When parsing changes to the huge page pool sizes made from userspace via the sysfs interface, bogus input values are being covered up by nr_hugepages_store_common and nr_overcommit_hugepages_store returning 0 when strict_strtoul returns an error. This can cause an infinite loop in the nr_hugepages_store code. This patch changes the return value for these functions to -EINVAL when strict_strtoul returns an error.
Reported-by: CAI Qian <[email protected]> Signed-off-by: Eric B Munson <[email protected]> Cc: [email protected] --- Changes from V1 Reword leader to show problem that is fixed by the patch Add [email protected] as a CC to handle stable submission the right way mm/hugetlb.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 8585524..5cb71a9 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -1440,7 +1440,7 @@ static ssize_t nr_hugepages_store_common(bool obey_mempolicy, err = strict_strtoul(buf, 10, &count); if (err) - return 0; + return -EINVAL; h = kobj_to_hstate(kobj, &nid); if (nid == NUMA_NO_NODE) { @@ -1519,7 +1519,7 @@ static ssize_t nr_overcommit_hugepages_store(struct kobject *kobj, err = strict_strtoul(buf, 10, &input); if (err) - return 0; + return -EINVAL; spin_lock(&hugetlb_lock); h->nr_overcommit_huge_pages = input; -- 1.7.1 _______________________________________________ stable mailing list [email protected] http://linux.kernel.org/mailman/listinfo/stable
