[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK7LNARbSjmZgp1vg5m2j4oRYHgCUv7Wsj+4-OYdo9Cpe0Xs3A@mail.gmail.com>
Date: Tue, 26 Jul 2022 18:22:33 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: Mauricio Faria de Oliveira <mfo@...onical.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-modules <linux-modules@...r.kernel.org>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
Linux FS-devel Mailing List <linux-fsdevel@...r.kernel.org>,
Michal Marek <michal.lkml@...kovi.net>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Luis Chamberlain <mcgrof@...nel.org>,
Kees Cook <keescook@...omium.org>,
Iurii Zaikin <yzaikin@...gle.com>
Subject: Re: [RFC PATCH 6/6] sysctl: introduce /proc/sys/kernel/modprobe_sysctl_alias
On Fri, Jul 22, 2022 at 11:24 AM Mauricio Faria de Oliveira
<mfo@...onical.com> wrote:
>
> The goal of the earlier patches is to let sysctl userspace tools
> load the kernel module with a sysctl entry that is not available
> yet in /proc/sys/ when the tool runs (so it can become available).
>
> Let's expose this file for userspace for two reasons:
>
> 1) Allow such tools to identify that the running kernel has the
> code which produces sysctl module aliases, so they could run
> 'modprobe sysctl:<entry>' only when it may actually help.
>
> 2) Allow an administrator to hint such tools not to do that, if
> that is desired for some reason (e.g., rather have the tools
> fail if something is misconfigured in a critical deployment).
This flag is just a hint.
User-space tools are still able to ignore it.
Perhaps, such administrator's choice might be specified in
tools' configuration file.
For example,
/etc/modprobe.d/forbid-sysctl-alias.conf
may specify
blacklist: sysctl:*
if they want to forbid sysctl aliasing.
(but I do not know if this works or not).
> Also add a module parameter for that (proc.modprobe_sysctl_alias),
> for another method that doesn't depend on sysctl tools to be set
> (that wouldn't fail them to try and set it if it's not there yet).
>
> Signed-off-by: Mauricio Faria de Oliveira <mfo@...onical.com>
> ---
> fs/proc/proc_sysctl.c | 8 ++++++++
> include/linux/module.h | 1 +
> kernel/sysctl.c | 9 +++++++++
> 3 files changed, 18 insertions(+)
>
> diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
> index ebbf8702387e..1e63819fcda8 100644
> --- a/fs/proc/proc_sysctl.c
> +++ b/fs/proc/proc_sysctl.c
> @@ -33,6 +33,14 @@ static void check_struct_sysctl_device_id(void)
> BUILD_BUG_ON(offsetof(struct sysctl_device_id, procname)
> != offsetof(struct ctl_table, procname));
> }
> +
> +/*
> + * Hint sysctl userspace tools whether or not to run modprobe with sysctl alias
> + * ('modprobe sysctl:entry') if they cannot find the file '/proc/sys/.../entry'
> + */
> +int modprobe_sysctl_alias = 1;
> +module_param(modprobe_sysctl_alias, int, 0644);
> +
> #else
> static void check_struct_sysctl_device_id(void) {}
> #endif
> diff --git a/include/linux/module.h b/include/linux/module.h
> index 3010f687df19..5f565491c596 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -304,6 +304,7 @@ struct notifier_block;
> #ifdef CONFIG_MODULES
>
> extern int modules_disabled; /* for sysctl */
> +extern int modprobe_sysctl_alias; /* for proc sysctl */
> /* Get/put a kernel symbol (calls must be symmetric) */
> void *__symbol_get(const char *symbol);
> void *__symbol_get_gpl(const char *symbol);
> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index 15073621cfa8..b396cfcb55fc 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -1763,6 +1763,15 @@ static struct ctl_table kern_table[] = {
> .mode = 0644,
> .proc_handler = proc_dostring,
> },
> +#ifdef CONFIG_PROC_SYSCTL
> + {
> + .procname = "modprobe_sysctl_alias",
> + .data = &modprobe_sysctl_alias,
> + .maxlen = sizeof(modprobe_sysctl_alias),
> + .mode = 0644,
> + .proc_handler = proc_dointvec,
> + },
> +#endif
> {
> .procname = "modules_disabled",
> .data = &modules_disabled,
> --
> 2.25.1
>
--
Best Regards
Masahiro Yamada
Powered by blists - more mailing lists