Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp5782611ioo;
        Wed, 1 Jun 2022 12:29:38 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzzSbea1Oup1k6Hn1zq6wt+uUraz7VNDS508GD0KDhWLKjIk4z0yWLDfl1Q2UqzQMxLkxj5
X-Received: by 2002:a17:903:2349:b0:163:d235:71e6 with SMTP id c9-20020a170903234900b00163d23571e6mr964862plh.47.1654111777998;
        Wed, 01 Jun 2022 12:29:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1654111777; cv=none;
        d=google.com; s=arc-20160816;
        b=PswghL4d8MXr4ULye/8mDxZDe+vQ/kJdnazeb+akzvc6+jvV3Bq9fJHOkylbRiQ2vm
         cv68tCg0wRQlxl+lLS8wVbUixRJpol69W5edyBLyD5yjA8AsPt7cjUm5ZV8yGzaLHbqs
         fpVW4FLLTHKDV643ESDmYO46GQSxwzSIb9zHzMqHen2DPnQ4p/ejJaPgjG8KnJqiEfoL
         oLtMQytRkEsyBX23H5g9NThfAjqsMMQNkKNqghwjGYrc3bpYMhV3sqJ/EXRFcmzj8eSz
         Y2h38tZH5xdYovA0bRbPCCb9szwb0a9T3NkHJCD+fnEBifHOw/yRM1Hw6eQQU2cH4Wg/
         vZuw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=m+ra9+Uw4mwncXSwUYOHb8yivSwKT+IjRzxQQQYzGQ4=;
        b=0i7vt0Baqaq1IgafgJHJNyucGaKHtw8lLaujB43qNfn3/OP92QSeAfIWIt8qF/fA9V
         FlaWe/z27QalPxaew7pACn10AiLNTt/wNq4IUEBCmiQP36bpnJVPPvSzM2qg9fr9/YIk
         TlgaersMQE9uGUQd71sjpWFhNeV9Ed2kARKAsYgLtz8A8znG+njf46c5clM5Akzc6VRF
         Fw0jt1610wLQ6/dYSCYh+t0pOjaNKqP3fr7mzl0BPdu6tSBmPY8kUzib+WHCWkf1Kt67
         z2GGCaHpnVk4F533ImHPFrByh65B8CGK7lFCFq+ST3R9KCbd/5POXshALDRqZG48sSyk
         HgkA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id p9-20020a17090b010900b001e2fab4d1a9si7042667pjz.105.2022.06.01.12.29.37
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 01 Jun 2022 12:29:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id C0AE0188E95;
	Wed,  1 Jun 2022 12:01:26 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1352836AbiFANUx (ORCPT <rfc822;aaronngray.lists@gmail.com>
        + 99 others); Wed, 1 Jun 2022 09:20:53 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41114 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1349877AbiFANUx (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 1 Jun 2022 09:20:53 -0400
Received: from us-smtp-delivery-44.mimecast.com (us-smtp-delivery-44.mimecast.com [205.139.111.44])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 2BE424BFE4
        for <linux-kernel@vger.kernel.org>; Wed,  1 Jun 2022 06:20:52 -0700 (PDT)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-558-qxqzpq1EP3qjbsqo9TYE3w-1; Wed, 01 Jun 2022 09:20:46 -0400
X-MC-Unique: qxqzpq1EP3qjbsqo9TYE3w-1
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7BF55383328A;
        Wed,  1 Jun 2022 13:20:45 +0000 (UTC)
Received: from comp-core-i7-2640m-0182e6.redhat.com (unknown [10.36.110.3])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 3E802414A7E9;
        Wed,  1 Jun 2022 13:20:43 +0000 (UTC)
From:   Alexey Gladkov <legion@kernel.org>
To:     LKML <linux-kernel@vger.kernel.org>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Andrew Morton <akpm@linux-foundation.org>,
        Christian Brauner <brauner@kernel.org>,
        Iurii Zaikin <yzaikin@google.com>,
        Kees Cook <keescook@chromium.org>,
        Linux Containers <containers@lists.linux.dev>,
        linux-fsdevel@vger.kernel.org,
        Luis Chamberlain <mcgrof@kernel.org>,
        Vasily Averin <vvs@virtuozzo.com>
Subject: [RFC PATCH 0/4] API extension for handling sysctl
Date:   Wed,  1 Jun 2022 15:20:28 +0200
Message-Id: <cover.1654086665.git.legion@kernel.org>
In-Reply-To: <CAHk-=whi2SzU4XT_FsdTCAuK2qtYmH+-hwi1cbSdG8zu0KXL=g@mail.gmail.com>
References: <CAHk-=whi2SzU4XT_FsdTCAuK2qtYmH+-hwi1cbSdG8zu0KXL=g@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI,
	RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Apr 22, 2022 at 01:44:50PM -0700, Linus Torvalds wrote:
> On Fri, Apr 22, 2022 at 5:53 AM Alexey Gladkov <legion@kernel.org> wrote:
> >
> > Yes, Linus, these changes are not the refactoring you were talking
> > about, but I plan to try to do such a refactoring in the my next
> > patchset.
> 
> Heh. Ok, I'm not saying these patches are pretty, and looking up the
> namespace thing is a bit subtle, but it's certainly prettier than the
> existing odd "create a new ctl_table entry because of field abuse".

As I promised, here is one of the possible options for how to get rid of dynamic
memory allocation.

We can slightly extend the API and thus be able to save data at the time the
file is opened. This will not only eliminate the need to allocate memory, but
also provide access to file struct and f_cred.

I made an RFC because I'm not sure that I did the permissions check for
ipc_sysctl. I also did not change all the places where this API can be applied
to make the patch smaller. As in the case of /proc/sys/kernel/printk where
CAP_SYS_ADMIN is checked[1] for the current process at the time of write.

I made a patchset on top of:

git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-next

Because there are my previous changes.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/printk/sysctl.c#n17

--

Alexey Gladkov (4):
  sysctl: API extension for handling sysctl
  sysctl: ipc: Do not use dynamic memory
  sysctl: userns: Do not use dynamic memory
  sysctl: mqueue: Do not use dynamic memory

 fs/proc/proc_sysctl.c          |  71 ++++++++--
 include/linux/ipc_namespace.h  |  35 -----
 include/linux/sysctl.h         |  20 ++-
 include/linux/user_namespace.h |   6 -
 ipc/ipc_sysctl.c               | 236 +++++++++++++++++----------------
 ipc/mq_sysctl.c                | 138 ++++++++++---------
 ipc/mqueue.c                   |   5 -
 ipc/namespace.c                |  10 --
 kernel/ucount.c                | 116 +++++++---------
 kernel/user_namespace.c        |  10 +-
 10 files changed, 323 insertions(+), 324 deletions(-)

-- 
2.33.3