2023-05-30 23:53:30

by Luis Chamberlain

[permalink] [raw]
Subject: [PATCH 2/2] sysctl: move security keys sysctl registration to its own file

The security keys sysctls are already declared on its own file,
just move the sysctl registration to its own file to help avoid
merge conflicts on sysctls.c, and help with clearing up sysctl.c
further.

This creates a small penalty of 23 bytes:

./scripts/bloat-o-meter vmlinux.1 vmlinux.2
add/remove: 2/0 grow/shrink: 0/1 up/down: 49/-26 (23)
Function old new delta
init_security_keys_sysctls - 33 +33
__pfx_init_security_keys_sysctls - 16 +16
sysctl_init_bases 85 59 -26
Total: Before=21256937, After=21256960, chg +0.00%

But soon we'll be saving tons of bytes anyway, as we modify the
sysctl registrations to use ARRAY_SIZE and so we get rid of all the
empty array elements so let's just clean this up now.

Signed-off-by: Luis Chamberlain <[email protected]>
---
include/linux/key.h | 3 ---
kernel/sysctl.c | 4 ----
security/keys/sysctl.c | 7 +++++++
3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/linux/key.h b/include/linux/key.h
index 8dc7f7c3088b..938d7ecfb495 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -490,9 +490,6 @@ do { \
rcu_assign_pointer((KEY)->payload.rcu_data0, (PAYLOAD)); \
} while (0)

-#ifdef CONFIG_SYSCTL
-extern struct ctl_table key_sysctls[];
-#endif
/*
* the userspace interface
*/
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index caf4a91522a1..48046932d573 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -2322,10 +2322,6 @@ static struct ctl_table vm_table[] = {
int __init sysctl_init_bases(void)
{
register_sysctl_init("kernel", kern_table);
-#ifdef CONFIG_KEYS
- register_sysctl_init("kernel/keys", key_sysctls);
-#endif
-
register_sysctl_init("vm", vm_table);

return 0;
diff --git a/security/keys/sysctl.c b/security/keys/sysctl.c
index b46b651b3c4c..b72b82bb20c6 100644
--- a/security/keys/sysctl.c
+++ b/security/keys/sysctl.c
@@ -68,3 +68,10 @@ struct ctl_table key_sysctls[] = {
#endif
{ }
};
+
+static int __init init_security_keys_sysctls(void)
+{
+ register_sysctl_init("kernel/keys", key_sysctls);
+ return 0;
+}
+early_initcall(init_security_keys_sysctls);
--
2.39.2



2023-05-31 21:29:46

by Paul Moore

[permalink] [raw]
Subject: Re: [PATCH 2/2] sysctl: move security keys sysctl registration to its own file

On Tue, May 30, 2023 at 7:29 PM Luis Chamberlain <[email protected]> wrote:
>
> The security keys sysctls are already declared on its own file,
> just move the sysctl registration to its own file to help avoid
> merge conflicts on sysctls.c, and help with clearing up sysctl.c
> further.
>
> This creates a small penalty of 23 bytes:
>
> ./scripts/bloat-o-meter vmlinux.1 vmlinux.2
> add/remove: 2/0 grow/shrink: 0/1 up/down: 49/-26 (23)
> Function old new delta
> init_security_keys_sysctls - 33 +33
> __pfx_init_security_keys_sysctls - 16 +16
> sysctl_init_bases 85 59 -26
> Total: Before=21256937, After=21256960, chg +0.00%
>
> But soon we'll be saving tons of bytes anyway, as we modify the
> sysctl registrations to use ARRAY_SIZE and so we get rid of all the
> empty array elements so let's just clean this up now.
>
> Signed-off-by: Luis Chamberlain <[email protected]>
> ---
> include/linux/key.h | 3 ---
> kernel/sysctl.c | 4 ----
> security/keys/sysctl.c | 7 +++++++
> 3 files changed, 7 insertions(+), 7 deletions(-)

Ultimately I'll leave the ACK to David or Jarkko, but this looks
reasonable to me.

Reviewed-by: Paul Moore <[email protected]>

--
paul-moore.com

2023-06-06 19:05:19

by Luis Chamberlain

[permalink] [raw]
Subject: Re: [PATCH 2/2] sysctl: move security keys sysctl registration to its own file

On Wed, May 31, 2023 at 05:20:46PM -0400, Paul Moore wrote:
> On Tue, May 30, 2023 at 7:29 PM Luis Chamberlain <[email protected]> wrote:
> >
> > The security keys sysctls are already declared on its own file,
> > just move the sysctl registration to its own file to help avoid
> > merge conflicts on sysctls.c, and help with clearing up sysctl.c
> > further.
> >
> > This creates a small penalty of 23 bytes:
> >
> > ./scripts/bloat-o-meter vmlinux.1 vmlinux.2
> > add/remove: 2/0 grow/shrink: 0/1 up/down: 49/-26 (23)
> > Function old new delta
> > init_security_keys_sysctls - 33 +33
> > __pfx_init_security_keys_sysctls - 16 +16
> > sysctl_init_bases 85 59 -26
> > Total: Before=21256937, After=21256960, chg +0.00%
> >
> > But soon we'll be saving tons of bytes anyway, as we modify the
> > sysctl registrations to use ARRAY_SIZE and so we get rid of all the
> > empty array elements so let's just clean this up now.
> >
> > Signed-off-by: Luis Chamberlain <[email protected]>
> > ---
> > include/linux/key.h | 3 ---
> > kernel/sysctl.c | 4 ----
> > security/keys/sysctl.c | 7 +++++++
> > 3 files changed, 7 insertions(+), 7 deletions(-)
>
> Ultimately I'll leave the ACK to David or Jarkko, but this looks
> reasonable to me.
>
> Reviewed-by: Paul Moore <[email protected]>

I've queued this onto sysctl-next as I haven't seen any complaints.
I can drop it if there are complaints or regressions reported by
folks on linux-next.

Luis

2023-06-06 21:02:47

by Jarkko Sakkinen

[permalink] [raw]
Subject: Re: [PATCH 2/2] sysctl: move security keys sysctl registration to its own file

On Wed May 31, 2023 at 2:29 AM EEST, Luis Chamberlain wrote:
> The security keys sysctls are already declared on its own file,
> just move the sysctl registration to its own file to help avoid
> merge conflicts on sysctls.c, and help with clearing up sysctl.c
> further.
>
> This creates a small penalty of 23 bytes:
>
> ./scripts/bloat-o-meter vmlinux.1 vmlinux.2
> add/remove: 2/0 grow/shrink: 0/1 up/down: 49/-26 (23)
> Function old new delta
> init_security_keys_sysctls - 33 +33
> __pfx_init_security_keys_sysctls - 16 +16
> sysctl_init_bases 85 59 -26
> Total: Before=21256937, After=21256960, chg +0.00%
>
> But soon we'll be saving tons of bytes anyway, as we modify the
> sysctl registrations to use ARRAY_SIZE and so we get rid of all the
> empty array elements so let's just clean this up now.
>
> Signed-off-by: Luis Chamberlain <[email protected]>
> ---
> include/linux/key.h | 3 ---
> kernel/sysctl.c | 4 ----
> security/keys/sysctl.c | 7 +++++++
> 3 files changed, 7 insertions(+), 7 deletions(-)

Acked-by: Jarkko Sakkinen <[email protected]>

BR, Jarkko

2023-06-07 08:46:27

by David Howells

[permalink] [raw]
Subject: Re: [PATCH 2/2] sysctl: move security keys sysctl registration to its own file

Luis Chamberlain <[email protected]> wrote:

> The security keys sysctls are already declared on its own file,
> just move the sysctl registration to its own file to help avoid
> merge conflicts on sysctls.c, and help with clearing up sysctl.c
> further.
>
> This creates a small penalty of 23 bytes:
>
> ./scripts/bloat-o-meter vmlinux.1 vmlinux.2
> add/remove: 2/0 grow/shrink: 0/1 up/down: 49/-26 (23)
> Function old new delta
> init_security_keys_sysctls - 33 +33
> __pfx_init_security_keys_sysctls - 16 +16
> sysctl_init_bases 85 59 -26
> Total: Before=21256937, After=21256960, chg +0.00%
>
> But soon we'll be saving tons of bytes anyway, as we modify the
> sysctl registrations to use ARRAY_SIZE and so we get rid of all the
> empty array elements so let's just clean this up now.
>
> Signed-off-by: Luis Chamberlain <[email protected]>

Acked-by: David Howells <[email protected]>