Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp2547956rdb; Sun, 3 Dec 2023 23:53:24 -0800 (PST) X-Google-Smtp-Source: AGHT+IF6R4YImSmGRFy5Wulxw0Nr+/ZhRL8UcPmRfRb12S6Kp76WsyUDmbZBb9f31ivi8KzxrM88 X-Received: by 2002:a05:6a21:360f:b0:18f:97c:ba1b with SMTP id yg15-20020a056a21360f00b0018f097cba1bmr1486682pzb.117.1701676404277; Sun, 03 Dec 2023 23:53:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701676404; cv=none; d=google.com; s=arc-20160816; b=lR5/xn0UiBxApDf0dKxNayPoBag10krb723qlydNeai3psfYlrhrBBL3dQEavCLSZh 58jjwG8cb2Q9ydHdBCGC55GhhVgo3AyLj4skwq9VodYKjXVPQCSSTDvn4Sh3PnBxBJlt IAnwxn5jtCTIJoUniW50ieGib/gapCPj87bJmwqbOnwXpgdegAqODMFlqYs/r55Q9Dx3 53jLpt00Ze4ZY5rX1mtlqVZfuki1pPenHUJS+t4gHPZwuBkiAh3xV6+/1oJExAoQSXVV OBdII6isV1aPWykW0Q+Y+cRo+BUp1YHpnS6xvsmKeRDkizuzm+f+yJY7uCxU7qWWuM2G SjbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:content-transfer-encoding:mime-version :message-id:date:subject:from:dkim-signature; bh=3jnB08xQZbYF3KsWjfsD6qcPOQd+0BOHzeGaQYPTX6o=; fh=1v5zqbO9sIGUc9bsdyhYE0zxdK1knZz2xnJYWUWMFKo=; b=NekOHJ1U2hz8yegQiveWVYdfNGGhy7O4le0HS6jJ9u2bNTXTIOGZSIY9VnWd0aZE04 Rw9fNysW2xYRTZC6M3peh/HQI3T14sDr2gO8qF578tDqL5YHncYrfjGK626RByulxcf4 u9XEPXLEmaCXV8D07g6ELS/1j2l9MRnoWecCmMthZ4mQNtVQiGccdagP0kOzNTb1ipeb 60UhoRZLHlAc8dYVj4CaLlzZw6GziaZGuZHbXnTlx3xrYtKaZDjPn8o05HXq3SR+QVgR gLmA4yX2mY2aUdf1i6DHXZ/g8hg7vcBPGAfYMbkcttM3Yg0HoDnyMYw4vG1xYD7gv1sm ii9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@weissschuh.net header.s=mail header.b=dnPHjEVw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id x20-20020a17090ab01400b002806cdeecc6si3274192pjq.35.2023.12.03.23.53.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 03 Dec 2023 23:53:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@weissschuh.net header.s=mail header.b=dnPHjEVw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 819358068FF1; Sun, 3 Dec 2023 23:53:18 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343533AbjLDHwe (ORCPT + 99 others); Mon, 4 Dec 2023 02:52:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48220 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343499AbjLDHw3 (ORCPT ); Mon, 4 Dec 2023 02:52:29 -0500 Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E9B3107; Sun, 3 Dec 2023 23:52:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676351; bh=+ww9ozMh9wAF4pWHTJZYSE+udfVfSh/C+2C1r4/VF/s=; h=From:Subject:Date:To:Cc:From; b=dnPHjEVwIoAaUNrJmfgUcDTgDY+kMfYuLAXeYssKs0PP5lDHtRYa5ZQIkuwFRQ19I G9VVlPqY05uo4DwJxYm6SjoQ66Xlf4PtNdI1YTREJEz4/QZG75Cny25A1SPPtSjR4m fJXZxK4uWx9k+wZH5A7s7afVWeMLQP6lvu8RGh34= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Subject: [PATCH v2 00/18] sysctl: constify sysctl ctl_tables Date: Mon, 04 Dec 2023 08:52:13 +0100 Message-Id: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-B4-Tracking: v=1; b=H4sIAC2FbWUC/1XMQQ6CMBCF4auQWVvTGYGAK+5hWGgd7CSmmE5FC eHuVuLG5f+S9y2gHIUVjsUCkSdRGUMO2hXg/Dnc2Mg1N5ClAyLWxo1Bk9FZXbobxrKmckBqKwf 58og8yHvjTn1uL5rGOG/6hN/1B1H1D01orKm4afBi2VJruxeLqjr/9PvACfp1XT8AeYzlrQAAA A== To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=9179; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=+ww9ozMh9wAF4pWHTJZYSE+udfVfSh/C+2C1r4/VF/s=; b=BIozzZhBNLoGF0P6eemlxPCmLd/ipkDabVbbZkpiglLWYk8z0bHRbPG+91EvUuA2HFcfXtAz8 hbqU7Y6xCjwDgZn/Y14rfdrClcjKUg615vxDC7TNGIOqySyrONghN/Y X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Sun, 03 Dec 2023 23:53:18 -0800 (PST) Problem description: The kernel contains a lot of struct ctl_table throught the tree. These are very often 'static' definitions. It would be good to make the tables unmodifiable by marking them "const" to avoid accidental or malicious modifications. This is in line with a general effort to move as much data as possible into .rodata. (See for example[0] and [1]) Unfortunately the tables can not be made const right now because the core registration functions expect mutable tables. This is for two main reasons: 1) sysctl_{set,clear}_perm_empty_ctl_header in the sysctl core modify the table. 2) The table is passed to the handler function as a non-const pointer. This series migrates the core and all handlers. Structure of the series: Patch 1-3: Cleanup patches Patch 4-7: Non-logic preparation patches Patch 8: Preparation patch changing a bit of logic Patch 9-12: Treewide changes to handler function signature Patch 13-14: Adaption of the sysctl core implementation Patch 15: Adaption of the sysctl core interface Patch 16: New entry for checkpatch Patch 17-18: Constification of existing "struct ctl_table"s Tested by booting and with the sysctl selftests on x86. Note: This is intentionally sent only to a small number of people as I'd like to get some more sysctl core-maintainer feedback before sending this to essentially everybody. [0] 43a7206b0963 ("driver core: class: make class_register() take a const *") [1] https://lore.kernel.org/lkml/20230930050033.41174-1-wedsonaf@gmail.com/ --- Changes in v2: - Migrate all handlers. - Remove intermediate "proc_handler_new" step (Thanks Joel). - Drop RFC status. - Prepare other parts of the tree. - Link to v1: https://lore.kernel.org/r/20231125-const-sysctl-v1-0-5e881b0e0290@weissschuh.net --- Thomas Weißschuh (18): watchdog/core: remove sysctl handlers from public header sysctl: delete unused define SYSCTL_PERM_EMPTY_DIR sysctl: drop sysctl_is_perm_empty_ctl_table cgroup: bpf: constify ctl_table arguments and fields seccomp: constify ctl_table arguments of utility functions hugetlb: constify ctl_table arguments of utility functions utsname: constify ctl_table arguments of utility function stackleak: don't modify ctl_table argument sysctl: treewide: constify ctl_table_root::set_ownership sysctl: treewide: constify ctl_table_root::permissions sysctl: treewide: constify ctl_table_header::ctl_table_arg sysctl: treewide: constify the ctl_table argument of handlers sysctl: move sysctl type to ctl_table_header sysctl: move internal interfaces to const struct ctl_table sysctl: allow registration of const struct ctl_table const_structs.checkpatch: add ctl_table sysctl: make ctl_table sysctl_mount_point const sysctl: constify standard sysctl tables arch/arm64/kernel/armv8_deprecated.c | 2 +- arch/arm64/kernel/fpsimd.c | 2 +- arch/s390/appldata/appldata_base.c | 8 +-- arch/s390/kernel/debug.c | 2 +- arch/s390/kernel/topology.c | 2 +- arch/s390/mm/cmm.c | 6 +- arch/x86/kernel/itmt.c | 2 +- drivers/cdrom/cdrom.c | 4 +- drivers/char/random.c | 4 +- drivers/macintosh/mac_hid.c | 2 +- drivers/net/vrf.c | 4 +- drivers/parport/procfs.c | 12 ++-- fs/coredump.c | 2 +- fs/dcache.c | 4 +- fs/drop_caches.c | 2 +- fs/exec.c | 4 +- fs/file_table.c | 2 +- fs/fs-writeback.c | 2 +- fs/inode.c | 4 +- fs/pipe.c | 2 +- fs/proc/internal.h | 2 +- fs/proc/proc_sysctl.c | 102 +++++++++++++++--------------- fs/quota/dquot.c | 2 +- fs/xfs/xfs_sysctl.c | 6 +- include/linux/bpf-cgroup.h | 2 +- include/linux/filter.h | 2 +- include/linux/ftrace.h | 4 +- include/linux/mm.h | 8 +-- include/linux/nmi.h | 7 -- include/linux/perf_event.h | 6 +- include/linux/security.h | 2 +- include/linux/sysctl.h | 78 +++++++++++------------ include/linux/vmstat.h | 6 +- include/linux/writeback.h | 2 +- include/net/ndisc.h | 2 +- include/net/neighbour.h | 6 +- include/net/netfilter/nf_hooks_lwtunnel.h | 2 +- ipc/ipc_sysctl.c | 12 ++-- ipc/mq_sysctl.c | 2 +- kernel/bpf/cgroup.c | 2 +- kernel/bpf/syscall.c | 4 +- kernel/delayacct.c | 4 +- kernel/events/callchain.c | 2 +- kernel/events/core.c | 4 +- kernel/fork.c | 2 +- kernel/hung_task.c | 4 +- kernel/kexec_core.c | 2 +- kernel/kprobes.c | 2 +- kernel/latencytop.c | 4 +- kernel/pid_namespace.c | 2 +- kernel/pid_sysctl.h | 2 +- kernel/printk/internal.h | 2 +- kernel/printk/printk.c | 2 +- kernel/printk/sysctl.c | 5 +- kernel/sched/core.c | 8 +-- kernel/sched/rt.c | 12 ++-- kernel/sched/topology.c | 2 +- kernel/seccomp.c | 8 +-- kernel/stackleak.c | 9 +-- kernel/sysctl.c | 84 ++++++++++++------------ kernel/time/timer.c | 2 +- kernel/trace/ftrace.c | 2 +- kernel/trace/trace.c | 2 +- kernel/trace/trace_events_user.c | 2 +- kernel/trace/trace_stack.c | 2 +- kernel/ucount.c | 4 +- kernel/umh.c | 2 +- kernel/utsname_sysctl.c | 4 +- kernel/watchdog.c | 15 +++-- mm/compaction.c | 8 +-- mm/hugetlb.c | 10 +-- mm/page-writeback.c | 18 +++--- mm/page_alloc.c | 22 +++---- mm/util.c | 12 ++-- mm/vmstat.c | 4 +- net/ax25/sysctl_net_ax25.c | 2 +- net/bridge/br_netfilter_hooks.c | 6 +- net/core/neighbour.c | 24 +++---- net/core/sysctl_net_core.c | 22 +++---- net/ieee802154/6lowpan/reassembly.c | 2 +- net/ipv4/devinet.c | 8 +-- net/ipv4/ip_fragment.c | 2 +- net/ipv4/route.c | 4 +- net/ipv4/sysctl_net_ipv4.c | 35 +++++----- net/ipv4/xfrm4_policy.c | 2 +- net/ipv6/addrconf.c | 29 +++++---- net/ipv6/ndisc.c | 4 +- net/ipv6/netfilter/nf_conntrack_reasm.c | 2 +- net/ipv6/reassembly.c | 2 +- net/ipv6/route.c | 2 +- net/ipv6/sysctl_net_ipv6.c | 10 +-- net/ipv6/xfrm6_policy.c | 2 +- net/mpls/af_mpls.c | 8 +-- net/mptcp/ctrl.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 16 ++--- net/netfilter/nf_conntrack_standalone.c | 4 +- net/netfilter/nf_hooks_lwtunnel.c | 2 +- net/netfilter/nf_log.c | 4 +- net/phonet/sysctl.c | 2 +- net/rds/tcp.c | 4 +- net/sctp/sysctl.c | 30 ++++----- net/smc/smc_sysctl.c | 2 +- net/sunrpc/sysctl.c | 6 +- net/sunrpc/xprtrdma/svc_rdma.c | 2 +- net/sysctl_net.c | 4 +- net/unix/sysctl_net_unix.c | 2 +- net/xfrm/xfrm_sysctl.c | 2 +- scripts/const_structs.checkpatch | 1 + security/apparmor/lsm.c | 2 +- security/min_addr.c | 2 +- security/yama/yama_lsm.c | 2 +- 111 files changed, 427 insertions(+), 428 deletions(-) --- base-commit: 33cc938e65a98f1d29d0a18403dbbee050dcad9a change-id: 20231116-const-sysctl-e14624f1295c Best regards, -- Thomas Weißschuh