From: Kees Cook <kees@kernel.org>
To: Joel Granados <joel.granados@kernel.org>
Cc: Paul Moore <paul@paul-moore.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] loadpin: Implement custom proc_handler for enforce
Date: Tue, 16 Dec 2025 00:37:29 -0800 [thread overview]
Message-ID: <202512160028.8F11A5D19@keescook> (raw)
In-Reply-To: <20251215-jag-const_loadpin-v1-1-6842775f4e90@kernel.org>
On Mon, Dec 15, 2025 at 04:43:48PM +0100, Joel Granados wrote:
> The new proc_handler_loadpin returns -EINVAL when is_loadpin_writable is
> false and the kernel var (enforce) is being written. Move
> loadpin_sysctl_table to .rodata (by const qualifying it) as there is no
> need to change the value of the extra1 entry.
>
> Signed-off-by: Joel Granados <joel.granados@kernel.org>
> ---
> Const qualifying ctl tables is part of the hardening effort in the linux
> kernel.
Ah yes, thanks for getting through these "weird" cases! :)
> ---
> security/loadpin/loadpin.c | 21 ++++++++++++++++-----
> 1 file changed, 16 insertions(+), 5 deletions(-)
>
> diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
> index 273ffbd6defe1324d6688dec5f9fe6c9401283ed..f049c81b82a78265b6ae358bb2a814265cec9f16 100644
> --- a/security/loadpin/loadpin.c
> +++ b/security/loadpin/loadpin.c
> @@ -53,18 +53,29 @@ static bool deny_reading_verity_digests;
> #endif
>
> #ifdef CONFIG_SYSCTL
> -static struct ctl_table loadpin_sysctl_table[] = {
> +static bool is_loadpin_writable;
I would rather that load_root_writable were declared external to
loadpin_check(), and then we could remove set_sysctl() entirely, instead
using load_root_writable as the thing to check in proc_handler_loadpin().
And also rename load_root_writable to "loadpin_root_writable", just to
make it a bit more clear.
-Kees
--
Kees Cook
next prev parent reply other threads:[~2025-12-16 8:37 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-15 15:43 [PATCH] loadpin: Implement custom proc_handler for enforce Joel Granados
2025-12-16 8:37 ` Kees Cook [this message]
2025-12-17 13:25 ` Joel Granados
2025-12-19 10:55 ` Joel Granados
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202512160028.8F11A5D19@keescook \
--to=kees@kernel.org \
--cc=jmorris@namei.org \
--cc=joel.granados@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox