Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit eceea0b3 authored by Al Viro's avatar Al Viro
Browse files

[PATCH] avoid multiplication overflows and signedness issues for max_fds 



Limit sysctl_nr_open - we don't want ->max_fds to exceed MAX_INT and
we don't want size calculation for ->fd[] to overflow.

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent adbecb12

fs/file.c

+4 −0
Original line number Diff line number Diff line
@@ -26,6 +26,8 @@ struct fdtable_defer { 
};



int sysctl_nr_open __read_mostly = 1024*1024;

int sysctl_nr_open_min = BITS_PER_LONG;

int sysctl_nr_open_max = 1024 * 1024; /* raised later */



/*

 * We use this list to defer free fdtables that have vmalloced
@@ -405,6 +407,8 @@ void __init files_defer_init(void) 
	int i;

	for_each_possible_cpu(i)

		fdtable_defer_list_init(i);

	sysctl_nr_open_max = min((size_t)INT_MAX, ~(size_t)0/sizeof(void *)) &

			     -BITS_PER_LONG;

}



struct files_struct init_files = {

kernel/sysctl.c

+4 −1
Original line number Diff line number Diff line
@@ -81,6 +81,7 @@ extern int compat_log; 
extern int maps_protect;

extern int sysctl_stat_interval;

extern int latencytop_enabled;

extern int sysctl_nr_open_min, sysctl_nr_open_max;



/* Constants used for minimum and  maximum */

#if defined(CONFIG_DETECT_SOFTLOCKUP) || defined(CONFIG_HIGHMEM)
@@ -1190,7 +1191,9 @@ static struct ctl_table fs_table[] = { 
		.data		= &sysctl_nr_open,

		.maxlen		= sizeof(int),

		.mode		= 0644,

		.proc_handler	= &proc_dointvec,

		.proc_handler	= &proc_dointvec_minmax,

		.extra1		= &sysctl_nr_open_min,

		.extra2		= &sysctl_nr_open_max,

	},

	{

		.ctl_name	= FS_DENTRY,