The sysctl parameters msgmni and shmmni have an inherent limit of IPC_MNI (32k). However, users may not be aware of that because they can write a value much higher than that without getting any error or notification. Reading the parameters back will show the newly written values which are not real.
Enforcing the limit by failing sysctl parameter write, however, can break existing user applications. To address this delemma, the following new sysctl range clamping APIs are added: - proc_dointvec_clamp_minmax() - proc_douintvec_clamp_minmax() This new set of APIs is then used to set the real limit for msgmni and shmmni without breaking existing applications. If any out of range value is written to those sysctl parameters, the following warning will be printed instead. Kernel parameter "shmmni" was set out of range [0, 32768], clamped to 32768. Reading the values back will show 32768 instead of some fake values. Waiman Long (3): sysctl: Add range clamping intvec helper functions sysctl: Warn when a clamped sysctl parameter is set out of range ipc: Clamp msgmni and shmmni to the real IPC_MNI limit include/linux/sysctl.h | 6 +++ ipc/ipc_sysctl.c | 10 ++-- kernel/sysctl.c | 123 ++++++++++++++++++++++++++++++++++++++++++++++--- 3 files changed, 129 insertions(+), 10 deletions(-) -- 220.127.116.11