bpf: constify member bpf_sysctl_kern::table

Commit Message

Thomas Weißschuh May 18, 2024, 2:58 p.m. UTC

The sysctl core is preparing to only expose instances of
struct ctl_table as "const".
This will also affect the ctl_table argument of sysctl handlers,
for which bpf_sysctl_kern::table is also used.

As the function prototype of all sysctl handlers throughout the tree
needs to stay consistent that change will be done in one commit.

To reduce the size of that final commit, switch this utility type which
is not bound by "typedef proc_handler" to "const struct ctl_table".

No functional change.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
This patch(set) is meant to be applied through your subsystem tree.
Or at your preference through the sysctl tree.

Motivation
==========

Moving structures containing function pointers into unmodifiable .rodata
prevents attackers or bugs from corrupting and diverting those pointers.

Also the "struct ctl_table" exposed by the sysctl core were never meant
to be mutated by users.

For this goal changes to both the sysctl core and "const" qualifiers for
various sysctl APIs are necessary.

Full Process
============

* Drop ctl_table modifications from the sysctl core ([0], in mainline)
* Constify arguments to ctl_table_root::{set_ownership,permissions}
  ([1], in mainline)
* Migrate users of "ctl_table_header::ctl_table_arg" to "const".
  (in mainline)
* Afterwards convert "ctl_table_header::ctl_table_arg" itself to const.
  (in mainline)
* Prepare helpers used to implement proc_handlers throughout the tree to
  use "const struct ctl_table *". ([2], in progress, this patch)
* Afterwards switch over all proc_handlers callbacks to use
  "const struct ctl_table *" in one commit. ([2], in progress)
  Only custom handlers will be affected, the big commit avoids a
  disruptive and messy transition phase.
* Switch over the internals of the sysctl core to "const struct ctl_table *" (to be done)
* Switch include/linux/sysctl.h to "const struct ctl_table *" (to be done)
* Transition instances of "struct ctl_table" through the tree to const (to be done)

A work-in-progress view containing all the outlined changes can be found at
https://git.sr.ht/~t-8ch/linux sysctl-constfy

[0] https://lore.kernel.org/lkml/20240322-sysctl-empty-dir-v2-0-e559cf8ec7c0@weissschuh.net/
[1] https://lore.kernel.org/lkml/20240315-sysctl-const-ownership-v3-0-b86680eae02e@weissschuh.net/
[2] https://lore.kernel.org/lkml/20240423-sysctl-const-handler-v3-0-e0beccb836e2@weissschuh.net/

Cc: Joel Granados <j.granados@samsung.com>
Cc: Luis Chamberlain <mcgrof@kernel.org>
---
 include/linux/filter.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


---
base-commit: 4b377b4868ef17b040065bd468668c707d2477a5
change-id: 20240511-sysctl-const-handler-bpf-bec93a18ac68

Best regards,

Comments

Joel Granados May 21, 2024, 6:02 a.m. UTC | #1

On Sat, May 18, 2024 at 04:58:47PM +0200, Thomas Weißschuh wrote:
> The sysctl core is preparing to only expose instances of
> struct ctl_table as "const".
> This will also affect the ctl_table argument of sysctl handlers,
> for which bpf_sysctl_kern::table is also used.
...
> Cc: Joel Granados <j.granados@samsung.com>
> Cc: Luis Chamberlain <mcgrof@kernel.org>
> ---
>  include/linux/filter.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/include/linux/filter.h b/include/linux/filter.h
> index 0f12cf01070e..b02aea291b7e 100644
> --- a/include/linux/filter.h
> +++ b/include/linux/filter.h
> @@ -1406,7 +1406,7 @@ struct bpf_sock_ops_kern {
>  
>  struct bpf_sysctl_kern {
>  	struct ctl_table_header *head;
> -	struct ctl_table *table;
> +	const struct ctl_table *table;
>  	void *cur_val;
>  	size_t cur_len;
>  	void *new_val;
> 
> ---
> base-commit: 4b377b4868ef17b040065bd468668c707d2477a5
> change-id: 20240511-sysctl-const-handler-bpf-bec93a18ac68
> 
> Best regards,
> -- 
> Thomas Weißschuh <linux@weissschuh.net>
> 

Reviewed-by: Joel Granados <j.granados@samsung.com>

patchwork-bot+netdevbpf@kernel.org May 24, 2024, 4 p.m. UTC | #2

Hello:

This patch was applied to bpf/bpf-next.git (master)
by Daniel Borkmann <daniel@iogearbox.net>:

On Sat, 18 May 2024 16:58:47 +0200 you wrote:
> The sysctl core is preparing to only expose instances of
> struct ctl_table as "const".
> This will also affect the ctl_table argument of sysctl handlers,
> for which bpf_sysctl_kern::table is also used.
> 
> As the function prototype of all sysctl handlers throughout the tree
> needs to stay consistent that change will be done in one commit.
> 
> [...]

Here is the summary with links:
  - bpf: constify member bpf_sysctl_kern::table
    https://git.kernel.org/bpf/bpf-next/c/2c1713a8f1c9

You are awesome, thank you!

Patch

diff --git a/include/linux/filter.h b/include/linux/filter.h
index 0f12cf01070e..b02aea291b7e 100644
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -1406,7 +1406,7 @@  struct bpf_sock_ops_kern {
 
 struct bpf_sysctl_kern {
 	struct ctl_table_header *head;
-	struct ctl_table *table;
+	const struct ctl_table *table;
 	void *cur_val;
 	size_t cur_len;
 	void *new_val;