lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <97a52396-3b86-47a5-ae02-8a979f6fc375@t-8ch.de>
Date: Tue, 6 Aug 2024 21:24:33 +0200
From: Thomas Weißschuh <linux@...ssschuh.net>
To: Solar Designer <solar@...nwall.com>
Cc: Joel Granados <j.granados@...sung.com>, 
	Linus Torvalds <torvalds@...ux-foundation.org>, Luis Chamberlain <mcgrof@...nel.org>, 
	Jeff Johnson <quic_jjohnson@...cinc.com>, Kees Cook <keescook@...omium.org>, Wen Yang <wen.yang@...ux.dev>, 
	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [GIT PULL] sysctl changes for v6.11-rc1

On 2024-08-06 20:57:37+0000, Solar Designer wrote:
> On Tue, Jul 16, 2024 at 04:16:56PM +0200, Joel Granados wrote:
> > sysctl changes for 6.11-rc1
> > 
> > Summary
> > 
> > * Remove "->procname == NULL" check when iterating through sysctl table arrays
> > 
> >     Removing sentinels in ctl_table arrays reduces the build time size and
> >     runtime memory consumed by ~64 bytes per array. With all ctl_table
> >     sentinels gone, the additional check for ->procname == NULL that worked in
> >     tandem with the ARRAY_SIZE to calculate the size of the ctl_table arrays is
> >     no longer needed and has been removed. The sysctl register functions now
> >     returns an error if a sentinel is used.
> > 
> > * Preparation patches for sysctl constification
> > 
> >     Constifying ctl_table structs prevents the modification of proc_handler
> >     function pointers as they would reside in .rodata. The ctl_table arguments
> >     in sysctl utility functions are const qualified in preparation for a future
> >     treewide proc_handler argument constification commit.
> 
> As (I assume it was) expected, these changes broke out-of-tree modules.
> For LKRG, I am repairing this by adding "#if LINUX_VERSION_CODE >=
> KERNEL_VERSION(6,11,0)" checks around the corresponding module changes.
> This works.  However, I wonder if it would possibly be better for the
> kernel to introduce a corresponding "feature test macro" (or two, for
> the two changes above).  I worry that these changes (or some of them)
> could get backported to stable/longterm, which with the 6.11+ checks
> would unnecessarily break out-of-tree modules again (and again and again
> for each backport to a different kernel branch).  Feature test macro(s)
> would avoid such further breakage, as they would (be supposed to be)
> included along with the backports.

I don't see any of these changes being backported.

The removal of the "->procname == NULL" check depends on all in-kernel
tables being registered with an explicit size, which is not the case on
old kernels. So a backport would not only silently fail for external
modules but also for internal code.
The same for the constification patches but with build errors instead of
runtime errors.

My future sysctl constification patches will be backwards compatible at
both compiletime and runtime, for both internal and external code.

So the version checks should be enough here.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ