[PATCH v2 0/3] bpf: cgroup: fix sysctl new-value handling in __cgroup_bpf_run_filter_sysctl

Next message: Russ Fellows: "[PATCH 2/2] fuse: reduce fi-&gt;lock contention on parallel direct I/O"
Previous message: Russ Fellows: "[PATCH 1/2] fuse: fix FOPEN_PARALLEL_DIRECT_WRITES being ignored for passthrough writes"
Next in thread: Dawei Feng: "[PATCH v2 1/3] bpf: cgroup: use kvfree() for replaced sysctl write buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dawei Feng

Date: Thu May 28 2026 - 23:12:35 EST

This series fixes three bugs in the sysctl write-buffer replacement path
of __cgroup_bpf_run_filter_sysctl(). It resolves a kvzalloc()/kfree()
mismatch, adds a missing NUL terminator to the replacement string, and
updates a stale return value check to safely restore the replacement
functionality.

Patch Summary:
- patch 1 uses kvfree() for the replaced sysctl write buffer
- patch 2 NUL-terminates the replaced sysctl value
- patch 3 restores sysctl new-value replacement

Changelog:
v1 -> v2:
- added patch 2 to fix an out-of-bounds access in
bpf_sysctl_set_new_value() by properly NUL-terminating the replaced
sysctl value buffer.
- reordered patches 1 and 3.

Dawei Feng (3):
bpf: cgroup: use kvfree() for replaced sysctl write buffer
bpf: cgroup: NUL-terminate replaced sysctl value
bpf: cgroup: restore sysctl new-value replacement

kernel/bpf/cgroup.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

--
2.34.1