Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5149268yba; Wed, 10 Apr 2019 12:27:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqyNRxCmwVo+2PcT1bdXDZd7V5uiwepkpIZoco4zP3IVuFpBCqLFPwYYVcHZLMcvhB4uv+uH X-Received: by 2002:a63:3281:: with SMTP id y123mr10214242pgy.272.1554924424530; Wed, 10 Apr 2019 12:27:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554924424; cv=none; d=google.com; s=arc-20160816; b=twe7eu/Oimh18dMf4DXikAwpTfeWl1hE+chCmzvEftYOhmh5JoUHmKB2LhPwHJIy17 A64h8c7KRR/cXivru4dIU3E+PMbXma8Tl0fSSizHkw5Cryl0hG7wmQ6hVW9HLxJZOdxP RPk35eVtOOL/L3ATaozYMFItebGfNwY8Z2aWlVn+TorLvPYjAG/dQYDBD17jI6A0NTUB XK3vdE31sWGIY5/L6tZ7IJTxLvXMcIO+eZNXbdhxEBLU21FZ4lE6Qq5HDvRk+b1S5/O0 b09mtQbW2X80raMUNUv4A4JHcr7vnnDiyvW35VtohjLkX1QTASBjXduqbkmClSUw+6Z3 XnEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=ZtE6u2CmznELGPlCVTCwPsq3DHN6UfubwmUZHQ7hukE=; b=frXK0evgaqyWpgQINKG2V2wdXfh3mpvYEzciAIYyQXv6WisWm9R14Xb1luXgjkqQ82 y8L1tsDb60cPJxN5SgMjwcdgdZNS0mpG2HlEvZZkyuBz2cVHbECNaPlVN4wkmmtR5s3M 3jQ4Lgeds0RISY3bBCAR8o0OggBSowJXx8YjJ1/i38le21VW5P2LWSIqXBvRGnCLb2uJ ohKP/ipHajBhYSYQcWNuQ0txTNdkH34Y+LStpd8AODDm/GjFje1reZ8ILOvrG4RxoBsI K99KXLmirH2OBPlUVdYGV2KGWiBKRogXe22Sd5F3QpnZ/gQZxutXld35709kXLiwet8u GfAw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a13si21173776pgg.365.2019.04.10.12.26.48; Wed, 10 Apr 2019 12:27:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727078AbfDJTYd (ORCPT + 99 others); Wed, 10 Apr 2019 15:24:33 -0400 Received: from mail-lj1-f195.google.com ([209.85.208.195]:45803 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727074AbfDJTYc (ORCPT ); Wed, 10 Apr 2019 15:24:32 -0400 Received: by mail-lj1-f195.google.com with SMTP id y6so3166405ljd.12 for ; Wed, 10 Apr 2019 12:24:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZtE6u2CmznELGPlCVTCwPsq3DHN6UfubwmUZHQ7hukE=; b=Ug30KgNvcrO8NeW5kgNoXcpPn8vWVJG3EsQa04V4bdgPnPyAuKQ7Q+NAShdqrSfmid YrU8bTNMUKdm7SSTVJWFZf5IJHginZFahV01Y0uYvGmUB7IlqWlFZuApjPP7ukolc300 d6U/NAaKAMon09b5zxfpCUNeiN9d+VYlsc3fkdEAIh4oTDFgAjaeLeyWJUlE3EAk1oBd /eC54FMZVGwRTuMEpR74cmyDArYa7IwxlIJ03gi/9FhFj80Psx3/DqfJeLpkH9ajgsaL 9WaJwXhtfpnkKLdOHtwnUqQE6yoQn9SjEuJMIDut7XUguBAz3eoIT31icnQxELerg4ZV +uGw== X-Gm-Message-State: APjAAAXoGB6C410/mtGNEjQHcL7gdlnzs7bVskmDTMwUImRbCZ6a1Fnk h70aJWo5bShG7s8hyUzO9w6ODiofu/yHdw/Ib6oP4Q== X-Received: by 2002:a2e:9649:: with SMTP id z9mr7319296ljh.92.1554924270348; Wed, 10 Apr 2019 12:24:30 -0700 (PDT) MIME-Version: 1.0 References: <20190408220925.13077-1-mcroce@redhat.com> <20190408220925.13077-3-mcroce@redhat.com> In-Reply-To: From: Matteo Croce Date: Wed, 10 Apr 2019 21:23:54 +0200 Message-ID: Subject: Re: [PATCH 2/2] kernel: use sysctl shared variables for range check To: Kees Cook Cc: LKML , "linux-fsdevel@vger.kernel.org" , Luis Chamberlain , Alexey Dobriyan Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 10, 2019 at 8:46 PM Kees Cook wrote: > > On Mon, Apr 8, 2019 at 3:09 PM Matteo Croce wrote: > > > > Use the shared variables for range check, instead of declaring a local one > > in every source file. > > I was expecting this to be a tree-wide change for all the cases found > by patch 1's "git grep". > Hi Kees, I have already the whole patch ready, but I was frightened by the output of get_maintainer.pl, so I decided to split the patch into small pieces and send the first one. Patches for /proc/sys/net and drivers/ are pretty big, and can be merged after the 1/2 inclusion. > Slight change to the grep for higher accuracy: > > $ git grep -E '\.extra[12].*&(zero|one|int_max)\b' |wc -l > 245 > Right, my regexp wrongly matches also one_hundred, one_jiffy, etc. Anywqay, I did the changes by hand, so apart the commit message, the content should be safe. > Only 31 sources: > $ git grep -E '\.extra[12].*&(zero|one|int_max)\b' | cut -d: -f1 | > sort -u > /tmp/list.txt > $ wc -l /tmp/list.txt > 31 > > One thing I wonder about is if any of these cases depend on the extra > variable being non-const (many of these are just "static int"). > > $ egrep -H '\b(zero|one|int_max)\b.*=' $(cat /tmp/list.txt) | grep -v static > > Looks like none, so it'd be safe. How about doing this tree-wide for > all 31 cases? (Coccinelle might be able to help.) > It could be true for other sysctl values like xpc_disengage_max_timelimit or fscache_op_wq, but it's very unlikely that someone writes, for example, 5 into a variable named "zero". If it does, it most likely a bug, so const is our friend. Regards, -- Matteo Croce per aspera ad upstream