From: "Thomas Weißschuh" <linux@weissschuh.net>
To: Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <martin.lau@linux.dev>,
Eduard Zingerman <eddyz87@gmail.com>, Song Liu <song@kernel.org>,
Yonghong Song <yonghong.song@linux.dev>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
Stanislav Fomichev <sdf@fomichev.me>,
Hao Luo <haoluo@google.com>, Jiri Olsa <jolsa@kernel.org>,
Luis Chamberlain <mcgrof@kernel.org>,
Kees Cook <kees@kernel.org>,
Joel Granados <j.granados@samsung.com>
Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
"Thomas Weißschuh" <linux@weissschuh.net>,
stable@vger.kernel.org
Subject: [PATCH v2 0/6] sysctl: prepare sysctl core for const struct ctl_table
Date: Mon, 05 Aug 2024 11:39:34 +0200 [thread overview]
Message-ID: <20240805-sysctl-const-api-v2-0-52c85f02ee5e@weissschuh.net> (raw)
Adapt the internal and external APIs of the sysctl core to handle
read-only instances of "struct ctl_table".
Patch 1: Bugfix for the sysctl core, the bug can be reliably triggered
with the series applied
Patch 2: Trivial preparation commit for the sysctl BPF hook
Patch 3: Adapts the internal sysctl APIs
Patch 4: Adapts the external sysctl APIs
Patch 5: Constifies the sysctl internal tables as proof that it works
Patch 6: Updates scripts/const_structs.checkpatch for "struct ctl_table"
Motivation
==========
Moving structures containing function pointers into unmodifiable .rodata
prevents attackers or bugs from corrupting and diverting those pointers.
Also the "struct ctl_table" exposed by the sysctl core were never meant
to be mutated by users.
For this goal changes to both the sysctl core and "const" qualifiers for
various sysctl APIs are necessary.
Full Process
============
* Drop ctl_table modifications from the sysctl core ([0], in mainline)
* Constify arguments to ctl_table_root::{set_ownership,permissions}
([1], in mainline)
* Migrate users of "ctl_table_header::ctl_table_arg" to "const".
(in mainline)
* Afterwards convert "ctl_table_header::ctl_table_arg" itself to const.
(in mainline)
* Prepare helpers used to implement proc_handlers throughout the tree to
use "const struct ctl_table *". ([2], in mainline)
* Afterwards switch over all proc_handlers callbacks to use
"const struct ctl_table *" in one commit. (in mainline)
* Switch over the internals of the sysctl core to "const struct ctl_table *" (this series)
* Switch include/linux/sysctl.h to "const struct ctl_table *" (this series)
* Transition instances of "struct ctl_table" through the tree to const (to be done)
This series is meant to be applied through the sysctl tree.
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
Changes in v2:
- Avoid spurious permanent empty tables (patch 1)
- Link to v1: https://lore.kernel.org/r/20240729-sysctl-const-api-v1-0-ca628c7a942c@weissschuh.net
---
Thomas Weißschuh (6):
sysctl: avoid spurious permanent empty tables
bpf: Constify ctl_table argument of filter function
sysctl: move internal interfaces to const struct ctl_table
sysctl: allow registration of const struct ctl_table
sysctl: make internal ctl_tables const
const_structs.checkpatch: add ctl_table
fs/proc/internal.h | 2 +-
fs/proc/proc_sysctl.c | 100 +++++++++++++++++++++------------------
include/linux/bpf-cgroup.h | 2 +-
include/linux/sysctl.h | 12 ++---
kernel/bpf/cgroup.c | 2 +-
scripts/const_structs.checkpatch | 1 +
6 files changed, 63 insertions(+), 56 deletions(-)
---
base-commit: 8400291e289ee6b2bf9779ff1c83a291501f017b
change-id: 20240729-sysctl-const-api-73954f3d62c1
Best regards,
--
Thomas Weißschuh <linux@weissschuh.net>
next reply other threads:[~2024-08-05 9:40 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-05 9:39 Thomas Weißschuh [this message]
2024-08-05 9:39 ` [PATCH v2 1/6] sysctl: avoid spurious permanent empty tables Thomas Weißschuh
2024-08-24 18:05 ` Thomas Weißschuh
2024-09-02 9:19 ` Joel Granados
2024-08-05 9:39 ` [PATCH v2 2/6] bpf: Constify ctl_table argument of filter function Thomas Weißschuh
2024-08-05 9:39 ` [PATCH v2 3/6] sysctl: move internal interfaces to const struct ctl_table Thomas Weißschuh
2024-08-05 9:39 ` [PATCH v2 4/6] sysctl: allow registration of " Thomas Weißschuh
2024-08-05 9:39 ` [PATCH v2 5/6] sysctl: make internal ctl_tables const Thomas Weißschuh
2024-08-05 9:39 ` [PATCH v2 6/6] const_structs.checkpatch: add ctl_table Thomas Weißschuh
2024-10-09 11:56 ` [PATCH v2 0/6] sysctl: prepare sysctl core for const struct ctl_table Joel Granados
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240805-sysctl-const-api-v2-0-52c85f02ee5e@weissschuh.net \
--to=linux@weissschuh.net \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=haoluo@google.com \
--cc=j.granados@samsung.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kees@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mcgrof@kernel.org \
--cc=sdf@fomichev.me \
--cc=song@kernel.org \
--cc=stable@vger.kernel.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).