2023-03-02 20:30:00

by Luis Chamberlain

Subject: [PATCH 05/11] loadpin: simplify sysctls use with register_sysctl()

register_sysctl_paths() is not required, we can just use
register_sysctl() with the required path specified.

Signed-off-by: Luis Chamberlain <[email protected]>
---
security/loadpin/loadpin.c | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
index d73a281adf86..c971464b4ad5 100644
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
@@ -52,12 +52,6 @@ static bool deny_reading_verity_digests;
#endif

#ifdef CONFIG_SYSCTL
-static struct ctl_path loadpin_sysctl_path[] = {
- { .procname = "kernel", },
- { .procname = "loadpin", },
- { }
-};
-
static struct ctl_table loadpin_sysctl_table[] = {
{
.procname = "enforce",
@@ -262,7 +256,7 @@ static int __init loadpin_init(void)
enforce ? "" : "not ");
parse_exclude();
#ifdef CONFIG_SYSCTL
- if (!register_sysctl_paths(loadpin_sysctl_path, loadpin_sysctl_table))
+ if (!register_sysctl("kernel/loadpin", loadpin_sysctl_table))
pr_notice("sysctl registration failed!\n");
#endif
security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin");
--
2.39.1

2023-03-02 22:56:11

by Kees Cook

Subject: Re: [PATCH 05/11] loadpin: simplify sysctls use with register_sysctl()

On Thu, Mar 02, 2023 at 12:28:20PM -0800, Luis Chamberlain wrote:
> register_sysctl_paths() is not required, we can just use
> register_sysctl() with the required path specified.
>
> Signed-off-by: Luis Chamberlain <[email protected]>

Acked-by: Kees Cook <[email protected]>

--
Kees Cook

2023-03-02 22:58:45

by John Johansen

Subject: Re: [PATCH 05/11] loadpin: simplify sysctls use with register_sysctl()

On 3/2/23 12:28, Luis Chamberlain wrote:
> register_sysctl_paths() is not required, we can just use
> register_sysctl() with the required path specified.
>
> Signed-off-by: Luis Chamberlain <[email protected]>
Reviewed-by: John Johansen <[email protected]>

> ---
> security/loadpin/loadpin.c | 8 +-------
> 1 file changed, 1 insertion(+), 7 deletions(-)
>
> diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
> index d73a281adf86..c971464b4ad5 100644
> --- a/security/loadpin/loadpin.c
> +++ b/security/loadpin/loadpin.c
> @@ -52,12 +52,6 @@ static bool deny_reading_verity_digests;
> #endif
>
> #ifdef CONFIG_SYSCTL
> -static struct ctl_path loadpin_sysctl_path[] = {
> - { .procname = "kernel", },
> - { .procname = "loadpin", },
> - { }
> -};
> -
> static struct ctl_table loadpin_sysctl_table[] = {
> {
> .procname = "enforce",
> @@ -262,7 +256,7 @@ static int __init loadpin_init(void)
> enforce ? "" : "not ");
> parse_exclude();
> #ifdef CONFIG_SYSCTL
> - if (!register_sysctl_paths(loadpin_sysctl_path, loadpin_sysctl_table))
> + if (!register_sysctl("kernel/loadpin", loadpin_sysctl_table))
> pr_notice("sysctl registration failed!\n");
> #endif
> security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin");