From patchwork Fri Mar 15 20:47:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13593976 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EEF69C54E6A for ; Fri, 15 Mar 2024 20:48:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D602A80142; Fri, 15 Mar 2024 16:48:22 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D0B1D800B4; Fri, 15 Mar 2024 16:48:22 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B845980142; Fri, 15 Mar 2024 16:48:22 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id AB5B1800B4 for ; Fri, 15 Mar 2024 16:48:22 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 85FAE140DB2 for ; Fri, 15 Mar 2024 20:48:22 +0000 (UTC) X-FDA: 81900461244.21.75CB5C4 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by imf03.hostedemail.com (Postfix) with ESMTP id 8AD0F20004 for ; Fri, 15 Mar 2024 20:48:20 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=weissschuh.net header.s=mail header.b=KAKMyTIr; spf=pass (imf03.hostedemail.com: domain of linux@weissschuh.net designates 159.69.126.157 as permitted sender) smtp.mailfrom=linux@weissschuh.net; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1710535700; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=k6t3DmZzxMUzMtsSE5OLzF4+BBya42FgEYUbAPENz4M=; b=tsT+GGVvgwinSsRwp0ZKN0LocKccuLrIFVvB4eHJ70mQpnfT9waTWV/HnKofM1e9l5D5Gg ijjFa+iez7VSyW3wGhyBMpirFpu6/MXYNobBBUzB6hYFQmbdtTZcJ6/JQAOA+vkSZ0u3yv hBVpq6npD2B6ZNf+hT3U3h7PajnRvUA= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1710535700; a=rsa-sha256; cv=none; b=iAa7mxCCRm0ehohdaPAXrhul8LmXetURKWsjS2/jnSRytqe09G5kHwNdwV5ltHrFYrCk27 DYxHuadEjBDkGAPB1oLPgYuhzP4lIEIrketXb+5DgoYSkbOT85lk9EFdPjO3oDetvmgx3S F7xsaAklOZwuVK10RuN/kMbWRWivNNc= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=weissschuh.net header.s=mail header.b=KAKMyTIr; spf=pass (imf03.hostedemail.com: domain of linux@weissschuh.net designates 159.69.126.157 as permitted sender) smtp.mailfrom=linux@weissschuh.net; dmarc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1710535696; bh=H2m3CgyPxKp8J+A7s6etu+nqQuMydVMaRq2xUBYcaE4=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=KAKMyTIrxsBKgzyowba560Va0oJiD0MsSOpq/KKmIhQMjwW/Y1aOE3/Dn8oyWJu3Q ch5t4fh43gRp6lXO3u/WZdPgPrZC1ZY1fTdYnJOWWejpqsv3ZFOQdJBBdBPCMymWyi mjiCD+xXA6BByHT9/rUXPnIE44pC/sa/0O7fCWDk= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Fri, 15 Mar 2024 21:47:59 +0100 Subject: [PATCH 01/11] stackleak: don't modify ctl_table argument MIME-Version: 1.0 Message-Id: <20240315-sysctl-const-handler-v1-1-1322ac7cb03d@weissschuh.net> References: <20240315-sysctl-const-handler-v1-0-1322ac7cb03d@weissschuh.net> In-Reply-To: <20240315-sysctl-const-handler-v1-0-1322ac7cb03d@weissschuh.net> To: Greg Kroah-Hartman , Kees Cook , Alexei Starovoitov , Daniel Borkmann , John Fastabend , Andrii Nakryiko , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Muchun Song , Andrew Morton , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , David Ahern , Simon Horman , Julian Anastasov , Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , Luis Chamberlain , Joel Granados , Catalin Marinas , Will Deacon , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Gerald Schaefer , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Phillip Potter , Theodore Ts'o , "Jason A. Donenfeld" , Sudip Mukherjee , Mark Rutland , Atish Patra , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Alexander Viro , Christian Brauner , Jan Kara , Eric Biederman , Chandan Babu R , "Darrick J. Wong" , Steven Rostedt , Masami Hiramatsu , Peter Zijlstra , Arnaldo Carvalho de Melo , Namhyung Kim , Alexander Shishkin , Ian Rogers , Adrian Hunter , Balbir Singh , "Naveen N. Rao" , Anil S Keshavamurthy , Petr Mladek , John Ogness , Sergey Senozhatsky , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Ben Segall , Mel Gorman , Daniel Bristot de Oliveira , Valentin Schneider , Andy Lutomirski , Will Drewry , John Stultz , Stephen Boyd , Mathieu Desnoyers , "Matthew Wilcox (Oracle)" , Roopa Prabhu , Nikolay Aleksandrov , Remi Denis-Courmont , Allison Henderson , Marcelo Ricardo Leitner , Xin Long , Chuck Lever , Jeff Layton , Neil Brown , Olga Kornievskaia , Dai Ngo , Tom Talpey , Trond Myklebust , Anna Schumaker , John Johansen , Paul Moore , James Morris , "Serge E. Hallyn" , Alexander Popov Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, bpf@vger.kernel.org, linux-mm@kvack.org, netdev@vger.kernel.org, lvs-devel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, linux-fsdevel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-s390@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org, linux-xfs@vger.kernel.org, linux-trace-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org, kexec@lists.infradead.org, bridge@lists.linux.dev, linux-rdma@vger.kernel.org, rds-devel@oss.oracle.com, linux-sctp@vger.kernel.org, linux-nfs@vger.kernel.org, apparmor@lists.ubuntu.com, linux-security-module@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1710535695; l=1205; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=H2m3CgyPxKp8J+A7s6etu+nqQuMydVMaRq2xUBYcaE4=; b=DLCpjj80ePju45B1sM6SeMu3SU3+SovEAF9F+apF8HUTZcbHxhK7sFWDz+WraIYUf5lzi8ctP 25gNqwcr0i1CjOhkjNKarmdmKbieJ/tL+nZegKGxX2K6TvuJVTedQUi X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= X-Rspamd-Queue-Id: 8AD0F20004 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: umz4yxdn45umq3wi1jk985bfa6wm6ead X-HE-Tag: 1710535700-855289 X-HE-Meta: U2FsdGVkX1+jSQnpxnXpAAIU1uXshtpopuArWWiZ0Ve7teix5cV3mzjzFEDiJJHLVHvFDBSH2tWjUiwSpLbihCrujWMpq24KLPA3zWGAyPXRiV6rx/6cS3WS4lTNB7SZptP15OROEP0s3RFZHBktVb3f2sRymSaxGDRcsksPDIAQm8twzimucyb+0En/etHiG/4FpvLcoo9oAylAGU+n8uQW8TC9B5Lrwt6IqezWTZf4/HgMZzgNWLlXngbX5LOj+LxOGbK9f1GH807KGSzOIEvic0BCEDGwn8xhq7TIO3qddXt2b6PbCpB9J34Wq/LZgJleCuZGC+C7Tr7w2k+QtK8T2L4XEjZyIZRG9fFIpLqA6HYAqgBB2w0Q5vWq/UcR9OZuJUMSHKvER+bYS6ZmiR7iI31yZDQQLA6NCovttVDwkRW6asUaQPTDvC2JjNapOFVBmob43y+z4Kk9CUgFaBB/B44FO5OixTxIFRmXMs00LquyICgkpDLSEXlfMW43giWN8WO/rH9ziUbKlSxiZH2joFYMXYiexEe0gNpcZHcM15VX5oUjfB7tx20vDeH6x9LWluASQQzmkOdeUZ8R1mobXByAeKEKMUCnNKINdcHSfel5SFbvcLzO4JJ3PIVUzfG5RMq48DLiG865DwB9AnWcHHJV9bMU1znpC9/hy7RsxREnkDp806MOD3+7SKbRE6F4oJXpGxAA0R/39lq2/a2J2xREzLb7vA8cCSdiruLSWi8r5PUBy/RQH02MYexUHP4PobLdp+uMBOgMDkeX5rHalkvrWwTrRNrCj6QGDmGa4PmchlcIch68IDZjwZQ8/m01BoZNhEdPUW+Jw5pTWiLTVLsAejxwf7TQdu75QjGK/4aizrMYN+wEPLDNce2we3+SzEbPVB+gq2Ij53V+0cmQX/5kCHNwOX9wdj43fGxxlrp2XRmdJ09sk1lA335uiIW3OwkJ7EONa9MLJjV /+YJHiQ+ O1Aef5+HNQqTMVZkqMHBhZdgB5cqO+R/O9/HBSx9jH51zJfAZi1+2mIvlDLXL8T4+NmIPwymeLlPjQC3i3XcgJ2pNAFiaD4UDvwWMFcGw4c7ZRDzrcQ2IbWttCKnlFqqtVYpznEGfv8qFt/9PFfB9YmJLHZVzB+smmUUfpRNZKBkmHl383MSPWWIsL/7zviqCcdl0xJBh6g+yjdKag86hN+cXdpHdh3PQHXWgdkwxTAgaAw4NnykMj+3Hib4T1aGyBOogxS5mSL1/Ys14qR7ny+AtMZvSU5zM4DdTFg+zMHXUNa9j3IXtBAUfNFXQxAsLdot5sLzEmiHSVCZ+mTJud/zRfv5r4wjL9LLVAe6BzsQ97Uj8D5Suloid1J23+JhjzUeAj+XCF0RJae2AjtyFuSk2jpkz38Yo0jWd4zWeWpsK7vftM+xJomJXem+VFD32VGfbpo+vJiS9/NUgovdnVQxQz73XWpb9TZIAJH1DC+4uU849hgqw5NXKbVLOnOncSt0mYrexnjEOr4BVvVfJPsm6msRATSnHjlEKAIT863m6BHA1pSTZPGg1IAW4ZVupVIii3zepB8YuRZshveA3cnGnUO/9eQmNud9fdTO5VZRvNADoRXB5gCBldvfHa8yjJXDZ7hTtQAGAeYaOgOtKyDMTf/vD7TVa4ZEDDoAHBU29J8+vUFNiGTb1ZQvyMkwxVVsn05DjDZ6HkBpvjOl/KihTbhE3XGZaK6vKhId/2KK0g127DGuMEwadaZ1FPEXEdGyL91G42NMHQOQtI09V9ciZSYB8Ajf94Hdi/Ge+8fQFKyhdFZjMX3GHrdWkIB3JdRBoVGybquR0q5jcSs3H/HqeaK9E6BVXjKegmxIIB+sG3rmki/WBRmzrL4rE2Gm29CNIxrM4SL2yiq/IsB99XrfAuCbmREfiTqzvyVsm9RifqaVc7ExtzV97rY9K4yVYsmLIyRz/OO/KBTR2RKpZCGWNznd7 4dhnHgNc VErKi0EU1L7QKHJ60zfKYgZxjPFAHaUUNybeYMRPzksyndDRsAjCvjy3GYOtQVtPbb9RohUs4/k/v8OcKy0Esxgqz/PmNf+Z5/6rYMUphs4rDIMLjZ9CCzZwyLlUiRy3X15xhJY0WBYRFFZ90sqyCsuYsiKa2Cn0shQKJm2AcBN3izj3aeBIw7sLGZ2VoWCiU+F13U0d1MiuTFvhCGd0TOXJq+z03APVstkqeVutj5cnYFufnguGJpJkko3s4lDQ0dPSi8UGk1+n4uiFtka5lRQ6qG9kf8Sl1gmKrxie08Jj7j6svQrfkO+idVYRLaBkqa5ifksYRJ8NiZECjKqs64OP6yROwT8i8EbKzpBhn+qU3o3eTaHV1uraUiOVmMhigh4Rl/uiQJNVseYDBN9L6ahiGHlqSKVuiZqz80IAjzVgd0ojBtpt3fRJbkKBMUzbQ+1bRo9E1y2vnUJeG3JVVz94oAgNb22RKmdz3LBW6JYKpqb1SqGENDcqtCkK7hzgae1BetGcnRRVxPXXhzjB6WD7Dhul4nbqkiOryDZe3HdTNOKxtEfF8dA4tKw0oMZprX1bIkwUVfotljtu+p9chbXYB6Z3vVqnddwRAib1PxCUXsx2JhIYKMrLKRWic96336kDxkVoxcXOHIXWImIw8I1cYh1UO1c5XgQIlYOjQrBzMT3rqibo7F2rQwMUWNaGudjy6S0EKPWt1LT+/jY+H5mSu8778BbDbWRsT0kM0rPYWkVseEGDRZjx8C9WOuXJzHZTDAuSF41OCRL3K93gSZvMO26wFuKlosmPEtbz8EqXs6vGukc5tBFSkn0POztHdroFa5JE3r6/wHvWmkcfir73KjABOhCpPdtfiGyf+Skq9ej3oCFbN1lyUlL2D44EM9Qd2vsigGe/omjeOzKt7tD4AE0jCUX0weowriZkzSDNul8S9UESJG7I+hv15vDPuP5DKOn3NQiKlgjs8lsT7wEZgk5U+ xLN/BgVJ D09iD9bJ3UGDj7KtoFdMUhphiUac301pLBjPnKNJS3au74v2YF5WFHLDsv2jIniz9HggHH2jZvx/pbf5SprwIxwJolD52Obotc+hFx3XMPYPplwokCWVZFj00+McFKXWb/skILzWXFQV0tkLEeqJpqiuZkXL08J7HGurp1uud6pU+8hbGhLEkAd9ETEdhqdbyawxFc9FyE9qcXwkB9ROA9CZfNe9C99b1FQNsR5h2KkwiXtf5ajhLo+0nDRnWazPm9oEs4IHgTB4z1QP1aCNFvU1o6YvDiyeSpP0qfqBxrd/lMcAom0RXRa/E12dfflSFsa9DL8O9yOinVHvi+rf7znon1Z75SQfp5mqEnHXPmA08sWhDW2+lAhYqp5/ZlKKG8bB2PpYdY/DkFCtbK79nuppNUcDSFV38YYaEn1hwfS5JM00wUlsnLrdSBmy9Ghp9/3PjttYeAgm23IMKYGdALoJoJipXl8wx8XByzflq+cswOrLnhPxUThp4Y5sq6qUw6WjSqptT0+Va1qsj9BWmV+k5aDT5E4oKhRWNG4keyZqQfZdyD3VDH8KSWHrS8XU6DTLLWwnOGz6uzr+w3C35/MOa0WwJpovA+Z1cJr5cmcQyu8ZbjtvQA/HYh2bjgGrr2x0xh8S1GOURJBCjiPFzCGXtOIC+P0q1xSx1rnwayd7QAn7LHI0XnW8edVE7CetFECpH9MluYhRlZ1uq9jvhgp82M5i+ryFI+yvk2zCHPgplD+dmOnyk0kCi2Szc86z7uZ77mmJwEDg3T7wq9i8Qsuh9Bh8/GU5sP3ylVtQF0Qx1xMWMB5lb9MmIPGt+NNvwqSWNQdg3zXvJnH3bRVnazd0TJ71UFcYaa5Za/7Abb85MT0RUko0fQmzB7wecsp2St5JdSo027xIixSsa7odf8dOpC9pOhripEGX1W2AiCrphSKK9UTjpW6u9k0otq5CA3Ysy1Xjb0O+Lhhly3kzvEk7fSzeV DiJSNu55 AeS3h3qkCdU/boBUaekZ0RjRZPGaaoLO0rB28YKpNCd7ch8IXT4hV59/KqEFdPHk/ZSVmSMBwQyiE+rN0x7iEnrkTPs+8rVaUGyeZ3zd6CfPFaKUhIuIbmb3UGmiWgZiACYMw7hU9YcEFALfgDSou58CeZEJ3Ofa6gudnv6drFXSSzUPP1meYNk3zcsOYDDi0RVPDBFifrv93CEK5QIXllM+qMErA9vEfSp6CfxzorjOP3d01KbWA3+CkrytOcvp1JaASr/pRIQ53g0MQRGXUr3jkHz1iclPpxMV6XcEaznS43TvKClbwvDhE5XL5DW1BL7WgeUaN5KX7njWmh1+IFbsxKlfKyYXD19U8qdRtBDb/vNoLlE95LXLAckOC0HgSND3J0gUUNfQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In a future commit the proc_handlers will change to "const struct ctl_table". As a preparation for that adapt the logic to work with a temporary variable, similar to how it is done in other parts of the kernel. Fixes: 964c9dff0091 ("stackleak: Allow runtime disabling of kernel stack erasing") Acked-by: Kees Cook Signed-off-by: Thomas Weißschuh --- kernel/stackleak.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/kernel/stackleak.c b/kernel/stackleak.c index 34c9d81eea94..b292e5ca0b7d 100644 --- a/kernel/stackleak.c +++ b/kernel/stackleak.c @@ -27,10 +27,11 @@ static int stack_erasing_sysctl(struct ctl_table *table, int write, int ret = 0; int state = !static_branch_unlikely(&stack_erasing_bypass); int prev_state = state; + struct ctl_table tmp = *table; - table->data = &state; - table->maxlen = sizeof(int); - ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); + tmp.data = &state; + tmp.maxlen = sizeof(int); + ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); state = !!state; if (ret || !write || state == prev_state) return ret;