| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jan 2010 03:15:28 +0100 (CET)
From: Andi Kleen <andi@...stfloor.org>
To: ebiederm@...ssion.com, paulmck@...ux.vnet.ibm.com,
akpm@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: [PATCH] [3/9] SYSCTL: Add proc_rcu_string to manage sysctls using rcu strings
Add a helper to use the new rcu strings for managing access
to text sysctls. Conversions will be in follow-on patches.
An alternative would be to use seqlocks here, but RCU seemed
cleaner.
Signed-off-by: Andi Kleen <ak@...ux.intel.com>
---
include/linux/sysctl.h | 2 +
kernel/sysctl.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++
kernel/sysctl_check.c | 1
3 files changed, 69 insertions(+)
Index: linux-2.6.33-rc2-ak/include/linux/sysctl.h
===================================================================
--- linux-2.6.33-rc2-ak.orig/include/linux/sysctl.h
+++ linux-2.6.33-rc2-ak/include/linux/sysctl.h
@@ -969,6 +969,8 @@ typedef int proc_handler (struct ctl_tab
extern int proc_dostring(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
+extern int proc_rcu_string(struct ctl_table *, int,
+ void __user *, size_t *, loff_t *);
extern int proc_dointvec(struct ctl_table *, int,
void __user *, size_t *, loff_t *);
extern int proc_dointvec_minmax(struct ctl_table *, int,
Index: linux-2.6.33-rc2-ak/kernel/sysctl.c
===================================================================
--- linux-2.6.33-rc2-ak.orig/kernel/sysctl.c
+++ linux-2.6.33-rc2-ak/kernel/sysctl.c
@@ -50,6 +50,7 @@
#include <linux/ftrace.h>
#include <linux/slow-work.h>
#include <linux/perf_event.h>
+#include <linux/rcustring.h>
#include <asm/uaccess.h>
#include <asm/processor.h>
@@ -2016,6 +2017,60 @@ static int _proc_do_string(void* data, i
}
/**
+ * proc_rcu_string - sysctl string with rcu protection
+ * @table: the sysctl table
+ * @write: %TRUE if this is a write to the sysctl file
+ * @buffer: the user buffer
+ * @lenp: the size of the user buffer
+ * @ppos: file position
+ *
+ * Handle a string sysctl similar to proc_dostring.
+ * The main difference is that the data pointer in the table
+ * points to a pointer to a string. The string should be initially
+ * pointing to a statically allocated (as a C object, not on the heap)
+ * default. When it is replaced old uses will be protected by
+ * RCU. The reader should use rcu_read_lock()/unlock() or
+ * access_rcu_string().
+ */
+int proc_rcu_string(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ int ret;
+
+ if (write) {
+ /* protect writers against each other */
+ static DEFINE_MUTEX(rcu_string_mutex);
+ char *old;
+ char *new;
+
+ new = alloc_rcu_string(table->maxlen, GFP_KERNEL);
+ if (!new)
+ return -ENOMEM;
+ mutex_lock(&rcu_string_mutex);
+ old = *(char **)(table->data);
+ strcpy(new, old);
+ ret = _proc_do_string(new, table->maxlen, write, buffer, lenp, ppos);
+ rcu_assign_pointer(*(char **)(table->data), new);
+ /*
+ * For the first initialization allow constant strings.
+ */
+ if (!kernel_address((unsigned long)old))
+ free_rcu_string(old);
+ mutex_unlock(&rcu_string_mutex);
+ } else {
+ char *str;
+
+ str = access_rcu_string((char **)(table->data), table->maxlen,
+ GFP_KERNEL);
+ if (!str)
+ return -ENOMEM;
+ ret = _proc_do_string(str, table->maxlen, write, buffer, lenp, ppos);
+ kfree(str);
+ }
+ return ret;
+}
+
+/**
* proc_dostring - read a string sysctl
* @table: the sysctl table
* @write: %TRUE if this is a write to the sysctl file
@@ -2030,6 +2085,10 @@ static int _proc_do_string(void* data, i
* and a newline '\n' is added. It is truncated if the buffer is
* not large enough.
*
+ * WARNING: this should be only used for read only strings
+ * or when you have a wrapper with special locking. Otherwise
+ * use proc_rcu_string to avoid races with the consumer.
+ *
* Returns 0 on success.
*/
int proc_dostring(struct ctl_table *table, int write,
@@ -2614,6 +2673,12 @@ int proc_dostring(struct ctl_table *tabl
return -ENOSYS;
}
+int proc_rcu_string(struct ctl_table *table, int write,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ return -ENOSYS;
+}
+
int proc_dointvec(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos)
{
@@ -2670,6 +2735,7 @@ EXPORT_SYMBOL(proc_dointvec_minmax);
EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
EXPORT_SYMBOL(proc_dostring);
+EXPORT_SYMBOL(proc_rcu_string);
EXPORT_SYMBOL(proc_doulongvec_minmax);
EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax);
EXPORT_SYMBOL(register_sysctl_table);
Index: linux-2.6.33-rc2-ak/kernel/sysctl_check.c
===================================================================
--- linux-2.6.33-rc2-ak.orig/kernel/sysctl_check.c
+++ linux-2.6.33-rc2-ak/kernel/sysctl_check.c
@@ -131,6 +131,7 @@ int sysctl_check_table(struct nsproxy *n
set_fail(&fail, table, "Directory with extra2");
} else {
if ((table->proc_handler == proc_dostring) ||
+ (table->proc_handler == proc_rcu_string) ||
(table->proc_handler == proc_dointvec) ||
(table->proc_handler == proc_dointvec_minmax) ||
(table->proc_handler == proc_dointvec_jiffies) ||
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists