[v2,2/6] sysctl: Fixes nsm_local_state bounds

Message ID	20250224095826.16458-3-nicolas.bouchinet@clip-os.org (mailing list archive)
State	New
Headers	show Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 45D422505B3; Mon, 24 Feb 2025 09:59:01 +0000 (UTC) From: nicolas.bouchinet@clip-os.org To: linux-kernel@vger.kernel.org, linux-rdma@vger.kernel.org, linux-scsi@vger.kernel.org, codalist@coda.cs.cmu.edu, linux-nfs@vger.kernel.org Cc: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>, Joel Granados <j.granados@samsung.com>, Clemens Ladisch <clemens@ladisch.de>, Arnd Bergmann <arnd@arndb.de>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Jason Gunthorpe <jgg@ziepe.ca>, Leon Romanovsky <leon@kernel.org>, "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>, "Martin K. Petersen" <martin.petersen@oracle.com>, Jan Harkes <jaharkes@cs.cmu.edu>, Chuck Lever <chuck.lever@oracle.com>, Jeff Layton <jlayton@kernel.org>, Neil Brown <neilb@suse.de>, Olga Kornievskaia <okorniev@redhat.com>, Dai Ngo <Dai.Ngo@oracle.com>, Tom Talpey <tom@talpey.com>, Trond Myklebust <trondmy@kernel.org>, Anna Schumaker <anna@kernel.org>, Bart Van Assche <bvanassche@acm.org>, Zhu Yanjun <yanjun.zhu@linux.dev>, Al Viro <viro@zeniv.linux.org.uk>, Christian Brauner <brauner@kernel.org> Subject: [PATCH v2 2/6] sysctl: Fixes nsm_local_state bounds Date: Mon, 24 Feb 2025 10:58:17 +0100 Message-ID: <20250224095826.16458-3-nicolas.bouchinet@clip-os.org> In-Reply-To: <20250224095826.16458-1-nicolas.bouchinet@clip-os.org> References: <20250224095826.16458-1-nicolas.bouchinet@clip-os.org> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	Fixes multiple sysctl bound checks \| expand [v2,0/6] Fixes multiple sysctl bound checks [v2,1/6] sysctl: Fixes idmap_cache_timeout bounds [v2,2/6] sysctl: Fixes nsm_local_state bounds [v2,3/6] sysctl/coda: Fixes timeout bounds [v2,4/6] sysctl: Fixes scsi_logging_level bounds [v2,5/6] sysctl/infiniband: Fixes infiniband sysctl bounds [v2,6/6] sysctl: Fixes max-user-freq bounds

Message ID

20250224095826.16458-3-nicolas.bouchinet@clip-os.org (mailing list archive)

State

New

Headers

From: nicolas.bouchinet@clip-os.org
To: linux-kernel@vger.kernel.org,
	linux-rdma@vger.kernel.org,
	linux-scsi@vger.kernel.org,
	codalist@coda.cs.cmu.edu,
	linux-nfs@vger.kernel.org
Cc: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>,
	Joel Granados <j.granados@samsung.com>,
	Clemens Ladisch <clemens@ladisch.de>,
	Arnd Bergmann <arnd@arndb.de>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Jason Gunthorpe <jgg@ziepe.ca>,
	Leon Romanovsky <leon@kernel.org>,
	"James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>,
	"Martin K. Petersen" <martin.petersen@oracle.com>,
	Jan Harkes <jaharkes@cs.cmu.edu>,
	Chuck Lever <chuck.lever@oracle.com>,
	Jeff Layton <jlayton@kernel.org>,
	Neil Brown <neilb@suse.de>,
	Olga Kornievskaia <okorniev@redhat.com>,
	Dai Ngo <Dai.Ngo@oracle.com>,
	Tom Talpey <tom@talpey.com>,
	Trond Myklebust <trondmy@kernel.org>,
	Anna Schumaker <anna@kernel.org>,
	Bart Van Assche <bvanassche@acm.org>,
	Zhu Yanjun <yanjun.zhu@linux.dev>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Christian Brauner <brauner@kernel.org>
Subject: [PATCH v2 2/6] sysctl: Fixes nsm_local_state bounds
Date: Mon, 24 Feb 2025 10:58:17 +0100
Message-ID: <20250224095826.16458-3-nicolas.bouchinet@clip-os.org>
In-Reply-To: <20250224095826.16458-1-nicolas.bouchinet@clip-os.org>
References: <20250224095826.16458-1-nicolas.bouchinet@clip-os.org>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

Fixes multiple sysctl bound checks | expand

Commit Message

Nicolas Bouchinet Feb. 24, 2025, 9:58 a.m. UTC

From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>

Bound nsm_local_state sysctl writings between SYSCTL_ZERO
and SYSCTL_INT_MAX.

The proc_handler has thus been updated to proc_dointvec_minmax.

Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
---
 fs/lockd/svc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Chuck Lever Feb. 24, 2025, 2:38 p.m. UTC | #1

On 2/24/25 4:58 AM, nicolas.bouchinet@clip-os.org wrote:
> From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> 
> Bound nsm_local_state sysctl writings between SYSCTL_ZERO
> and SYSCTL_INT_MAX.
> 
> The proc_handler has thus been updated to proc_dointvec_minmax.
> 
> Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
> ---
>  fs/lockd/svc.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c
> index 2c8eedc6c2cc9..984ab233af8b6 100644
> --- a/fs/lockd/svc.c
> +++ b/fs/lockd/svc.c
> @@ -461,7 +461,9 @@ static const struct ctl_table nlm_sysctls[] = {
>  		.data		= &nsm_local_state,
>  		.maxlen		= sizeof(int),
>  		.mode		= 0644,
> -		.proc_handler	= proc_dointvec,
> +		.proc_handler	= proc_dointvec_minmax,
> +		.extra1		= SYSCTL_ZERO,
> +		.extra2		= SYSCTL_INT_MAX,
>  	},
>  };
>  

Hi Nicolas -

nsm_local_state is an unsigned 32-bit integer. The type of that value is
defined by spec, because this value is exchanged between peers on the
network.

Perhaps this patch should replace proc_dointvec with proc_douintvec
instead.

Nicolas Bouchinet Feb. 25, 2025, 10:37 a.m. UTC | #2

On 2/24/25 15:38, Chuck Lever wrote:
> On 2/24/25 4:58 AM, nicolas.bouchinet@clip-os.org wrote:
>> From: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
>>
>> Bound nsm_local_state sysctl writings between SYSCTL_ZERO
>> and SYSCTL_INT_MAX.
>>
>> The proc_handler has thus been updated to proc_dointvec_minmax.
>>
>> Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
>> ---
>>   fs/lockd/svc.c | 4 +++-
>>   1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c
>> index 2c8eedc6c2cc9..984ab233af8b6 100644
>> --- a/fs/lockd/svc.c
>> +++ b/fs/lockd/svc.c
>> @@ -461,7 +461,9 @@ static const struct ctl_table nlm_sysctls[] = {
>>   		.data		= &nsm_local_state,
>>   		.maxlen		= sizeof(int),
>>   		.mode		= 0644,
>> -		.proc_handler	= proc_dointvec,
>> +		.proc_handler	= proc_dointvec_minmax,
>> +		.extra1		= SYSCTL_ZERO,
>> +		.extra2		= SYSCTL_INT_MAX,
>>   	},
>>   };
>>   
> Hi Nicolas -
>
> nsm_local_state is an unsigned 32-bit integer. The type of that value is
> defined by spec, because this value is exchanged between peers on the
> network.
>
> Perhaps this patch should replace proc_dointvec with proc_douintvec
> instead.
>
>

Hi Chuck,

Thank's for your review.

If `nsm_local_state` should be set to the
full range of an uint32_t by a user writing in the sysctl, then yes it 
should
use `proc_douintvec` instead of limiting it to SYSCTL_INT_MAX value 
(INT_MAX).

I've used `proc_dointvec_minmax` since it already used `proc_dointvec` 
and thus
was already capped at INT_MAX.

Best regards,

Nicolas

diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c
index 2c8eedc6c2cc9..984ab233af8b6 100644
--- a/fs/lockd/svc.c
+++ b/fs/lockd/svc.c
@@ -461,7 +461,9 @@  static const struct ctl_table nlm_sysctls[] = {
 		.data		= &nsm_local_state,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
-		.proc_handler	= proc_dointvec,
+		.proc_handler	= proc_dointvec_minmax,
+		.extra1		= SYSCTL_ZERO,
+		.extra2		= SYSCTL_INT_MAX,
 	},
 };

[v2,2/6] sysctl: Fixes nsm_local_state bounds

Commit Message

Comments

Patch