2024-05-18 13:54:09

by Thomas Weißschuh

[permalink] [raw]
Subject: [PATCH] utsname: constify ctl_table arguments of utility function

The sysctl core is preparing to only expose instances of
struct ctl_table as "const".
This will also affect the ctl_table argument of sysctl handlers.

As the function prototype of all sysctl handlers throughout the tree
needs to stay consistent that change will be done in one commit.

To reduce the size of that final commit, switch utility functions which
are not bound by "typedef proc_handler" to "const struct ctl_table".

No functional change.

Signed-off-by: Thomas Weißschuh <[email protected]>
---
This patch is meant to be applied through the sysctl tree.
There doesn't seem to be formal maintainer for this file.

Motivation
==========

Moving structures containing function pointers into unmodifiable .rodata
prevents attackers or bugs from corrupting and diverting those pointers.

Also the "struct ctl_table" exposed by the sysctl core were never meant
to be mutated by users.

For this goal changes to both the sysctl core and "const" qualifiers for
various sysctl APIs are necessary.

Full Process
============

* Drop ctl_table modifications from the sysctl core ([0], in mainline)
* Constify arguments to ctl_table_root::{set_ownership,permissions}
([1], in mainline)
* Migrate users of "ctl_table_header::ctl_table_arg" to "const".
(in mainline)
* Afterwards convert "ctl_table_header::ctl_table_arg" itself to const.
(in mainline)
* Prepare helpers used to implement proc_handlers throughout the tree to
use "const struct ctl_table *". ([2], in progress, this patch)
* Afterwards switch over all proc_handlers callbacks to use
"const struct ctl_table *" in one commit. ([2], in progress)
Only custom handlers will be affected, the big commit avoids a
disruptive and messy transition phase.
* Switch over the internals of the sysctl core to "const struct ctl_table *" (to be done)
* Switch include/linux/sysctl.h to "const struct ctl_table *" (to be done)
* Transition instances of "struct ctl_table" through the tree to const (to be done)

A work-in-progress view containing all the outlined changes can be found at
https://git.sr.ht/~t-8ch/linux sysctl-constfy

[0] https://lore.kernel.org/lkml/[email protected]/
[1] https://lore.kernel.org/lkml/[email protected]/
[2] https://lore.kernel.org/lkml/[email protected]/

Cc: Joel Granados <[email protected]>
Cc: Luis Chamberlain <[email protected]>
---
kernel/utsname_sysctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/utsname_sysctl.c b/kernel/utsname_sysctl.c
index 76a772072557..04e4513f2985 100644
--- a/kernel/utsname_sysctl.c
+++ b/kernel/utsname_sysctl.c
@@ -15,7 +15,7 @@

#ifdef CONFIG_PROC_SYSCTL

-static void *get_uts(struct ctl_table *table)
+static void *get_uts(const struct ctl_table *table)
{
char *which = table->data;
struct uts_namespace *uts_ns;

---
base-commit: 4b377b4868ef17b040065bd468668c707d2477a5
change-id: 20240518-sysctl-const-handler-utsname-3f3eec4e6dc3

Best regards,
--
Thomas Weißschuh <[email protected]>



2024-05-23 08:23:49

by Joel Granados

[permalink] [raw]
Subject: Re: [PATCH] utsname: constify ctl_table arguments of utility function

On Sat, May 18, 2024 at 03:53:40PM +0200, Thomas Wei?schuh wrote:
> The sysctl core is preparing to only expose instances of
...
>
> Cc: Joel Granados <[email protected]>
> Cc: Luis Chamberlain <[email protected]>
> ---
> kernel/utsname_sysctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/utsname_sysctl.c b/kernel/utsname_sysctl.c
> index 76a772072557..04e4513f2985 100644
> --- a/kernel/utsname_sysctl.c
> +++ b/kernel/utsname_sysctl.c
> @@ -15,7 +15,7 @@
>
> #ifdef CONFIG_PROC_SYSCTL
>
> -static void *get_uts(struct ctl_table *table)
> +static void *get_uts(const struct ctl_table *table)
> {
> char *which = table->data;
> struct uts_namespace *uts_ns;
>
> ---
> base-commit: 4b377b4868ef17b040065bd468668c707d2477a5
> change-id: 20240518-sysctl-const-handler-utsname-3f3eec4e6dc3
>
> Best regards,
> --
> Thomas Wei?schuh <[email protected]>
>

LGTM.

I'll bring this in through the sysctl tree for the next release; unless
folks want it to go in another way. For now it will go to sysctl-testing
waiting for the merge window to be closed.

Reviewed-by: Joel Granados <[email protected]>

--

Joel Granados


Attachments:
(No filename) (1.20 kB)
signature.asc (673.00 B)
Download all attachments