table *, int, 51 54 void __user *, size_t *, loff_t *); 52 55 extern int proc_dointvec_userhz_jiffies(struct ctl_table *, int,

+66

kernel/sysctl.c

··· 2567 2567 do_proc_dointvec_minmax_conv, &param); 2568 2568 } 2569 2569 2570 + struct do_proc_douintvec_minmax_conv_param { 2571 + unsigned int *min; 2572 + unsigned int *max; 2573 + }; 2574 + 2575 + static int do_proc_douintvec_minmax_conv(unsigned long *lvalp, 2576 + unsigned int *valp, 2577 + int write, void *data) 2578 + { 2579 + struct do_proc_douintvec_minmax_conv_param *param = data; 2580 + 2581 + if (write) { 2582 + unsigned int val = *lvalp; 2583 + 2584 + if ((param->min && *param->min > val) || 2585 + (param->max && *param->max < val)) 2586 + return -ERANGE; 2587 + 2588 + if (*lvalp > UINT_MAX) 2589 + return -EINVAL; 2590 + *valp = val; 2591 + } else { 2592 + unsigned int val = *valp; 2593 + *lvalp = (unsigned long) val; 2594 + } 2595 + 2596 + return 0; 2597 + } 2598 + 2599 + /** 2600 + * proc_douintvec_minmax - read a vector of unsigned ints with min/max values 2601 + * @table: the sysctl table 2602 + * @write: %TRUE if this is a write to the sysctl file 2603 + * @buffer: the user buffer 2604 + * @lenp: the size of the user buffer 2605 + * @ppos: file position 2606 + * 2607 + * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer 2608 + * values from/to the user buffer, treated as an ASCII string. Negative 2609 + * strings are not allowed. 2610 + * 2611 + * This routine will ensure the values are within the range specified by 2612 + * table->extra1 (min) and table->extra2 (max). There is a final sanity 2613 + * check for UINT_MAX to avoid having to support wrap around uses from 2614 + * userspace. 2615 + * 2616 + * Returns 0 on success. 2617 + */ 2618 + int proc_douintvec_minmax(struct ctl_table *table, int write, 2619 + void __user *buffer, size_t *lenp, loff_t *ppos) 2620 + { 2621 + struct do_proc_douintvec_minmax_conv_param param = { 2622 + .min = (unsigned int *) table->extra1, 2623 + .max = (unsigned int *) table->extra2, 2624 + }; 2625 + return do_proc_douintvec(table, write, buffer, lenp, ppos, 2626 + do_proc_douintvec_minmax_conv, &param); 2627 + } 2628 + 2570 2629 static void validate_coredump_safety(void) 2571 2630 { 2572 2631 #ifdef CONFIG_COREDUMP ··· 3125 3066 return -ENOSYS; 3126 3067 } 3127 3068 3069 + int proc_douintvec_minmax(struct ctl_table *table, int write, 3070 + void __user *buffer, size_t *lenp, loff_t *ppos) 3071 + { 3072 + return -ENOSYS; 3073 + } 3074 + 3128 3075 int proc_dointvec_jiffies(struct ctl_table *table, int write, 3129 3076 void __user *buffer, size_t *lenp, loff_t *ppos) 3130 3077 { ··· 3173 3108 EXPORT_SYMBOL(proc_douintvec); 3174 3109 EXPORT_SYMBOL(proc_dointvec_jiffies); 3175 3110 EXPORT_SYMBOL(proc_dointvec_minmax); 3111 + EXPORT_SYMBOL_GPL(proc_douintvec_minmax); 3176 3112 EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); 3177 3113 EXPORT_SYMBOL(proc_dointvec_ms_jiffies); 3178 3114 EXPORT_SYMBOL(proc_dostring);