| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202505091200.FC2683DD@keescook>
Date: Fri, 9 May 2025 12:01:24 -0700
From: Kees Cook <kees@...nel.org>
To: Joel Granados <joel.granados@...nel.org>
Cc: Luis Chamberlain <mcgrof@...nel.org>, Petr Pavlu <petr.pavlu@...e.com>,
Sami Tolvanen <samitolvanen@...gle.com>,
Daniel Gomez <da.gomez@...sung.com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>, Will Deacon <will@...nel.org>,
Boqun Feng <boqun.feng@...il.com>, Waiman Long <longman@...hat.com>,
"Paul E. McKenney" <paulmck@...nel.org>,
Frederic Weisbecker <frederic@...nel.org>,
Neeraj Upadhyay <neeraj.upadhyay@...nel.org>,
Joel Fernandes <joel@...lfernandes.org>,
Josh Triplett <josh@...htriplett.org>,
Uladzislau Rezki <urezki@...il.com>,
Steven Rostedt <rostedt@...dmis.org>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Lai Jiangshan <jiangshanlai@...il.com>,
Zqiang <qiang.zhang1211@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>,
"James E.J. Bottomley" <James.Bottomley@...senpartnership.com>,
Helge Deller <deller@....de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jiri Slaby <jirislaby@...nel.org>, linux-modules@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
rcu@...r.kernel.org, linux-mm@...ck.org,
linux-parisc@...r.kernel.org, linux-serial@...r.kernel.org
Subject: Re: [PATCH 09/12] sysctl: move cad_pid into kernel/pid.c
On Fri, May 09, 2025 at 02:54:13PM +0200, Joel Granados wrote:
> Move cad_pid as well as supporting function proc_do_cad_pid into
> kernel/pic.c. Replaced call to __do_proc_dointvec with proc_dointvec
> inside proc_do_cad_pid which requires the copy of the ctl_table to
> handle the temp value.
>
> This is part of a greater effort to move ctl tables into their
> respective subsystems which will reduce the merge conflicts in
> kernel/sysctl.c.
>
> Signed-off-by: Joel Granados <joel.granados@...nel.org>
> ---
> kernel/pid.c | 32 ++++++++++++++++++++++++++++++++
> kernel/sysctl.c | 31 -------------------------------
> 2 files changed, 32 insertions(+), 31 deletions(-)
>
> diff --git a/kernel/pid.c b/kernel/pid.c
> index 4ac2ce46817fdefff8888681bb5ca3f2676e8add..bc87ba08ae8b7c67f3457b31309b56b5d90f8c52 100644
> --- a/kernel/pid.c
> +++ b/kernel/pid.c
> @@ -717,6 +717,29 @@ static struct ctl_table_root pid_table_root = {
> .set_ownership = pid_table_root_set_ownership,
> };
>
> +static int proc_do_cad_pid(const struct ctl_table *table, int write, void *buffer,
> + size_t *lenp, loff_t *ppos)
> +{
> + struct pid *new_pid;
> + pid_t tmp_pid;
> + int r;
> + struct ctl_table tmp_table = *table;
> +
> + tmp_pid = pid_vnr(cad_pid);
> + tmp_table.data = &tmp_pid;
> +
> + r = proc_dointvec(&tmp_table, write, buffer, lenp, ppos);
> + if (r || !write)
> + return r;
> +
> + new_pid = find_get_pid(tmp_pid);
> + if (!new_pid)
> + return -ESRCH;
> +
> + put_pid(xchg(&cad_pid, new_pid));
> + return 0;
> +}
> +
> static const struct ctl_table pid_table[] = {
> {
> .procname = "pid_max",
> @@ -727,6 +750,15 @@ static const struct ctl_table pid_table[] = {
> .extra1 = &pid_max_min,
> .extra2 = &pid_max_max,
> },
> +#ifdef CONFIG_PROC_SYSCTL
> + {
> + .procname = "cad_pid",
> + .data = NULL,
nit: this is redundant, any unspecified member will be zero-initialized.
Regardless:
Reviewed-by: Kees Cook <kees@...nel.org>
> + .maxlen = sizeof(int),
> + .mode = 0600,
> + .proc_handler = proc_do_cad_pid,
> + },
> +#endif
> };
> #endif
>
> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index 9d8db9cef11122993d850ab5c753e3da1cbfb5cc..d5bebdd02cd4f1def7d9dd2b85454a9022b600b7 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -1224,28 +1224,6 @@ int proc_dointvec_ms_jiffies(const struct ctl_table *table, int write, void *buf
> do_proc_dointvec_ms_jiffies_conv, NULL);
> }
>
> -static int proc_do_cad_pid(const struct ctl_table *table, int write, void *buffer,
> - size_t *lenp, loff_t *ppos)
> -{
> - struct pid *new_pid;
> - pid_t tmp;
> - int r;
> -
> - tmp = pid_vnr(cad_pid);
> -
> - r = __do_proc_dointvec(&tmp, table, write, buffer,
> - lenp, ppos, NULL, NULL);
> - if (r || !write)
> - return r;
> -
> - new_pid = find_get_pid(tmp);
> - if (!new_pid)
> - return -ESRCH;
> -
> - put_pid(xchg(&cad_pid, new_pid));
> - return 0;
> -}
> -
> /**
> * proc_do_large_bitmap - read/write from/to a large bitmap
> * @table: the sysctl table
> @@ -1541,15 +1519,6 @@ static const struct ctl_table kern_table[] = {
> .mode = 0644,
> .proc_handler = proc_dostring,
> },
> -#endif
> -#ifdef CONFIG_PROC_SYSCTL
> - {
> - .procname = "cad_pid",
> - .data = NULL,
> - .maxlen = sizeof (int),
> - .mode = 0600,
> - .proc_handler = proc_do_cad_pid,
> - },
> #endif
> {
> .procname = "overflowuid",
>
> --
> 2.47.2
>
>
--
Kees Cook
Powered by blists - more mailing lists