| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2024 13:32:46 +0100
From: Joel Granados <j.granados@...sung.com>
To: Thomas Weißschuh <linux@...ssschuh.net>
CC: Luis Chamberlain <mcgrof@...nel.org>, Kees Cook <keescook@...omium.org>,
"David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
<linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>,
<netdev@...r.kernel.org>
Subject: Re: [PATCH v3 2/2] sysctl: treewide: constify argument
ctl_table_root::permissions(table)
On Fri, Mar 15, 2024 at 07:11:31PM +0100, Thomas Weißschuh wrote:
> The permissions callback is not supposed to modify the ctl_table.
> Enforce this expectation via the typesystem.
>
> The patch was created with the following coccinelle script:
>
> @@
> identifier func, head, ctl;
> @@
>
> int func(
> struct ctl_table_header *head,
> - struct ctl_table *ctl)
> + const struct ctl_table *ctl)
> { ... }
>
> (insert_entry() from fs/proc/proc_sysctl.c is a false-positive)
>
> The three changed locations were validated through manually inspection
> and compilation.
Will remove this when I add it to constfy branch as it is unclear (for
me) what "manually inspection" is and also I do not know what config you
used to compile. IMO, we can just do without it.
>
> In addition a search for '.permissions =' was done over the full tree to
> look for places that were missed by coccinelle.
> None were found.
>
> This change also is a step to put "struct ctl_table" into .rodata
> throughout the kernel.
This LGTM. Will add this to the constfy testing branch with these
changes in the commit message:
"""
sysctl: treewide: constify argument ctl_table_root::permissions(table)
The permissions callback should not modify the ctl_table. Enforce this
expectation via the typesystem. This is a step to put "struct ctl_table"
into .rodata throughout the kernel.
The patch was created with the following coccinelle script:
@@
identifier func, head, ctl;
@@
int func(
struct ctl_table_header *head,
- struct ctl_table *ctl)
+ const struct ctl_table *ctl)
{ ... }
(insert_entry() from fs/proc/proc_sysctl.c is a false-positive)
No additional occurances of '.permissions =' were found after a
tree-wide search for places missed by the conccinelle script.
"""
Reviewed-by: Joel Granados <j.granados@...sung.com>
>
> Signed-off-by: Thomas Weißschuh <linux@...ssschuh.net>
> ---
> include/linux/sysctl.h | 2 +-
> ipc/ipc_sysctl.c | 2 +-
> ipc/mq_sysctl.c | 2 +-
> kernel/ucount.c | 2 +-
> net/sysctl_net.c | 2 +-
> 5 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
> index 60333a6b9370..f9214de0490c 100644
> --- a/include/linux/sysctl.h
> +++ b/include/linux/sysctl.h
> @@ -206,7 +206,7 @@ struct ctl_table_root {
> struct ctl_table_set *(*lookup)(struct ctl_table_root *root);
> void (*set_ownership)(struct ctl_table_header *head,
> kuid_t *uid, kgid_t *gid);
> - int (*permissions)(struct ctl_table_header *head, struct ctl_table *table);
> + int (*permissions)(struct ctl_table_header *head, const struct ctl_table *table);
> };
>
> #define register_sysctl(path, table) \
> diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c
> index 1a5085e5b178..19b2a67aef40 100644
> --- a/ipc/ipc_sysctl.c
> +++ b/ipc/ipc_sysctl.c
> @@ -204,7 +204,7 @@ static void ipc_set_ownership(struct ctl_table_header *head,
> *gid = gid_valid(ns_root_gid) ? ns_root_gid : GLOBAL_ROOT_GID;
> }
>
> -static int ipc_permissions(struct ctl_table_header *head, struct ctl_table *table)
> +static int ipc_permissions(struct ctl_table_header *head, const struct ctl_table *table)
> {
> int mode = table->mode;
>
> diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c
> index 6bb1c5397c69..43c0825da9e8 100644
> --- a/ipc/mq_sysctl.c
> +++ b/ipc/mq_sysctl.c
> @@ -90,7 +90,7 @@ static void mq_set_ownership(struct ctl_table_header *head,
> *gid = gid_valid(ns_root_gid) ? ns_root_gid : GLOBAL_ROOT_GID;
> }
>
> -static int mq_permissions(struct ctl_table_header *head, struct ctl_table *table)
> +static int mq_permissions(struct ctl_table_header *head, const struct ctl_table *table)
> {
> int mode = table->mode;
> kuid_t ns_root_uid;
> diff --git a/kernel/ucount.c b/kernel/ucount.c
> index 4aa6166cb856..90300840256b 100644
> --- a/kernel/ucount.c
> +++ b/kernel/ucount.c
> @@ -38,7 +38,7 @@ static int set_is_seen(struct ctl_table_set *set)
> }
>
> static int set_permissions(struct ctl_table_header *head,
> - struct ctl_table *table)
> + const struct ctl_table *table)
> {
> struct user_namespace *user_ns =
> container_of(head->set, struct user_namespace, set);
> diff --git a/net/sysctl_net.c b/net/sysctl_net.c
> index a0a7a79991f9..f5017012a049 100644
> --- a/net/sysctl_net.c
> +++ b/net/sysctl_net.c
> @@ -40,7 +40,7 @@ static int is_seen(struct ctl_table_set *set)
>
> /* Return standard mode bits for table entry. */
> static int net_ctl_permissions(struct ctl_table_header *head,
> - struct ctl_table *table)
> + const struct ctl_table *table)
> {
> struct net *net = container_of(head->set, struct net, sysctls);
>
>
> --
> 2.44.0
>
--
Joel Granados
Download attachment "signature.asc" of type "application/pgp-signature" (660 bytes)
Powered by blists - more mailing lists