Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5270586yba; Wed, 10 Apr 2019 15:31:52 -0700 (PDT) X-Google-Smtp-Source: APXvYqwiEAM8pb9Laqn2mzbr4qHWpl24QVwj1R9X6L9PJOK+j1JfrxFAUDKbnsR6KsqJ4Hlfpt5L X-Received: by 2002:a63:8848:: with SMTP id l69mr39187544pgd.137.1554935512053; Wed, 10 Apr 2019 15:31:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554935512; cv=none; d=google.com; s=arc-20160816; b=cfUS5EpN3mLDJbTe6VZNwUi0O3xFN6kCJwsTVNl/f9kG7oivQUIMDXS1+3mRW7Pk68 Eo5U7Kg8aVR5WR6CgAc50l2KD4eyFxnnMa1BzNzlVSSr0QZXcjE4unLnB2TBlfknHDVQ iOWwk0/5/+9FCVG+aM9LNYFK8jt3rsnvAXwTDY/LXphggqH6rVwlSrlSJ3olRGwHVQMY vxImCo849AtUyyj2bkeQZnEKmYuCdzUJB/tIBfAg6ikBdyb9iEPFnwch10gKGQfyqkNi Wx3asqrz4unvWADSYbT/xg5ULHZq2bRsUVOQ2BlK9l9VXtsFv0YqpfieHbHoIzry8YNG HIxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=jgFRy3xnUP6NIgxErvxJfk2xMZ8wlFlp/Oi4ioPIets=; b=o/NunMiGDyrZNJYHmw9uT2OqYsnCUcqE/Wa6v9i1rE8bjZzGgE839MTNGMBbA0xAew YH0D5TJWR8LRcE5LfxXR0tfX3lVrnxmCChQ7ExvxJWxUmJ8TTWtAoRPUML2dCS591IQG 2ZlrXdjujsW9MCJ16Eq6ykToFsJ7QC/rBP5Z4Ynt4IES0su/L2uv0+15aQBZrBtIzC8R 2AuvHj5acTHc30QMxvIQdv0wjJa/HjY6nEGfqxB/Vwxw3eyChCrHhv+q/AN3q+DyS5bU 5k2kxLbl8aKOjykkqQNWZDepi8yMiQqQPeflxulhlM8o95izU8OITUvH9Qar7b/GSQFk 31Xg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l66si32731671pgl.474.2019.04.10.15.31.35; Wed, 10 Apr 2019 15:31:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726656AbfDJWan (ORCPT + 99 others); Wed, 10 Apr 2019 18:30:43 -0400 Received: from mail-lf1-f66.google.com ([209.85.167.66]:39592 "EHLO mail-lf1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726023AbfDJWan (ORCPT ); Wed, 10 Apr 2019 18:30:43 -0400 Received: by mail-lf1-f66.google.com with SMTP id z9so3035001lfh.6 for ; Wed, 10 Apr 2019 15:30:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jgFRy3xnUP6NIgxErvxJfk2xMZ8wlFlp/Oi4ioPIets=; b=RAXXm4oQzgVWP/9aV8L+QOhQm8n4NrdC+tBbEQFpl0J+2Ko1clMd8zbsJXVCpHdcDb 7YngCtdp18M7cc4aXYQVFHEg5LGRQ3gUvoYngSkTDiKnVf2vD4o6JKDN7sR1eC8YfuwA 8EaaNNyPZy/yZdMfuanXLi5xEmEQfWXOjB2OEk9n2bwHO4Q8iHSgSqhaCq/lMbsHXej+ 3jI2tKFZjkMA+5hnONXwCH/F+exg8k7A8Z53lBQADWPUP9zxjSB+TewaHr9XvRcPq18S ksoHbqTCKnC6f3SNCI4Hy3APV+V5alPQpLKhEk7qhZ4ggdfHRl4Uj60IgAc2M+azGh/K KV5Q== X-Gm-Message-State: APjAAAX3Ml4XwnPe5RQy6aPeaUfVNiL0neeXSAlc2pmhXCbOm96j8oif tpfCkSj7bYwhcRH4LaZeGWkBF+AB5X6G8JUdPWpVkA== X-Received: by 2002:ac2:4551:: with SMTP id j17mr13958827lfm.141.1554935441257; Wed, 10 Apr 2019 15:30:41 -0700 (PDT) MIME-Version: 1.0 References: <20190408220925.13077-1-mcroce@redhat.com> <20190408220925.13077-3-mcroce@redhat.com> In-Reply-To: From: Matteo Croce Date: Thu, 11 Apr 2019 00:30:05 +0200 Message-ID: Subject: Re: [PATCH 2/2] kernel: use sysctl shared variables for range check To: Kees Cook Cc: Andrew Morton , LKML , "linux-fsdevel@vger.kernel.org" , Luis Chamberlain , Alexey Dobriyan Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 10, 2019 at 11:51 PM Kees Cook wrote: > > On Wed, Apr 10, 2019 at 12:24 PM Matteo Croce wrote: > > > > On Wed, Apr 10, 2019 at 8:46 PM Kees Cook wrote: > > > > > > On Mon, Apr 8, 2019 at 3:09 PM Matteo Croce wrote: > > > > > > > > Use the shared variables for range check, instead of declaring a local one > > > > in every source file. > > > > > > I was expecting this to be a tree-wide change for all the cases found > > > by patch 1's "git grep". > > > > > > > Hi Kees, > > > > I have already the whole patch ready, but I was frightened by the > > output of get_maintainer.pl, so I decided to split the patch into > > small pieces and send the first one. > > Heh, sounds fine. Normally the big tree-wide changes go via Linus just > before cutting rc1 (or rc2). This is "only" 31 source files, though, > so maybe akpm wants to take these instead? Andrew, how do you feel > about that? > FYI, this are the stats from my local repo, just to let you the size of a series with all the changes in it: $ git --no-pager log --stat --oneline linus/master acebb1f752e9 x86: use sysctl shared variables for range check arch/x86/entry/vdso/vdso32-setup.c | 7 ++----- arch/x86/kernel/itmt.c | 6 ++---- 2 files changed, 4 insertions(+), 9 deletions(-) 6731f419f46d s390: use sysctl shared variables for range check arch/s390/appldata/appldata_base.c | 15 +++++---------- arch/s390/kernel/topology.c | 6 ++---- 2 files changed, 7 insertions(+), 14 deletions(-) 1189495100c6 drivers: use sysctl shared variables for range check drivers/base/firmware_loader/fallback_table.c | 11 ++++------- drivers/gpu/drm/i915/i915_perf.c | 8 +++----- drivers/hv/vmbus_drv.c | 6 ++---- drivers/s390/char/sclp_async.c | 7 ++----- drivers/tty/tty_ldisc.c | 6 ++---- drivers/xen/balloon.c | 7 ++----- 6 files changed, 15 insertions(+), 30 deletions(-) bada6ce1f240 ipc: use sysctl shared variables for range check ipc/ipc_sysctl.c | 35 ++++++++++++++++------------------- 1 file changed, 16 insertions(+), 19 deletions(-) 1faa590d64c5 inotify: use sysctl shared variables for range check fs/notify/inotify/inotify_user.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) ad4254677a52 security: use sysctl shared variables for range check security/keys/sysctl.c | 26 ++++++++++++-------------- security/loadpin/loadpin.c | 6 ++---- security/yama/yama_lsm.c | 3 +-- 3 files changed, 15 insertions(+), 20 deletions(-) 3d2211ab8c7c net: use sysctl shared variables for range check net/core/neighbour.c | 20 ++++++------- net/core/sysctl_net_core.c | 34 ++++++++++------------ net/dccp/sysctl.c | 16 +++++----- net/ipv4/sysctl_net_ipv4.c | 58 ++++++++++++++++++------------------- net/ipv6/addrconf.c | 6 ++-- net/ipv6/route.c | 7 ++--- net/ipv6/sysctl_net_ipv6.c | 8 ++--- net/mpls/af_mpls.c | 10 +++---- net/netfilter/ipvs/ip_vs_ctl.c | 3 +- net/rxrpc/sysctl.c | 9 +++--- net/sctp/sysctl.c | 35 ++++++++++------------ net/sunrpc/xprtrdma/transport.c | 3 +- 12 files changed, 93 insertions(+), 116 deletions(-) f20fd0e406ec kernel: use sysctl shared variables for range check kernel/pid_namespace.c | 3 +- kernel/sysctl.c | 193 ++++++++++++++++++++++----------------------- kernel/ucount.c | 6 +- 3 files changed, 98 insertions(+), 104 deletions(-) 05fc54289d17 proc/sysctl: add shared variables for range check fs/proc/proc_sysctl.c | 5 +++++ include/linux/sysctl.h | 4 ++++ 2 files changed, 9 insertions(+) -- Matteo Croce per aspera ad upstream