Use "proc_dointvec_minmax" instead of "proc_dointvec" to check the input value from user-space.
If not, we can set a big value and some vars will overflow like "sysctl_perf_event_sample_rate" which will cause a lot of unexpected problems. Signed-off-by: Tan Xiaojun <tanxiao...@huawei.com> Signed-off-by: Peter Zijlstra (Intel) <pet...@infradead.org> Cc: <a...@kernel.org> Cc: <alexander.shish...@linux.intel.com> Cc: Alexander Shishkin <alexander.shish...@linux.intel.com> Cc: Arnaldo Carvalho de Melo <a...@redhat.com> Cc: Jiri Olsa <jo...@redhat.com> Cc: Linus Torvalds <torva...@linux-foundation.org> Cc: Peter Zijlstra <pet...@infradead.org> Cc: Stephane Eranian <eran...@google.com> Cc: Thomas Gleixner <t...@linutronix.de> Cc: Vince Weaver <vincent.wea...@maine.edu> Link: http://lkml.kernel.org/r/1487829879-56237-1-git-send-email-tanxiao...@huawei.com Signed-off-by: Ingo Molnar <mi...@kernel.org> --- kernel/events/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index 350c45a..5b50b06 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -236,7 +236,7 @@ int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { - int ret = proc_dointvec(table, write, buffer, lenp, ppos); + int ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); if (ret || !write) return ret; -- 1.9.1