Re: [PATCH v5] sysctl: simplify the min/max boundary check

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Wen Yang <wen.yang@linux.dev>
To: Joel Granados <joel.granados@kernel.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
	Luis Chamberlain <mcgrof@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Christian Brauner <brauner@kernel.org>,
	Dave Young <dyoung@redhat.com>,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH v5] sysctl: simplify the min/max boundary check
Date: Wed, 12 Mar 2025 22:54:18 +0800	[thread overview]
Message-ID: <c7bb4c95-28ff-4a84-8027-f8bce25b0a30@linux.dev> (raw)
In-Reply-To: <csfegppvkhnl33x37335dsxdxmlzn7jairgsucxl5rdo3d6yzi@2z3nfgtcy7eg>



On 2025/3/10 22:25, Joel Granados wrote:
> On Thu, Mar 06, 2025 at 09:33:39PM +0800, Wen Yang wrote:
>>
>>
>> On 2025/3/3 17:26, Joel Granados wrote:
>>> On Thu, Jan 30, 2025 at 10:32:14PM +0800, Wen Yang wrote:
>>>>
>>>>
>>>> On 2025/1/28 01:51, Eric W. Biederman wrote:
>>>>> Joel Granados <joel.granados@kernel.org> writes:
>>>>>
>>>>>> On Thu, Jan 23, 2025 at 12:30:25PM -0600, Eric W. Biederman wrote:
>>>>>>> "Eric W. Biederman" <ebiederm@xmission.com> writes:
>>>>>>>
>>>>>>>> Joel Granados <joel.granados@kernel.org> writes:
>>>>>>>>
>>>>>>>>> On Sun, Jan 19, 2025 at 10:59:21PM +0800, Wen Yang wrote:
>>> ...
> ...
>>> Quick question: Do you have a systemic way of identifying these? Do you
>>> have a grep or awk scripts somewhere? I'm actually very interested in
>>> finding out what is the impact of this.
>>>
>>
>> Thanks, we may use the following simple scripts:
>>
>> - the extra {1,2} as pointers to some objects:
>> $ grep "\.extra1\|\.extra2" * -R | grep -v "SYSCTL_" | grep -v "\&"
> This is actually pretty nice. Thx for that. I executed it a bit
> differently:
> 
> $  git grep "\.extra1\|\.extra2" | grep -v "SYSCTL_" | grep -v "&"
> 
> I also went and did something way more complicated :). I created an
> smatch check [1] and ran it on a allyes config. This gave me all of your
> results except the openat2 selftests. This might be something to
> consider for when this is finished to add a check so that ppl don't just
> add an int or a long to a extra
> 
> Best
> 
> [1]: https://github.com/Joelgranados/smatch/tree/jag/extra_ptr
> 

Thanks.
This is an excellent approach!
We will also learn to apply it in our code.

--
Best wishes,
Wen

> 
>>
>> - the extra {1,2} as pointers to elements in the shared constant array:
>> $ grep "\.extra1\|\.extra2" * -R | grep "SYSCTL_"
>>
>> - the extra {1,2} as pointers to additional constant variables:
>> $ grep "\.extra1\|\.extra2" * -R | grep "\&"
>>
>>
>> --
>> Best wishes,
>> Wen
>>
>>
>>>
>>>
>>>>
>>>>
>>>> So could we modify it in this way to make it compatible with these two
>>>> situations:
>>>>
>>>> @@ -137,8 +137,16 @@ struct ctl_table {
>>>>           umode_t mode;
>>>>           proc_handler *proc_handler;     /* Callback for text formatting */
>>>>           struct ctl_table_poll *poll;
>>>> -       void *extra1;
>>>> -       void *extra2;
>>>> +       union {
>>>> +               struct {
>>>> +                       void *extra1;
>>>> +                       void *extra2;
>>>> +               };
>>>> +               struct {
>>>> +                       unsigned long min;
>>>> +                       unsigned long max;
>>>> +               };
>>>> +       };
>>>>    } __randomize_layout;
>>>>
>>>>
>>>> --
>>>> Best wishes,
>>>> Wen
>>>>
>>>
>

next prev parent reply	other threads:[~2025-03-12 14:54 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-01-05 15:28 [PATCH v5] sysctl: simplify the min/max boundary check Wen Yang
2025-01-16  9:37 ` Joel Granados
2025-01-19 14:59   ` Wen Yang
2025-01-22 12:57     ` Joel Granados
2025-01-23 18:13       ` Eric W. Biederman
2025-01-23 18:30         ` Eric W. Biederman
2025-01-27 13:34           ` Joel Granados
2025-01-27 17:51             ` Eric W. Biederman
2025-01-30 14:32               ` Wen Yang
2025-02-27 14:09                 ` Joel Granados
2025-12-19 14:44                   ` Joel Granados
2025-12-19 18:10                     ` Wen Yang
2025-12-22 21:59                       ` Joel Granados
2025-03-03  9:26                 ` Joel Granados
2025-03-06 13:33                   ` Wen Yang
2025-03-10 14:25                     ` Joel Granados
2025-03-12 14:54                       ` Wen Yang [this message]
2025-02-27 14:07               ` Joel Granados
2025-03-01  3:49                 ` Wen Yang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=c7bb4c95-28ff-4a84-8027-f8bce25b0a30@linux.dev \
    --to=wen.yang@linux.dev \
    --cc=brauner@kernel.org \
    --cc=dyoung@redhat.com \
    --cc=ebiederm@xmission.com \
    --cc=joel.granados@kernel.org \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mcgrof@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox