lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ec28176d-5ed4-4635-932d-bbc4c1cf6bd7@t-8ch.de>
Date: Sun, 15 Sep 2024 08:08:10 +0200
From: Thomas Weißschuh <thomas@...ch.de>
To: Wen Yang <wen.yang@...ux.dev>
Cc: "Eric W . Biederman" <ebiederm@...ssion.com>, 
	Luis Chamberlain <mcgrof@...nel.org>, Kees Cook <keescook@...omium.org>, 
	Joel Granados <j.granados@...sung.com>, Christian Brauner <brauner@...nel.org>, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 0/5] sysctl: encode the min/max values directly in the
 table entry

Hi,

On 2024-09-15 10:08:26+0000, Wen Yang wrote:
> Many modules use these additional static/global variables (such as
> two_five_five, n_65535, ue_int_max, etc.) in the boundary checking of
> sysctl, and they are read-only and never changed.
> 
> Eric points out: "by turning .extra1 and .extra2 into longs instead of
> keeping them as pointers and needing constants to be pointed at somewhere
> .. The only people I can see who find a significant benefit by
> consolidating all of the constants into one place are people who know how
> to stomp kernel memory."
> 
> This patch series achieves direct encoding values in table entries and still
> maintains compatibility with existing extra1/extra2 pointers.
> Afterwards, we can remove these unnecessary static variables progressively and
> also gradually kill the shared const array.

As this is already v3 it would be nice to have a series changelog and
links to previous revisions.

> 
> Wen Yang (5):
>   sysctl: add helper functions to extract table->extra1/extra2
>   sysctl: support encoding values directly in the table entry
>   sysctl: add KUnit test code to check for encoding  min/max in table
>     entries
>   sysctl: delete mmap_rnd_bits_{min/max} and
>     mmap_rnd_compat_bits_{min/max} to save 16 bytes
>   sysctl: delete six_hundred_forty_kb to save 4 bytes
> 
>  fs/proc/proc_sysctl.c  |  29 +-
>  include/linux/mm.h     |   4 -
>  include/linux/sysctl.h |  95 ++++++-
>  kernel/sysctl-test.c   | 581 +++++++++++++++++++++++++++++++++++++++++
>  kernel/sysctl.c        |  45 ++--
>  mm/mmap.c              |   4 -
>  6 files changed, 708 insertions(+), 50 deletions(-)
> 
> -- 
> 2.25.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ