From: Wedson Almeida Filho <[email protected]>
The 's_xattr' field of 'struct super_block' currently requires a mutable
table of 'struct xattr_handler' entries (although each handler itself is
const). However, no code in vfs actually modifies the tables.
So this series changes the type of 's_xattr' to allow const tables, and
modifies existing file system to move their tables to .rodata. This is
desirable because these tables contain entries with function pointers in
them; moving them to .rodata makes it considerably less likely to be
modified accidentally or maliciously at runtime.
I found this while writing Rust abstractions for vfs.
Wedson Almeida Filho (29):
xattr: make the xattr array itself const
ext4: move ext4_xattr_handlers to .rodata
9p: move xattr-related structs to .rodata
afs: move afs_xattr_handlers to .rodata
btrfs: move btrfs_xattr_handlers to .rodata
ceph: move ceph_xattr_handlers to .rodata
ecryptfs: move ecryptfs_xattr_handlers to .rodata
erofs: move erofs_xattr_handlers and xattr_handler_map to .rodata
ext2: move ext2_xattr_handlers and ext2_xattr_handler_map to .rodata
f2fs: move f2fs_xattr_handlers and f2fs_xattr_handler_map to .rodata
fuse: move fuse_xattr_handlers to .rodata
gfs2: move gfs2_xattr_handlers_max to .rodata
hfs: move hfs_xattr_handlers to .rodata
hfsplus: move hfsplus_xattr_handlers to .rodata
jffs2: move jffs2_xattr_handlers to .rodata
jfs: move jfs_xattr_handlers to .rodata
kernfs: move kernfs_xattr_handlers to .rodata
nfs: move nfs4_xattr_handlers to .rodata
ntfs3: move ntfs_xattr_handlers to .rodata
ocfs2: move ocfs2_xattr_handlers and ocfs2_xattr_handler_map to
.rodata
orangefs: move orangefs_xattr_handlers to .rodata
reiserfs: move reiserfs_xattr_handlers to .rodata
smb: move cifs_xattr_handlers to .rodata
squashfs: move squashfs_xattr_handlers to .rodata
ubifs: move ubifs_xattr_handlers to .rodata
xfs: move xfs_xattr_handlers to .rodata
overlayfs: move xattr tables to .rodata
shmem: move shmem_xattr_handlers to .rodata
net: move sockfs_xattr_handlers to .rodata
fs/9p/xattr.c | 8 ++++----
fs/9p/xattr.h | 2 +-
fs/afs/internal.h | 2 +-
fs/afs/xattr.c | 2 +-
fs/btrfs/xattr.c | 2 +-
fs/btrfs/xattr.h | 2 +-
fs/ceph/super.h | 2 +-
fs/ceph/xattr.c | 2 +-
fs/ecryptfs/ecryptfs_kernel.h | 2 +-
fs/ecryptfs/inode.c | 2 +-
fs/erofs/xattr.c | 2 +-
fs/erofs/xattr.h | 4 ++--
fs/ext2/xattr.c | 4 ++--
fs/ext2/xattr.h | 2 +-
fs/ext4/xattr.c | 2 +-
fs/ext4/xattr.h | 2 +-
fs/f2fs/xattr.c | 4 ++--
fs/f2fs/xattr.h | 2 +-
fs/fuse/fuse_i.h | 2 +-
fs/fuse/xattr.c | 2 +-
fs/gfs2/super.h | 4 ++--
fs/gfs2/xattr.c | 4 ++--
fs/hfs/attr.c | 2 +-
fs/hfs/hfs_fs.h | 2 +-
fs/hfsplus/xattr.c | 2 +-
fs/hfsplus/xattr.h | 2 +-
fs/jffs2/xattr.c | 2 +-
fs/jffs2/xattr.h | 2 +-
fs/jfs/jfs_xattr.h | 2 +-
fs/jfs/xattr.c | 2 +-
fs/kernfs/inode.c | 2 +-
fs/kernfs/kernfs-internal.h | 2 +-
fs/nfs/nfs.h | 2 +-
fs/nfs/nfs4_fs.h | 2 +-
fs/nfs/nfs4proc.c | 2 +-
fs/ntfs3/ntfs_fs.h | 2 +-
fs/ntfs3/xattr.c | 2 +-
fs/ocfs2/xattr.c | 4 ++--
fs/ocfs2/xattr.h | 2 +-
fs/orangefs/orangefs-kernel.h | 2 +-
fs/orangefs/xattr.c | 2 +-
fs/overlayfs/super.c | 4 ++--
fs/reiserfs/reiserfs.h | 2 +-
fs/reiserfs/xattr.c | 2 +-
fs/smb/client/cifsfs.h | 2 +-
fs/smb/client/xattr.c | 2 +-
fs/squashfs/squashfs.h | 2 +-
fs/squashfs/xattr.c | 2 +-
fs/ubifs/ubifs.h | 2 +-
fs/ubifs/xattr.c | 2 +-
fs/xattr.c | 6 +++---
fs/xfs/xfs_xattr.c | 2 +-
fs/xfs/xfs_xattr.h | 2 +-
include/linux/fs.h | 2 +-
include/linux/pseudo_fs.h | 2 +-
mm/shmem.c | 2 +-
net/socket.c | 2 +-
57 files changed, 69 insertions(+), 69 deletions(-)
base-commit: 2dde18cd1d8fac735875f2e4987f11817cc0bc2c
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
xfs_xattr_handlers at runtime.
Cc: "Darrick J. Wong" <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/xfs/xfs_xattr.c | 2 +-
fs/xfs/xfs_xattr.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/xfs/xfs_xattr.c b/fs/xfs/xfs_xattr.c
index 43e5c219aaed..77418bcd6f3a 100644
--- a/fs/xfs/xfs_xattr.c
+++ b/fs/xfs/xfs_xattr.c
@@ -175,7 +175,7 @@ static const struct xattr_handler xfs_xattr_security_handler = {
.set = xfs_xattr_set,
};
-const struct xattr_handler *xfs_xattr_handlers[] = {
+const struct xattr_handler * const xfs_xattr_handlers[] = {
&xfs_xattr_user_handler,
&xfs_xattr_trusted_handler,
&xfs_xattr_security_handler,
diff --git a/fs/xfs/xfs_xattr.h b/fs/xfs/xfs_xattr.h
index 2b09133b1b9b..cec766cad26c 100644
--- a/fs/xfs/xfs_xattr.h
+++ b/fs/xfs/xfs_xattr.h
@@ -8,6 +8,6 @@
int xfs_attr_change(struct xfs_da_args *args);
-extern const struct xattr_handler *xfs_xattr_handlers[];
+extern const struct xattr_handler * const xfs_xattr_handlers[];
#endif /* __XFS_XATTR_H__ */
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
shmem_xattr_handlers at runtime.
Cc: Hugh Dickins <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
mm/shmem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index d963c747dabc..683c84d667c1 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -3487,7 +3487,7 @@ static const struct xattr_handler shmem_trusted_xattr_handler = {
.set = shmem_xattr_handler_set,
};
-static const struct xattr_handler *shmem_xattr_handlers[] = {
+static const struct xattr_handler * const shmem_xattr_handlers[] = {
&shmem_security_xattr_handler,
&shmem_trusted_xattr_handler,
NULL
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
orangefs_xattr_handlers at runtime.
Cc: Mike Marshall <[email protected]>
Cc: Martin Brandenburg <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/orangefs/orangefs-kernel.h | 2 +-
fs/orangefs/xattr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/orangefs/orangefs-kernel.h b/fs/orangefs/orangefs-kernel.h
index ce20d3443869..e211f29544e5 100644
--- a/fs/orangefs/orangefs-kernel.h
+++ b/fs/orangefs/orangefs-kernel.h
@@ -103,7 +103,7 @@ enum orangefs_vfs_op_states {
#define ORANGEFS_CACHE_CREATE_FLAGS 0
#endif
-extern const struct xattr_handler *orangefs_xattr_handlers[];
+extern const struct xattr_handler * const orangefs_xattr_handlers[];
extern struct posix_acl *orangefs_get_acl(struct inode *inode, int type, bool rcu);
extern int orangefs_set_acl(struct mnt_idmap *idmap,
diff --git a/fs/orangefs/xattr.c b/fs/orangefs/xattr.c
index 68b62689a63e..74ef75586f38 100644
--- a/fs/orangefs/xattr.c
+++ b/fs/orangefs/xattr.c
@@ -554,7 +554,7 @@ static const struct xattr_handler orangefs_xattr_default_handler = {
.set = orangefs_xattr_set_default,
};
-const struct xattr_handler *orangefs_xattr_handlers[] = {
+const struct xattr_handler * const orangefs_xattr_handlers[] = {
&orangefs_xattr_default_handler,
NULL
};
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
nfs4_xattr_handlers at runtime.
Cc: Trond Myklebust <[email protected]>
Cc: Anna Schumaker <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/nfs/nfs.h | 2 +-
fs/nfs/nfs4_fs.h | 2 +-
fs/nfs/nfs4proc.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/nfs/nfs.h b/fs/nfs/nfs.h
index 5ba00610aede..0d3ce0460e35 100644
--- a/fs/nfs/nfs.h
+++ b/fs/nfs/nfs.h
@@ -18,7 +18,7 @@ struct nfs_subversion {
const struct rpc_version *rpc_vers; /* NFS version information */
const struct nfs_rpc_ops *rpc_ops; /* NFS operations */
const struct super_operations *sops; /* NFS Super operations */
- const struct xattr_handler **xattr; /* NFS xattr handlers */
+ const struct xattr_handler * const *xattr; /* NFS xattr handlers */
struct list_head list; /* List of NFS versions */
};
diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h
index 4c9f8bd866ab..28499a0da4c3 100644
--- a/fs/nfs/nfs4_fs.h
+++ b/fs/nfs/nfs4_fs.h
@@ -315,7 +315,7 @@ extern struct rpc_clnt *nfs4_proc_lookup_mountpoint(struct inode *,
struct nfs_fh *,
struct nfs_fattr *);
extern int nfs4_proc_secinfo(struct inode *, const struct qstr *, struct nfs4_secinfo_flavors *);
-extern const struct xattr_handler *nfs4_xattr_handlers[];
+extern const struct xattr_handler * const nfs4_xattr_handlers[];
extern int nfs4_set_rw_stateid(nfs4_stateid *stateid,
const struct nfs_open_context *ctx,
const struct nfs_lock_context *l_ctx,
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 832fa226b8f2..4557a14a596c 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -10740,7 +10740,7 @@ static const struct xattr_handler nfs4_xattr_nfs4_user_handler = {
};
#endif
-const struct xattr_handler *nfs4_xattr_handlers[] = {
+const struct xattr_handler * const nfs4_xattr_handlers[] = {
&nfs4_xattr_nfs4_acl_handler,
#if defined(CONFIG_NFS_V4_1)
&nfs4_xattr_nfs4_dacl_handler,
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
ocfs2_xattr_handlers or ocfs2_xattr_handler_map at runtime.
Cc: Mark Fasheh <[email protected]>
Cc: Joel Becker <[email protected]>
Cc: Joseph Qi <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/ocfs2/xattr.c | 4 ++--
fs/ocfs2/xattr.h | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
index 4ac77ff6e676..1c54adac1e50 100644
--- a/fs/ocfs2/xattr.c
+++ b/fs/ocfs2/xattr.c
@@ -87,14 +87,14 @@ static struct ocfs2_xattr_def_value_root def_xv = {
.xv.xr_list.l_count = cpu_to_le16(1),
};
-const struct xattr_handler *ocfs2_xattr_handlers[] = {
+const struct xattr_handler * const ocfs2_xattr_handlers[] = {
&ocfs2_xattr_user_handler,
&ocfs2_xattr_trusted_handler,
&ocfs2_xattr_security_handler,
NULL
};
-static const struct xattr_handler *ocfs2_xattr_handler_map[OCFS2_XATTR_MAX] = {
+static const struct xattr_handler * const ocfs2_xattr_handler_map[OCFS2_XATTR_MAX] = {
[OCFS2_XATTR_INDEX_USER] = &ocfs2_xattr_user_handler,
[OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access,
[OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT] = &nop_posix_acl_default,
diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h
index 00308b57f64f..65e9aa743919 100644
--- a/fs/ocfs2/xattr.h
+++ b/fs/ocfs2/xattr.h
@@ -30,7 +30,7 @@ struct ocfs2_security_xattr_info {
extern const struct xattr_handler ocfs2_xattr_user_handler;
extern const struct xattr_handler ocfs2_xattr_trusted_handler;
extern const struct xattr_handler ocfs2_xattr_security_handler;
-extern const struct xattr_handler *ocfs2_xattr_handlers[];
+extern const struct xattr_handler * const ocfs2_xattr_handlers[];
ssize_t ocfs2_listxattr(struct dentry *, char *, size_t);
int ocfs2_xattr_get_nolock(struct inode *, struct buffer_head *, int,
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
gfs2_xattr_handlers_max at runtime.
Cc: Bob Peterson <[email protected]>
Cc: Andreas Gruenbacher <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/gfs2/super.h | 4 ++--
fs/gfs2/xattr.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/gfs2/super.h b/fs/gfs2/super.h
index bba58629bc45..3555dc69183a 100644
--- a/fs/gfs2/super.h
+++ b/fs/gfs2/super.h
@@ -59,8 +59,8 @@ extern const struct export_operations gfs2_export_ops;
extern const struct super_operations gfs2_super_ops;
extern const struct dentry_operations gfs2_dops;
-extern const struct xattr_handler *gfs2_xattr_handlers_max[];
-extern const struct xattr_handler **gfs2_xattr_handlers_min;
+extern const struct xattr_handler * const gfs2_xattr_handlers_max[];
+extern const struct xattr_handler * const *gfs2_xattr_handlers_min;
#endif /* __SUPER_DOT_H__ */
diff --git a/fs/gfs2/xattr.c b/fs/gfs2/xattr.c
index 93b36d026bb4..146c32d44bd1 100644
--- a/fs/gfs2/xattr.c
+++ b/fs/gfs2/xattr.c
@@ -1494,7 +1494,7 @@ static const struct xattr_handler gfs2_xattr_trusted_handler = {
.set = gfs2_xattr_set,
};
-const struct xattr_handler *gfs2_xattr_handlers_max[] = {
+const struct xattr_handler * const gfs2_xattr_handlers_max[] = {
/* GFS2_FS_FORMAT_MAX */
&gfs2_xattr_trusted_handler,
@@ -1504,4 +1504,4 @@ const struct xattr_handler *gfs2_xattr_handlers_max[] = {
NULL,
};
-const struct xattr_handler **gfs2_xattr_handlers_min = gfs2_xattr_handlers_max + 1;
+const struct xattr_handler * const *gfs2_xattr_handlers_min = gfs2_xattr_handlers_max + 1;
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
kernfs_xattr_handlers at runtime.
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Tejun Heo <[email protected]>
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/kernfs/inode.c | 2 +-
fs/kernfs/kernfs-internal.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c
index b22b74d1a115..45a63c4e5e4e 100644
--- a/fs/kernfs/inode.c
+++ b/fs/kernfs/inode.c
@@ -434,7 +434,7 @@ static const struct xattr_handler kernfs_user_xattr_handler = {
.set = kernfs_vfs_user_xattr_set,
};
-const struct xattr_handler *kernfs_xattr_handlers[] = {
+const struct xattr_handler * const kernfs_xattr_handlers[] = {
&kernfs_trusted_xattr_handler,
&kernfs_security_xattr_handler,
&kernfs_user_xattr_handler,
diff --git a/fs/kernfs/kernfs-internal.h b/fs/kernfs/kernfs-internal.h
index a9b854cdfdb5..237f2764b941 100644
--- a/fs/kernfs/kernfs-internal.h
+++ b/fs/kernfs/kernfs-internal.h
@@ -127,7 +127,7 @@ extern struct kmem_cache *kernfs_node_cache, *kernfs_iattrs_cache;
/*
* inode.c
*/
-extern const struct xattr_handler *kernfs_xattr_handlers[];
+extern const struct xattr_handler * const kernfs_xattr_handlers[];
void kernfs_evict_inode(struct inode *inode);
int kernfs_iop_permission(struct mnt_idmap *idmap,
struct inode *inode, int mask);
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
hfsplus_xattr_handlers at runtime.
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/hfsplus/xattr.c | 2 +-
fs/hfsplus/xattr.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c
index 58021e73c00b..9c9ff6b8c6f7 100644
--- a/fs/hfsplus/xattr.c
+++ b/fs/hfsplus/xattr.c
@@ -13,7 +13,7 @@
static int hfsplus_removexattr(struct inode *inode, const char *name);
-const struct xattr_handler *hfsplus_xattr_handlers[] = {
+const struct xattr_handler * const hfsplus_xattr_handlers[] = {
&hfsplus_xattr_osx_handler,
&hfsplus_xattr_user_handler,
&hfsplus_xattr_trusted_handler,
diff --git a/fs/hfsplus/xattr.h b/fs/hfsplus/xattr.h
index d14e362b3eba..15cc55e41410 100644
--- a/fs/hfsplus/xattr.h
+++ b/fs/hfsplus/xattr.h
@@ -17,7 +17,7 @@ extern const struct xattr_handler hfsplus_xattr_user_handler;
extern const struct xattr_handler hfsplus_xattr_trusted_handler;
extern const struct xattr_handler hfsplus_xattr_security_handler;
-extern const struct xattr_handler *hfsplus_xattr_handlers[];
+extern const struct xattr_handler * const hfsplus_xattr_handlers[];
int __hfsplus_setxattr(struct inode *inode, const char *name,
const void *value, size_t size, int flags);
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
ceph_xattr_handlers at runtime.
Cc: Xiubo Li <[email protected]>
Cc: Ilya Dryomov <[email protected]>
Cc: Jeff Layton <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/ceph/super.h | 2 +-
fs/ceph/xattr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ceph/super.h b/fs/ceph/super.h
index 3bfddf34d488..b40be1a0f778 100644
--- a/fs/ceph/super.h
+++ b/fs/ceph/super.h
@@ -1089,7 +1089,7 @@ ssize_t __ceph_getxattr(struct inode *, const char *, void *, size_t);
extern ssize_t ceph_listxattr(struct dentry *, char *, size_t);
extern struct ceph_buffer *__ceph_build_xattrs_blob(struct ceph_inode_info *ci);
extern void __ceph_destroy_xattrs(struct ceph_inode_info *ci);
-extern const struct xattr_handler *ceph_xattr_handlers[];
+extern const struct xattr_handler * const ceph_xattr_handlers[];
struct ceph_acl_sec_ctx {
#ifdef CONFIG_CEPH_FS_POSIX_ACL
diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
index 806183959c47..0350d7465bbb 100644
--- a/fs/ceph/xattr.c
+++ b/fs/ceph/xattr.c
@@ -1416,7 +1416,7 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx)
* List of handlers for synthetic system.* attributes. Other
* attributes are handled directly.
*/
-const struct xattr_handler *ceph_xattr_handlers[] = {
+const struct xattr_handler * const ceph_xattr_handlers[] = {
&ceph_other_xattr_handler,
NULL,
};
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
btrfs_xattr_handlers at runtime.
Cc: Chris Mason <[email protected]>
Cc: Josef Bacik <[email protected]>
Cc: David Sterba <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/btrfs/xattr.c | 2 +-
fs/btrfs/xattr.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c
index fc4b20c2688a..d82d9545386a 100644
--- a/fs/btrfs/xattr.c
+++ b/fs/btrfs/xattr.c
@@ -442,7 +442,7 @@ static const struct xattr_handler btrfs_btrfs_xattr_handler = {
.set = btrfs_xattr_handler_set_prop,
};
-const struct xattr_handler *btrfs_xattr_handlers[] = {
+const struct xattr_handler * const btrfs_xattr_handlers[] = {
&btrfs_security_xattr_handler,
&btrfs_trusted_xattr_handler,
&btrfs_user_xattr_handler,
diff --git a/fs/btrfs/xattr.h b/fs/btrfs/xattr.h
index 1cd3fc0a8f17..118118ca3e1d 100644
--- a/fs/btrfs/xattr.h
+++ b/fs/btrfs/xattr.h
@@ -8,7 +8,7 @@
#include <linux/xattr.h>
-extern const struct xattr_handler *btrfs_xattr_handlers[];
+extern const struct xattr_handler * const btrfs_xattr_handlers[];
int btrfs_getxattr(struct inode *inode, const char *name,
void *buffer, size_t size);
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
squashfs_xattr_handlers at runtime.
Cc: Phillip Lougher <[email protected]>
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/squashfs/squashfs.h | 2 +-
fs/squashfs/xattr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/squashfs/squashfs.h b/fs/squashfs/squashfs.h
index a6164fdf9435..5a756e6790b5 100644
--- a/fs/squashfs/squashfs.h
+++ b/fs/squashfs/squashfs.h
@@ -111,4 +111,4 @@ extern const struct address_space_operations squashfs_symlink_aops;
extern const struct inode_operations squashfs_symlink_inode_ops;
/* xattr.c */
-extern const struct xattr_handler *squashfs_xattr_handlers[];
+extern const struct xattr_handler * const squashfs_xattr_handlers[];
diff --git a/fs/squashfs/xattr.c b/fs/squashfs/xattr.c
index e1e3f3dd5a06..ce6608cabd49 100644
--- a/fs/squashfs/xattr.c
+++ b/fs/squashfs/xattr.c
@@ -262,7 +262,7 @@ static const struct xattr_handler *squashfs_xattr_handler(int type)
}
}
-const struct xattr_handler *squashfs_xattr_handlers[] = {
+const struct xattr_handler * const squashfs_xattr_handlers[] = {
&squashfs_xattr_user_handler,
&squashfs_xattr_trusted_handler,
&squashfs_xattr_security_handler,
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
jfs_xattr_handlers at runtime.
Cc: Dave Kleikamp <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/jfs/jfs_xattr.h | 2 +-
fs/jfs/xattr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h
index 0d33816d251d..ec67d8554d2c 100644
--- a/fs/jfs/jfs_xattr.h
+++ b/fs/jfs/jfs_xattr.h
@@ -46,7 +46,7 @@ extern int __jfs_setxattr(tid_t, struct inode *, const char *, const void *,
extern ssize_t __jfs_getxattr(struct inode *, const char *, void *, size_t);
extern ssize_t jfs_listxattr(struct dentry *, char *, size_t);
-extern const struct xattr_handler *jfs_xattr_handlers[];
+extern const struct xattr_handler * const jfs_xattr_handlers[];
#ifdef CONFIG_JFS_SECURITY
extern int jfs_init_security(tid_t, struct inode *, struct inode *,
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index 931e50018f88..001c900a2b4d 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -985,7 +985,7 @@ static const struct xattr_handler jfs_trusted_xattr_handler = {
.set = jfs_xattr_set,
};
-const struct xattr_handler *jfs_xattr_handlers[] = {
+const struct xattr_handler * const jfs_xattr_handlers[] = {
&jfs_os2_xattr_handler,
&jfs_user_xattr_handler,
&jfs_security_xattr_handler,
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
v9fs_xattr_user_handler, v9fs_xattr_trusted_handler,
v9fs_xattr_security_handler, or v9fs_xattr_handlers at runtime.
Cc: Eric Van Hensbergen <[email protected]>
Cc: Latchesar Ionkov <[email protected]>
Cc: Dominique Martinet <[email protected]>
Cc: Christian Schoenebeck <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/9p/xattr.c | 8 ++++----
fs/9p/xattr.h | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/9p/xattr.c b/fs/9p/xattr.c
index e00cf8109b3f..053d1cef6e13 100644
--- a/fs/9p/xattr.c
+++ b/fs/9p/xattr.c
@@ -162,27 +162,27 @@ static int v9fs_xattr_handler_set(const struct xattr_handler *handler,
return v9fs_xattr_set(dentry, full_name, value, size, flags);
}
-static struct xattr_handler v9fs_xattr_user_handler = {
+static const struct xattr_handler v9fs_xattr_user_handler = {
.prefix = XATTR_USER_PREFIX,
.get = v9fs_xattr_handler_get,
.set = v9fs_xattr_handler_set,
};
-static struct xattr_handler v9fs_xattr_trusted_handler = {
+static const struct xattr_handler v9fs_xattr_trusted_handler = {
.prefix = XATTR_TRUSTED_PREFIX,
.get = v9fs_xattr_handler_get,
.set = v9fs_xattr_handler_set,
};
#ifdef CONFIG_9P_FS_SECURITY
-static struct xattr_handler v9fs_xattr_security_handler = {
+static const struct xattr_handler v9fs_xattr_security_handler = {
.prefix = XATTR_SECURITY_PREFIX,
.get = v9fs_xattr_handler_get,
.set = v9fs_xattr_handler_set,
};
#endif
-const struct xattr_handler *v9fs_xattr_handlers[] = {
+const struct xattr_handler * const v9fs_xattr_handlers[] = {
&v9fs_xattr_user_handler,
&v9fs_xattr_trusted_handler,
#ifdef CONFIG_9P_FS_SECURITY
diff --git a/fs/9p/xattr.h b/fs/9p/xattr.h
index b5636e544c8a..3ad5a802352a 100644
--- a/fs/9p/xattr.h
+++ b/fs/9p/xattr.h
@@ -10,7 +10,7 @@
#include <net/9p/9p.h>
#include <net/9p/client.h>
-extern const struct xattr_handler *v9fs_xattr_handlers[];
+extern const struct xattr_handler * const v9fs_xattr_handlers[];
ssize_t v9fs_fid_xattr_get(struct p9_fid *fid, const char *name,
void *buffer, size_t buffer_size);
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
ntfs_xattr_handlers at runtime.
Cc: Konstantin Komarov <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/ntfs3/ntfs_fs.h | 2 +-
fs/ntfs3/xattr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ntfs3/ntfs_fs.h b/fs/ntfs3/ntfs_fs.h
index 629403ede6e5..41c1538f8e51 100644
--- a/fs/ntfs3/ntfs_fs.h
+++ b/fs/ntfs3/ntfs_fs.h
@@ -872,7 +872,7 @@ int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode,
int ntfs_acl_chmod(struct mnt_idmap *idmap, struct dentry *dentry);
ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size);
-extern const struct xattr_handler *ntfs_xattr_handlers[];
+extern const struct xattr_handler * const ntfs_xattr_handlers[];
int ntfs_save_wsl_perm(struct inode *inode, __le16 *ea_size);
void ntfs_get_wsl_perm(struct inode *inode);
diff --git a/fs/ntfs3/xattr.c b/fs/ntfs3/xattr.c
index 023f314e8950..a67ff036a251 100644
--- a/fs/ntfs3/xattr.c
+++ b/fs/ntfs3/xattr.c
@@ -1016,7 +1016,7 @@ static const struct xattr_handler ntfs_other_xattr_handler = {
.list = ntfs_xattr_user_list,
};
-const struct xattr_handler *ntfs_xattr_handlers[] = {
+const struct xattr_handler * const ntfs_xattr_handlers[] = {
&ntfs_other_xattr_handler,
NULL,
};
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
erofs_xattr_handlers or xattr_handler_map at runtime.
Cc: Gao Xiang <[email protected]>
Cc: Chao Yu <[email protected]>
Cc: Yue Hu <[email protected]>
Cc: Jeffle Xu <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/erofs/xattr.c | 2 +-
fs/erofs/xattr.h | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/erofs/xattr.c b/fs/erofs/xattr.c
index 40178b6e0688..a6dd68ea5df2 100644
--- a/fs/erofs/xattr.c
+++ b/fs/erofs/xattr.c
@@ -166,7 +166,7 @@ const struct xattr_handler __maybe_unused erofs_xattr_security_handler = {
};
#endif
-const struct xattr_handler *erofs_xattr_handlers[] = {
+const struct xattr_handler * const erofs_xattr_handlers[] = {
&erofs_xattr_user_handler,
&erofs_xattr_trusted_handler,
#ifdef CONFIG_EROFS_FS_SECURITY
diff --git a/fs/erofs/xattr.h b/fs/erofs/xattr.h
index f16283cb8c93..b246cd0e135e 100644
--- a/fs/erofs/xattr.h
+++ b/fs/erofs/xattr.h
@@ -23,7 +23,7 @@ static inline const char *erofs_xattr_prefix(unsigned int idx,
{
const struct xattr_handler *handler = NULL;
- static const struct xattr_handler *xattr_handler_map[] = {
+ static const struct xattr_handler * const xattr_handler_map[] = {
[EROFS_XATTR_INDEX_USER] = &erofs_xattr_user_handler,
#ifdef CONFIG_EROFS_FS_POSIX_ACL
[EROFS_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access,
@@ -44,7 +44,7 @@ static inline const char *erofs_xattr_prefix(unsigned int idx,
return xattr_prefix(handler);
}
-extern const struct xattr_handler *erofs_xattr_handlers[];
+extern const struct xattr_handler * const erofs_xattr_handlers[];
int erofs_xattr_prefixes_init(struct super_block *sb);
void erofs_xattr_prefixes_cleanup(struct super_block *sb);
--
2.34.1
Christian Schoenebeck wrote on Sat, Sep 30, 2023 at 10:12:25AM +0200:
> On Saturday, September 30, 2023 7:00:07 AM CEST Wedson Almeida Filho wrote:
> > From: Wedson Almeida Filho <[email protected]>
> >
> > This makes it harder for accidental or malicious changes to
> > v9fs_xattr_user_handler, v9fs_xattr_trusted_handler,
> > v9fs_xattr_security_handler, or v9fs_xattr_handlers at runtime.
> >
> > Cc: Eric Van Hensbergen <[email protected]>
> > Cc: Latchesar Ionkov <[email protected]>
> > Cc: Dominique Martinet <[email protected]>
> > Cc: Christian Schoenebeck <[email protected]>
> > Cc: [email protected]
> > Signed-off-by: Wedson Almeida Filho <[email protected]>
>
> Reviewed-by: Christian Schoenebeck <[email protected]>
Looks good to me on principle as well (and it should blow up immediately
on testing in the unlikely case there's a problem...)
Eric, I don't think you have anything planned for this round?
There's another data race patch laying around that we didn't submit for
6.6, shall I take these two for now?
(Assuming this patch series is meant to be taken up by individual fs
maintainers independantly, it's never really clear with such large
swatches of patchs and we weren't in Cc of a cover letter if there was
any... In the future it'd help if either there's a clear cover letter
everyone is in Cc at (some would say keep everyone in cc of all
patches!), or just send these in a loop so they don't appear to be part
of a series and each maintainer deals with it as they see fit)
--
Dominique
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
hfs_xattr_handlers at runtime.
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/hfs/attr.c | 2 +-
fs/hfs/hfs_fs.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/hfs/attr.c b/fs/hfs/attr.c
index 6341bb248247..f8395cdd1adf 100644
--- a/fs/hfs/attr.c
+++ b/fs/hfs/attr.c
@@ -146,7 +146,7 @@ static const struct xattr_handler hfs_type_handler = {
.set = hfs_xattr_set,
};
-const struct xattr_handler *hfs_xattr_handlers[] = {
+const struct xattr_handler * const hfs_xattr_handlers[] = {
&hfs_creator_handler,
&hfs_type_handler,
NULL
diff --git a/fs/hfs/hfs_fs.h b/fs/hfs/hfs_fs.h
index 49d02524e667..b5a6ad5df357 100644
--- a/fs/hfs/hfs_fs.h
+++ b/fs/hfs/hfs_fs.h
@@ -215,7 +215,7 @@ extern void hfs_evict_inode(struct inode *);
extern void hfs_delete_inode(struct inode *);
/* attr.c */
-extern const struct xattr_handler *hfs_xattr_handlers[];
+extern const struct xattr_handler * const hfs_xattr_handlers[];
/* mdb.c */
extern int hfs_mdb_get(struct super_block *);
--
2.34.1
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
cifs_xattr_handlers at runtime.
Cc: Steve French <[email protected]>
Cc: Paulo Alcantara <[email protected]>
Cc: Ronnie Sahlberg <[email protected]>
Cc: Shyam Prasad N <[email protected]>
Cc: Tom Talpey <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
fs/smb/client/cifsfs.h | 2 +-
fs/smb/client/xattr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/smb/client/cifsfs.h b/fs/smb/client/cifsfs.h
index 15c8cc4b6680..a0472b539567 100644
--- a/fs/smb/client/cifsfs.h
+++ b/fs/smb/client/cifsfs.h
@@ -134,7 +134,7 @@ extern int cifs_symlink(struct mnt_idmap *idmap, struct inode *inode,
struct dentry *direntry, const char *symname);
#ifdef CONFIG_CIFS_XATTR
-extern const struct xattr_handler *cifs_xattr_handlers[];
+extern const struct xattr_handler * const cifs_xattr_handlers[];
extern ssize_t cifs_listxattr(struct dentry *, char *, size_t);
#else
# define cifs_xattr_handlers NULL
diff --git a/fs/smb/client/xattr.c b/fs/smb/client/xattr.c
index 4ad5531686d8..ac199160bce6 100644
--- a/fs/smb/client/xattr.c
+++ b/fs/smb/client/xattr.c
@@ -478,7 +478,7 @@ static const struct xattr_handler smb3_ntsd_full_xattr_handler = {
.set = cifs_xattr_set,
};
-const struct xattr_handler *cifs_xattr_handlers[] = {
+const struct xattr_handler * const cifs_xattr_handlers[] = {
&cifs_user_xattr_handler,
&cifs_os2_xattr_handler,
&cifs_cifs_acl_xattr_handler,
--
2.34.1
On Saturday, September 30, 2023 7:00:07 AM CEST Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> v9fs_xattr_user_handler, v9fs_xattr_trusted_handler,
> v9fs_xattr_security_handler, or v9fs_xattr_handlers at runtime.
>
> Cc: Eric Van Hensbergen <[email protected]>
> Cc: Latchesar Ionkov <[email protected]>
> Cc: Dominique Martinet <[email protected]>
> Cc: Christian Schoenebeck <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
Reviewed-by: Christian Schoenebeck <[email protected]>
> ---
> fs/9p/xattr.c | 8 ++++----
> fs/9p/xattr.h | 2 +-
> 2 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/fs/9p/xattr.c b/fs/9p/xattr.c
> index e00cf8109b3f..053d1cef6e13 100644
> --- a/fs/9p/xattr.c
> +++ b/fs/9p/xattr.c
> @@ -162,27 +162,27 @@ static int v9fs_xattr_handler_set(const struct xattr_handler *handler,
> return v9fs_xattr_set(dentry, full_name, value, size, flags);
> }
>
> -static struct xattr_handler v9fs_xattr_user_handler = {
> +static const struct xattr_handler v9fs_xattr_user_handler = {
> .prefix = XATTR_USER_PREFIX,
> .get = v9fs_xattr_handler_get,
> .set = v9fs_xattr_handler_set,
> };
>
> -static struct xattr_handler v9fs_xattr_trusted_handler = {
> +static const struct xattr_handler v9fs_xattr_trusted_handler = {
> .prefix = XATTR_TRUSTED_PREFIX,
> .get = v9fs_xattr_handler_get,
> .set = v9fs_xattr_handler_set,
> };
>
> #ifdef CONFIG_9P_FS_SECURITY
> -static struct xattr_handler v9fs_xattr_security_handler = {
> +static const struct xattr_handler v9fs_xattr_security_handler = {
> .prefix = XATTR_SECURITY_PREFIX,
> .get = v9fs_xattr_handler_get,
> .set = v9fs_xattr_handler_set,
> };
> #endif
>
> -const struct xattr_handler *v9fs_xattr_handlers[] = {
> +const struct xattr_handler * const v9fs_xattr_handlers[] = {
> &v9fs_xattr_user_handler,
> &v9fs_xattr_trusted_handler,
> #ifdef CONFIG_9P_FS_SECURITY
> diff --git a/fs/9p/xattr.h b/fs/9p/xattr.h
> index b5636e544c8a..3ad5a802352a 100644
> --- a/fs/9p/xattr.h
> +++ b/fs/9p/xattr.h
> @@ -10,7 +10,7 @@
> #include <net/9p/9p.h>
> #include <net/9p/client.h>
>
> -extern const struct xattr_handler *v9fs_xattr_handlers[];
> +extern const struct xattr_handler * const v9fs_xattr_handlers[];
>
> ssize_t v9fs_fid_xattr_get(struct p9_fid *fid, const char *name,
> void *buffer, size_t buffer_size);
>
From: Wedson Almeida Filho <[email protected]>
This makes it harder for accidental or malicious changes to
sockfs_xattr_handlers at runtime.
Cc: "David S. Miller" <[email protected]>
Cc: Eric Dumazet <[email protected]>
Cc: Jakub Kicinski <[email protected]>
Cc: Paolo Abeni <[email protected]>
Cc: Richard Cochran <[email protected]>
Cc: [email protected]
Signed-off-by: Wedson Almeida Filho <[email protected]>
---
include/linux/pseudo_fs.h | 2 +-
net/socket.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/pseudo_fs.h b/include/linux/pseudo_fs.h
index eceda1d1407a..730f77381d55 100644
--- a/include/linux/pseudo_fs.h
+++ b/include/linux/pseudo_fs.h
@@ -5,7 +5,7 @@
struct pseudo_fs_context {
const struct super_operations *ops;
- const struct xattr_handler **xattr;
+ const struct xattr_handler * const *xattr;
const struct dentry_operations *dops;
unsigned long magic;
};
diff --git a/net/socket.c b/net/socket.c
index 2b0e54b2405c..0a99fc22641e 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -400,7 +400,7 @@ static const struct xattr_handler sockfs_security_xattr_handler = {
.set = sockfs_security_xattr_set,
};
-static const struct xattr_handler *sockfs_xattr_handlers[] = {
+static const struct xattr_handler * const sockfs_xattr_handlers[] = {
&sockfs_xattr_handler,
&sockfs_security_xattr_handler,
NULL
--
2.34.1
On Sat, Sep 30, 2023 at 02:00:30AM -0300, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> xfs_xattr_handlers at runtime.
>
> Cc: "Darrick J. Wong" <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
Reviewed-by: Darrick J. Wong <[email protected]>
--D
> ---
> fs/xfs/xfs_xattr.c | 2 +-
> fs/xfs/xfs_xattr.h | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/xfs/xfs_xattr.c b/fs/xfs/xfs_xattr.c
> index 43e5c219aaed..77418bcd6f3a 100644
> --- a/fs/xfs/xfs_xattr.c
> +++ b/fs/xfs/xfs_xattr.c
> @@ -175,7 +175,7 @@ static const struct xattr_handler xfs_xattr_security_handler = {
> .set = xfs_xattr_set,
> };
>
> -const struct xattr_handler *xfs_xattr_handlers[] = {
> +const struct xattr_handler * const xfs_xattr_handlers[] = {
> &xfs_xattr_user_handler,
> &xfs_xattr_trusted_handler,
> &xfs_xattr_security_handler,
> diff --git a/fs/xfs/xfs_xattr.h b/fs/xfs/xfs_xattr.h
> index 2b09133b1b9b..cec766cad26c 100644
> --- a/fs/xfs/xfs_xattr.h
> +++ b/fs/xfs/xfs_xattr.h
> @@ -8,6 +8,6 @@
>
> int xfs_attr_change(struct xfs_da_args *args);
>
> -extern const struct xattr_handler *xfs_xattr_handlers[];
> +extern const struct xattr_handler * const xfs_xattr_handlers[];
>
> #endif /* __XFS_XATTR_H__ */
> --
> 2.34.1
>
Reviewed-by: Steve French <[email protected]>
On Sat, Sep 30, 2023 at 6:27 AM Wedson Almeida Filho <[email protected]> wrote:
>
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> cifs_xattr_handlers at runtime.
>
> Cc: Steve French <[email protected]>
> Cc: Paulo Alcantara <[email protected]>
> Cc: Ronnie Sahlberg <[email protected]>
> Cc: Shyam Prasad N <[email protected]>
> Cc: Tom Talpey <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
> ---
> fs/smb/client/cifsfs.h | 2 +-
> fs/smb/client/xattr.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/smb/client/cifsfs.h b/fs/smb/client/cifsfs.h
> index 15c8cc4b6680..a0472b539567 100644
> --- a/fs/smb/client/cifsfs.h
> +++ b/fs/smb/client/cifsfs.h
> @@ -134,7 +134,7 @@ extern int cifs_symlink(struct mnt_idmap *idmap, struct inode *inode,
> struct dentry *direntry, const char *symname);
>
> #ifdef CONFIG_CIFS_XATTR
> -extern const struct xattr_handler *cifs_xattr_handlers[];
> +extern const struct xattr_handler * const cifs_xattr_handlers[];
> extern ssize_t cifs_listxattr(struct dentry *, char *, size_t);
> #else
> # define cifs_xattr_handlers NULL
> diff --git a/fs/smb/client/xattr.c b/fs/smb/client/xattr.c
> index 4ad5531686d8..ac199160bce6 100644
> --- a/fs/smb/client/xattr.c
> +++ b/fs/smb/client/xattr.c
> @@ -478,7 +478,7 @@ static const struct xattr_handler smb3_ntsd_full_xattr_handler = {
> .set = cifs_xattr_set,
> };
>
> -const struct xattr_handler *cifs_xattr_handlers[] = {
> +const struct xattr_handler * const cifs_xattr_handlers[] = {
> &cifs_user_xattr_handler,
> &cifs_os2_xattr_handler,
> &cifs_cifs_acl_xattr_handler,
> --
> 2.34.1
>
--
Thanks,
Steve
On Sat, Sep 30, 2023 at 02:00:09AM -0300, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> btrfs_xattr_handlers at runtime.
>
> Cc: Chris Mason <[email protected]>
> Cc: Josef Bacik <[email protected]>
> Cc: David Sterba <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
With slightly updated changelog added to misc-next, thanks.
On Mon, Oct 02, 2023 at 01:28:58PM +0200, David Sterba wrote:
> On Sat, Sep 30, 2023 at 02:00:09AM -0300, Wedson Almeida Filho wrote:
> > From: Wedson Almeida Filho <[email protected]>
> >
> > This makes it harder for accidental or malicious changes to
> > btrfs_xattr_handlers at runtime.
> >
> > Cc: Chris Mason <[email protected]>
> > Cc: Josef Bacik <[email protected]>
> > Cc: David Sterba <[email protected]>
> > Cc: [email protected]
> > Signed-off-by: Wedson Almeida Filho <[email protected]>
>
> With slightly updated changelog added to misc-next, thanks.
Removed again. I did not notice first that this is part of a larger
series, please also CC the [PATCH 0/N] patch.
There's a warning:
fs/btrfs/super.c: In function ‘btrfs_fill_super’:
fs/btrfs/super.c:1107:21: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
1107 | sb->s_xattr = btrfs_xattr_handlers;
| ^
but the patch changing the type is present in the series.
Please update the changelog of btrfs patch with:
Add const specifier also to the pointed array members of
btrfs_xattr_handlers. This moves the whole structure to the .rodata
section which makes it harder for accidental or malicious changes to
btrfs_xattr_handlers at runtime.
or use it for others patches too.
On Sat, Sep 30, 2023 at 02:00:04AM -0300, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> The 's_xattr' field of 'struct super_block' currently requires a mutable
> table of 'struct xattr_handler' entries (although each handler itself is
> const). However, no code in vfs actually modifies the tables.
>
> So this series changes the type of 's_xattr' to allow const tables, and
> modifies existing file system to move their tables to .rodata. This is
> desirable because these tables contain entries with function pointers in
> them; moving them to .rodata makes it considerably less likely to be
> modified accidentally or maliciously at runtime.
Fine by me and good idea. On vacation this week but I'll wait for
individual fs maintainers to ack their portions anyway and then pick up
next week.
On Mon, 2 Oct 2023 at 08:44, David Sterba <[email protected]> wrote:
>
> On Mon, Oct 02, 2023 at 01:28:58PM +0200, David Sterba wrote:
> > On Sat, Sep 30, 2023 at 02:00:09AM -0300, Wedson Almeida Filho wrote:
> > > From: Wedson Almeida Filho <[email protected]>
> > >
> > > This makes it harder for accidental or malicious changes to
> > > btrfs_xattr_handlers at runtime.
> > >
> > > Cc: Chris Mason <[email protected]>
> > > Cc: Josef Bacik <[email protected]>
> > > Cc: David Sterba <[email protected]>
> > > Cc: [email protected]
> > > Signed-off-by: Wedson Almeida Filho <[email protected]>
> >
> > With slightly updated changelog added to misc-next, thanks.
>
> Removed again. I did not notice first that this is part of a larger
> series, please also CC the [PATCH 0/N] patch.
Sorry for the confusion, I will CC you there too.
> There's a warning:
>
> fs/btrfs/super.c: In function ‘btrfs_fill_super’:
> fs/btrfs/super.c:1107:21: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
> 1107 | sb->s_xattr = btrfs_xattr_handlers;
> | ^
>
> but the patch changing the type is present in the series.
>
> Please update the changelog of btrfs patch with:
>
> Add const specifier also to the pointed array members of
> btrfs_xattr_handlers. This moves the whole structure to the .rodata
> section which makes it harder for accidental or malicious changes to
> btrfs_xattr_handlers at runtime.
Will do. Thanks!
> or use it for others patches too.
On Sat, 30 Sept 2023 at 06:03, Dominique Martinet
<[email protected]> wrote:
>
> Christian Schoenebeck wrote on Sat, Sep 30, 2023 at 10:12:25AM +0200:
> > On Saturday, September 30, 2023 7:00:07 AM CEST Wedson Almeida Filho wrote:
> > > From: Wedson Almeida Filho <[email protected]>
> > >
> > > This makes it harder for accidental or malicious changes to
> > > v9fs_xattr_user_handler, v9fs_xattr_trusted_handler,
> > > v9fs_xattr_security_handler, or v9fs_xattr_handlers at runtime.
> > >
> > > Cc: Eric Van Hensbergen <[email protected]>
> > > Cc: Latchesar Ionkov <[email protected]>
> > > Cc: Dominique Martinet <[email protected]>
> > > Cc: Christian Schoenebeck <[email protected]>
> > > Cc: [email protected]
> > > Signed-off-by: Wedson Almeida Filho <[email protected]>
> >
> > Reviewed-by: Christian Schoenebeck <[email protected]>
Thanks for the review, Christian!
> Looks good to me on principle as well (and it should blow up immediately
> on testing in the unlikely case there's a problem...)
>
> Eric, I don't think you have anything planned for this round?
> There's another data race patch laying around that we didn't submit for
> 6.6, shall I take these two for now?
>
> (Assuming this patch series is meant to be taken up by individual fs
> maintainers independantly, it's never really clear with such large
> swatches of patchs and we weren't in Cc of a cover letter if there was
> any... In the future it'd help if either there's a clear cover letter
> everyone is in Cc at (some would say keep everyone in cc of all
> patches!), or just send these in a loop so they don't appear to be part
> of a series and each maintainer deals with it as they see fit)
There is a cover letter
(https://lore.kernel.org/all/[email protected]/),
apologies for not CCing you there. I was trying to avoid spamming
maintainers with unrelated changes.
We need changes in fs/xattr.c (which are in the first patch of the
series) to avoid warnings, so unfortunately this can't be taken
individually. My thought was that individual fs maintainers would
review/ack the patches and this would be taken through the fs tree.
>
> --
> Dominique
On Sat, Sep 30, 2023 at 7:01 AM Wedson Almeida Filho <[email protected]> wrote:
>
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> ceph_xattr_handlers at runtime.
>
> Cc: Xiubo Li <[email protected]>
> Cc: Ilya Dryomov <[email protected]>
> Cc: Jeff Layton <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
> ---
> fs/ceph/super.h | 2 +-
> fs/ceph/xattr.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> index 3bfddf34d488..b40be1a0f778 100644
> --- a/fs/ceph/super.h
> +++ b/fs/ceph/super.h
> @@ -1089,7 +1089,7 @@ ssize_t __ceph_getxattr(struct inode *, const char *, void *, size_t);
> extern ssize_t ceph_listxattr(struct dentry *, char *, size_t);
> extern struct ceph_buffer *__ceph_build_xattrs_blob(struct ceph_inode_info *ci);
> extern void __ceph_destroy_xattrs(struct ceph_inode_info *ci);
> -extern const struct xattr_handler *ceph_xattr_handlers[];
> +extern const struct xattr_handler * const ceph_xattr_handlers[];
>
> struct ceph_acl_sec_ctx {
> #ifdef CONFIG_CEPH_FS_POSIX_ACL
> diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
> index 806183959c47..0350d7465bbb 100644
> --- a/fs/ceph/xattr.c
> +++ b/fs/ceph/xattr.c
> @@ -1416,7 +1416,7 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx)
> * List of handlers for synthetic system.* attributes. Other
> * attributes are handled directly.
> */
> -const struct xattr_handler *ceph_xattr_handlers[] = {
> +const struct xattr_handler * const ceph_xattr_handlers[] = {
> &ceph_other_xattr_handler,
> NULL,
> };
> --
> 2.34.1
>
Acked-by: Ilya Dryomov <[email protected]>
Thanks,
Ilya
On 9/30/23 12:00AM, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> jfs_xattr_handlers at runtime.
>
> Cc: Dave Kleikamp <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
Reviewed-by: Dave Kleikamp <[email protected]>
> ---
> fs/jfs/jfs_xattr.h | 2 +-
> fs/jfs/xattr.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h
> index 0d33816d251d..ec67d8554d2c 100644
> --- a/fs/jfs/jfs_xattr.h
> +++ b/fs/jfs/jfs_xattr.h
> @@ -46,7 +46,7 @@ extern int __jfs_setxattr(tid_t, struct inode *, const char *, const void *,
> extern ssize_t __jfs_getxattr(struct inode *, const char *, void *, size_t);
> extern ssize_t jfs_listxattr(struct dentry *, char *, size_t);
>
> -extern const struct xattr_handler *jfs_xattr_handlers[];
> +extern const struct xattr_handler * const jfs_xattr_handlers[];
>
> #ifdef CONFIG_JFS_SECURITY
> extern int jfs_init_security(tid_t, struct inode *, struct inode *,
> diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
> index 931e50018f88..001c900a2b4d 100644
> --- a/fs/jfs/xattr.c
> +++ b/fs/jfs/xattr.c
> @@ -985,7 +985,7 @@ static const struct xattr_handler jfs_trusted_xattr_handler = {
> .set = jfs_xattr_set,
> };
>
> -const struct xattr_handler *jfs_xattr_handlers[] = {
> +const struct xattr_handler * const jfs_xattr_handlers[] = {
> &jfs_os2_xattr_handler,
> &jfs_user_xattr_handler,
> &jfs_security_xattr_handler,
Wedson Almeida Filho wrote on Tue, Oct 03, 2023 at 10:55:44AM -0300:
> > Looks good to me on principle as well (and it should blow up immediately
> > on testing in the unlikely case there's a problem...)
> >
> > Eric, I don't think you have anything planned for this round?
> > There's another data race patch laying around that we didn't submit for
> > 6.6, shall I take these two for now?
> >
> > (Assuming this patch series is meant to be taken up by individual fs
> > maintainers independantly, it's never really clear with such large
> > swatches of patchs and we weren't in Cc of a cover letter if there was
> > any... In the future it'd help if either there's a clear cover letter
> > everyone is in Cc at (some would say keep everyone in cc of all
> > patches!), or just send these in a loop so they don't appear to be part
> > of a series and each maintainer deals with it as they see fit)
>
> There is a cover letter
> (https://lore.kernel.org/all/[email protected]/),
> apologies for not CCing you there. I was trying to avoid spamming
> maintainers with unrelated changes.
>
> We need changes in fs/xattr.c (which are in the first patch of the
> series) to avoid warnings, so unfortunately this can't be taken
> individually. My thought was that individual fs maintainers would
> review/ack the patches and this would be taken through the fs tree.
Please include all related maintainers in cover letter and any "common"
patch: I'd have complained about the warning if I had taken the time to
try it out :)
(b4 made it easy to download a whole thread, but it was't obvious this
was required -- I honestly prefer receiving the whole thread than too
little patch but I know some maintainers are split on this... At least I
think we'll all agree cover letter and required dependencies are useful
though -- I now see David Sterba told you something similar, but only
after having written that so leaving it in)
By the way the shmem patch failed to apply to 6.6-rc4 and will need
rebasing.
With all that said, I've taken a few minutes to check it didn't blow up,
so:
Acked-by: Dominique Martinet <[email protected]>
--
Dominique Martinet | Asmadeus
On Sat, 30 Sep 2023 02:00:33 -0300 Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> sockfs_xattr_handlers at runtime.
Acked-by: Jakub Kicinski <[email protected]>
On Sat, Sep 30, 2023 at 02:00:21AM -0300, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> kernfs_xattr_handlers at runtime.
>
> Cc: Greg Kroah-Hartman <[email protected]>
> Cc: Tejun Heo <[email protected]>
> Signed-off-by: Wedson Almeida Filho <[email protected]>
Acked-by: Greg Kroah-Hartman <[email protected]>
On 2023/9/30 13:00, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> This makes it harder for accidental or malicious changes to
> erofs_xattr_handlers or xattr_handler_map at runtime.
>
> Cc: Gao Xiang <[email protected]>
> Cc: Chao Yu <[email protected]>
> Cc: Yue Hu <[email protected]>
> Cc: Jeffle Xu <[email protected]>
> Cc: [email protected]
> Signed-off-by: Wedson Almeida Filho <[email protected]>
Acked-by: Gao Xiang <[email protected]>
Thanks,
Gao Xiang
On Sat, Sep 30, 2023 at 02:00:04AM -0300, Wedson Almeida Filho wrote:
> From: Wedson Almeida Filho <[email protected]>
>
> The 's_xattr' field of 'struct super_block' currently requires a mutable
> table of 'struct xattr_handler' entries (although each handler itself is
> const). However, no code in vfs actually modifies the tables.
>
> So this series changes the type of 's_xattr' to allow const tables, and
> modifies existing file system to move their tables to .rodata. This is
> desirable because these tables contain entries with function pointers in
> them; moving them to .rodata makes it considerably less likely to be
> modified accidentally or maliciously at runtime.
>
> I found this while writing Rust abstractions for vfs.
Applied to the vfs.xattr branch of the vfs/vfs.git tree.
Patches in the vfs.xattr branch should appear in linux-next soon.
Please report any outstanding bugs that were missed during review in a
new review to the original patch series allowing us to drop it.
It's encouraged to provide Acked-bys and Reviewed-bys even though the
patch has now been applied. If possible patch trailers will be updated.
Note that commit hashes shown below are subject to change due to rebase,
trailer updates or similar. If in doubt, please check the listed branch.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git
branch: vfs.xattr
[01/29] xattr: make the xattr array itself const
https://git.kernel.org/vfs/vfs/c/e346fb6d774a
[02/29] ext4: move ext4_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/e60ac1283340
[03/29] 9p: move xattr-related structs to .rodata
https://git.kernel.org/vfs/vfs/c/b6079dc9cb51
[04/29] afs: move afs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/f710c2e48135
[05/29] btrfs: move btrfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/8a25b4189896
[06/29] ceph: move ceph_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/10f9fbe9f25a
[07/29] ecryptfs: move ecryptfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/f354ed981066
[08/29] erofs: move erofs_xattr_handlers and xattr_handler_map to .rodata
https://git.kernel.org/vfs/vfs/c/3591f40e223c
[09/29] ext2: move ext2_xattr_handlers and ext2_xattr_handler_map to .rodata
https://git.kernel.org/vfs/vfs/c/ce78a1ec1c3b
[10/29] f2fs: move f2fs_xattr_handlers and f2fs_xattr_handler_map to .rodata
https://git.kernel.org/vfs/vfs/c/a1c0752c33d2
[11/29] fuse: move fuse_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/34271edb1878
[12/29] gfs2: move gfs2_xattr_handlers_max to .rodata
https://git.kernel.org/vfs/vfs/c/89491fafa81c
[13/29] hfs: move hfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/e27a45b65070
[14/29] hfsplus: move hfsplus_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/2c323f2c5650
[15/29] jffs2: move jffs2_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/13a75c3abcbe
[16/29] jfs: move jfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/ea780283e2c0
[17/29] kernfs: move kernfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/ffb2e0650827
[18/29] nfs: move nfs4_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/f496647e3b09
[19/29] ntfs3: move ntfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/5bf1dd9441da
[20/29] ocfs2: move ocfs2_xattr_handlers and ocfs2_xattr_handler_map to .rodata
https://git.kernel.org/vfs/vfs/c/2cba9af99b3f
[21/29] orangefs: move orangefs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/2e9440ac0716
[22/29] reiserfs: move reiserfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/c063254b7de8
[23/29] smb: move cifs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/e45679b0d2e4
[24/29] squashfs: move squashfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/8a2ae79c7db0
[25/29] ubifs: move ubifs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/582f1ebe32a9
[26/29] xfs: move xfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/6fca42a3b168
[27/29] overlayfs: move xattr tables to .rodata
https://git.kernel.org/vfs/vfs/c/3f644c1cd7b5
[28/29] shmem: move shmem_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/2f8e5f98045e
[29/29] net: move sockfs_xattr_handlers to .rodata
https://git.kernel.org/vfs/vfs/c/dcff22588d9a