[PATCH] security: keys: Make sysctl table const

linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] security: keys: Make sysctl table const
@ 2025-01-23 19:50 Ricardo B. Marliere
  2025-02-27  0:21 ` Paul Moore
  0 siblings, 1 reply; 6+ messages in thread
From: Ricardo B. Marliere @ 2025-01-23 19:50 UTC (permalink / raw)
  To: David Howells, Jarkko Sakkinen, Paul Moore, James Morris,
	Serge E. Hallyn
  Cc: keyrings, linux-security-module, linux-kernel,
	Thomas Weißschuh, Ricardo B. Marliere

Since commit 7abc9b53bd51 ("sysctl: allow registration of const struct
ctl_table"), the sysctl registration API allows for struct ctl_table to be
in read-only memory. Move key_sysctls to be declared at build time, instead
of having to be dynamically allocated at boot time.

Cc: Thomas Weißschuh <linux@weissschuh.net>
Suggested-by: Thomas Weißschuh <linux@weissschuh.net>
Signed-off-by: Ricardo B. Marliere <rbm@suse.com>
---
 security/keys/sysctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/keys/sysctl.c b/security/keys/sysctl.c
index 91f000eef3ad82370250e5238d9c9c80757aab61..cde08c478f3272081304e6db34e36b64ce0d321a 100644
--- a/security/keys/sysctl.c
+++ b/security/keys/sysctl.c
@@ -9,7 +9,7 @@
 #include <linux/sysctl.h>
 #include "internal.h"
 
-static struct ctl_table key_sysctls[] = {
+static const struct ctl_table key_sysctls[] = {
 	{
 		.procname = "maxkeys",
 		.data = &key_quota_maxkeys,

---
base-commit: 714d87c90a766e6917f7d69f618b864d350f09d3
change-id: 20250123-sysctl_const-pcmoore-fa14389b8329

Best regards,
-- 
Ricardo B. Marliere <rbm@suse.com>


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] security: keys: Make sysctl table const
  2025-01-23 19:50 [PATCH] security: keys: Make sysctl table const Ricardo B. Marliere
@ 2025-02-27  0:21 ` Paul Moore
  2025-02-27 10:47   ` Ricardo B. Marlière
  2025-03-01  1:59   ` Jarkko Sakkinen
  0 siblings, 2 replies; 6+ messages in thread
From: Paul Moore @ 2025-02-27  0:21 UTC (permalink / raw)
  To: Ricardo B. Marliere, David Howells, Jarkko Sakkinen
  Cc: James Morris, Serge E. Hallyn, keyrings, linux-security-module,
	linux-kernel, Thomas Weißschuh, Ricardo B. Marliere

On Thu, Jan 23, 2025 at 2:50 PM Ricardo B. Marliere
<ricardo@marliere.net> wrote:
>
> Since commit 7abc9b53bd51 ("sysctl: allow registration of const struct
> ctl_table"), the sysctl registration API allows for struct ctl_table to be
> in read-only memory. Move key_sysctls to be declared at build time, instead
> of having to be dynamically allocated at boot time.
>
> Cc: Thomas Weißschuh <linux@weissschuh.net>
> Suggested-by: Thomas Weißschuh <linux@weissschuh.net>
> Signed-off-by: Ricardo B. Marliere <rbm@suse.com>
> ---
>  security/keys/sysctl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Looks fine to me.  David or Jarkko, this looks like something for the
keys tree, yes?

Reviewed-by: Paul Moore <paul@paul-moore.com>

> diff --git a/security/keys/sysctl.c b/security/keys/sysctl.c
> index 91f000eef3ad82370250e5238d9c9c80757aab61..cde08c478f3272081304e6db34e36b64ce0d321a 100644
> --- a/security/keys/sysctl.c
> +++ b/security/keys/sysctl.c
> @@ -9,7 +9,7 @@
>  #include <linux/sysctl.h>
>  #include "internal.h"
>
> -static struct ctl_table key_sysctls[] = {
> +static const struct ctl_table key_sysctls[] = {
>         {
>                 .procname = "maxkeys",
>                 .data = &key_quota_maxkeys,
>
> ---
> base-commit: 714d87c90a766e6917f7d69f618b864d350f09d3
> change-id: 20250123-sysctl_const-pcmoore-fa14389b8329
>
> Best regards,
> --
> Ricardo B. Marliere <rbm@suse.com>

-- 
paul-moore.com

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] security: keys: Make sysctl table const
  2025-02-27  0:21 ` Paul Moore
@ 2025-02-27 10:47   ` Ricardo B. Marlière
  2025-02-27 16:45     ` Paul Moore
  2025-03-01  1:59   ` Jarkko Sakkinen
  1 sibling, 1 reply; 6+ messages in thread
From: Ricardo B. Marlière @ 2025-02-27 10:47 UTC (permalink / raw)
  To: Paul Moore, Ricardo B. Marliere, David Howells, Jarkko Sakkinen
  Cc: James Morris, Serge E. Hallyn, keyrings, linux-security-module,
	linux-kernel, Thomas Weißschuh

Hi Paul,

On Wed Feb 26, 2025 at 9:21 PM -03, Paul Moore wrote:
> On Thu, Jan 23, 2025 at 2:50 PM Ricardo B. Marliere
> <ricardo@marliere.net> wrote:
>>
>> Since commit 7abc9b53bd51 ("sysctl: allow registration of const struct
>> ctl_table"), the sysctl registration API allows for struct ctl_table to be
>> in read-only memory. Move key_sysctls to be declared at build time, instead
>> of having to be dynamically allocated at boot time.
>>
>> Cc: Thomas Weißschuh <linux@weissschuh.net>
>> Suggested-by: Thomas Weißschuh <linux@weissschuh.net>
>> Signed-off-by: Ricardo B. Marliere <rbm@suse.com>
>> ---
>>  security/keys/sysctl.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> Looks fine to me.  David or Jarkko, this looks like something for the
> keys tree, yes?
>
> Reviewed-by: Paul Moore <paul@paul-moore.com>

Thank you for the review, but I believe this has been done here:

https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1751f872cc97f992ed5c4c72c55588db1f0021e1

>
>> diff --git a/security/keys/sysctl.c b/security/keys/sysctl.c
>> index 91f000eef3ad82370250e5238d9c9c80757aab61..cde08c478f3272081304e6db34e36b64ce0d321a 100644
>> --- a/security/keys/sysctl.c
>> +++ b/security/keys/sysctl.c
>> @@ -9,7 +9,7 @@
>>  #include <linux/sysctl.h>
>>  #include "internal.h"
>>
>> -static struct ctl_table key_sysctls[] = {
>> +static const struct ctl_table key_sysctls[] = {
>>         {
>>                 .procname = "maxkeys",
>>                 .data = &key_quota_maxkeys,
>>
>> ---
>> base-commit: 714d87c90a766e6917f7d69f618b864d350f09d3
>> change-id: 20250123-sysctl_const-pcmoore-fa14389b8329
>>
>> Best regards,
>> --
>> Ricardo B. Marliere <rbm@suse.com>


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] security: keys: Make sysctl table const
  2025-02-27 10:47   ` Ricardo B. Marlière
@ 2025-02-27 16:45     ` Paul Moore
  2025-03-01  2:00       ` Jarkko Sakkinen
  0 siblings, 1 reply; 6+ messages in thread
From: Paul Moore @ 2025-02-27 16:45 UTC (permalink / raw)
  To: Ricardo B. Marlière
  Cc: Ricardo B. Marliere, David Howells, Jarkko Sakkinen, James Morris,
	Serge E. Hallyn, keyrings, linux-security-module, linux-kernel,
	Thomas Weißschuh

On Thu, Feb 27, 2025 at 5:47 AM Ricardo B. Marlière <rbm@suse.com> wrote:
> On Wed Feb 26, 2025 at 9:21 PM -03, Paul Moore wrote:
> > On Thu, Jan 23, 2025 at 2:50 PM Ricardo B. Marliere
> > <ricardo@marliere.net> wrote:
> >>
> >> Since commit 7abc9b53bd51 ("sysctl: allow registration of const struct
> >> ctl_table"), the sysctl registration API allows for struct ctl_table to be
> >> in read-only memory. Move key_sysctls to be declared at build time, instead
> >> of having to be dynamically allocated at boot time.
> >>
> >> Cc: Thomas Weißschuh <linux@weissschuh.net>
> >> Suggested-by: Thomas Weißschuh <linux@weissschuh.net>
> >> Signed-off-by: Ricardo B. Marliere <rbm@suse.com>
> >> ---
> >>  security/keys/sysctl.c | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > Looks fine to me.  David or Jarkko, this looks like something for the
> > keys tree, yes?
> >
> > Reviewed-by: Paul Moore <paul@paul-moore.com>
>
> Thank you for the review, but I believe this has been done here:
>
> https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1751f872cc97f992ed5c4c72c55588db1f0021e1

Even better :)  Thanks for the update Ricardo.

-- 
paul-moore.com

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] security: keys: Make sysctl table const
  2025-02-27  0:21 ` Paul Moore
  2025-02-27 10:47   ` Ricardo B. Marlière
@ 2025-03-01  1:59   ` Jarkko Sakkinen
  1 sibling, 0 replies; 6+ messages in thread
From: Jarkko Sakkinen @ 2025-03-01  1:59 UTC (permalink / raw)
  To: Paul Moore
  Cc: Ricardo B. Marliere, David Howells, James Morris, Serge E. Hallyn,
	keyrings, linux-security-module, linux-kernel,
	Thomas Weißschuh, Ricardo B. Marliere

On Wed, Feb 26, 2025 at 07:21:39PM -0500, Paul Moore wrote:
> On Thu, Jan 23, 2025 at 2:50 PM Ricardo B. Marliere
> <ricardo@marliere.net> wrote:
> >
> > Since commit 7abc9b53bd51 ("sysctl: allow registration of const struct
> > ctl_table"), the sysctl registration API allows for struct ctl_table to be
> > in read-only memory. Move key_sysctls to be declared at build time, instead
> > of having to be dynamically allocated at boot time.
> >
> > Cc: Thomas Weißschuh <linux@weissschuh.net>
> > Suggested-by: Thomas Weißschuh <linux@weissschuh.net>
> > Signed-off-by: Ricardo B. Marliere <rbm@suse.com>
> > ---
> >  security/keys/sysctl.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> Looks fine to me.  David or Jarkko, this looks like something for the
> keys tree, yes?
> 
> Reviewed-by: Paul Moore <paul@paul-moore.com>

I can pick this after back from holiday on next week.

Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>

BR, Jarkko

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] security: keys: Make sysctl table const
  2025-02-27 16:45     ` Paul Moore
@ 2025-03-01  2:00       ` Jarkko Sakkinen
  0 siblings, 0 replies; 6+ messages in thread
From: Jarkko Sakkinen @ 2025-03-01  2:00 UTC (permalink / raw)
  To: Paul Moore
  Cc: Ricardo B. Marlière, Ricardo B. Marliere, David Howells,
	James Morris, Serge E. Hallyn, keyrings, linux-security-module,
	linux-kernel, Thomas Weißschuh

On Thu, Feb 27, 2025 at 11:45:09AM -0500, Paul Moore wrote:
> On Thu, Feb 27, 2025 at 5:47 AM Ricardo B. Marlière <rbm@suse.com> wrote:
> > On Wed Feb 26, 2025 at 9:21 PM -03, Paul Moore wrote:
> > > On Thu, Jan 23, 2025 at 2:50 PM Ricardo B. Marliere
> > > <ricardo@marliere.net> wrote:
> > >>
> > >> Since commit 7abc9b53bd51 ("sysctl: allow registration of const struct
> > >> ctl_table"), the sysctl registration API allows for struct ctl_table to be
> > >> in read-only memory. Move key_sysctls to be declared at build time, instead
> > >> of having to be dynamically allocated at boot time.
> > >>
> > >> Cc: Thomas Weißschuh <linux@weissschuh.net>
> > >> Suggested-by: Thomas Weißschuh <linux@weissschuh.net>
> > >> Signed-off-by: Ricardo B. Marliere <rbm@suse.com>
> > >> ---
> > >>  security/keys/sysctl.c | 2 +-
> > >>  1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > Looks fine to me.  David or Jarkko, this looks like something for the
> > > keys tree, yes?
> > >
> > > Reviewed-by: Paul Moore <paul@paul-moore.com>
> >
> > Thank you for the review, but I believe this has been done here:
> >
> > https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1751f872cc97f992ed5c4c72c55588db1f0021e1
> 
> Even better :)  Thanks for the update Ricardo.

+1 

BR, Jarkko

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2025-03-01  2:01 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-01-23 19:50 [PATCH] security: keys: Make sysctl table const Ricardo B. Marliere
2025-02-27  0:21 ` Paul Moore
2025-02-27 10:47   ` Ricardo B. Marlière
2025-02-27 16:45     ` Paul Moore
2025-03-01  2:00       ` Jarkko Sakkinen
2025-03-01  1:59   ` Jarkko Sakkinen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).