From patchwork Mon Dec 4 07:52:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477848 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="YZPlhHxE" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 28D46FF; Sun, 3 Dec 2023 23:52:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676351; bh=jiUoP9EILBqjXJdhjCd6wCOIBwbA+1GPrmYgkgR4m/M=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=YZPlhHxEX6oI7g8G2LKXf/0qWZsZyCVOccYQzag5Ib0JfOmdslPSqC02Lm5IVfa3V NfYWDXaB1wpUtcwFKNl/iui8AG1y0biZQzCEo/kstXkAPmgY865s0R0m17Uq6kJPoA 5Hhw+R4gLkxRIE/ks80cNBL7k4qMXjau4nE8joP4= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:14 +0100 Subject: [PATCH v2 01/18] watchdog/core: remove sysctl handlers from public header Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-1-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=3077; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=jiUoP9EILBqjXJdhjCd6wCOIBwbA+1GPrmYgkgR4m/M=; b=N668jhYnDq/m98yRu3KJUDGYvbbTXjPausZ1wtJee7HDZsf73TfhAf+uRsaSar7Bl1MjM4b1f y4xDB12U1prASWAMR2lxo2BG40azT17eSnNK1xvNxwTk7wvRe1prpvc X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= The functions are only used in the file where they are defined. Remove them from the header and make them static. Signed-off-by: Thomas Weißschuh --- include/linux/nmi.h | 7 ------- kernel/watchdog.c | 10 +++++----- 2 files changed, 5 insertions(+), 12 deletions(-) diff --git a/include/linux/nmi.h b/include/linux/nmi.h index e92e378df000..f53438eae815 100644 --- a/include/linux/nmi.h +++ b/include/linux/nmi.h @@ -216,13 +216,6 @@ void watchdog_update_hrtimer_threshold(u64 period); static inline void watchdog_update_hrtimer_threshold(u64 period) { } #endif -struct ctl_table; -int proc_watchdog(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_nmi_watchdog(struct ctl_table *, int , void *, size_t *, loff_t *); -int proc_soft_watchdog(struct ctl_table *, int , void *, size_t *, loff_t *); -int proc_watchdog_thresh(struct ctl_table *, int , void *, size_t *, loff_t *); -int proc_watchdog_cpumask(struct ctl_table *, int, void *, size_t *, loff_t *); - #ifdef CONFIG_HAVE_ACPI_APEI_NMI #include #endif diff --git a/kernel/watchdog.c b/kernel/watchdog.c index 5cd6d4e26915..0fe72e89627d 100644 --- a/kernel/watchdog.c +++ b/kernel/watchdog.c @@ -772,7 +772,7 @@ static int proc_watchdog_common(int which, struct ctl_table *table, int write, /* * /proc/sys/kernel/watchdog */ -int proc_watchdog(struct ctl_table *table, int write, +static int proc_watchdog(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return proc_watchdog_common(WATCHDOG_HARDLOCKUP_ENABLED | @@ -783,7 +783,7 @@ int proc_watchdog(struct ctl_table *table, int write, /* * /proc/sys/kernel/nmi_watchdog */ -int proc_nmi_watchdog(struct ctl_table *table, int write, +static int proc_nmi_watchdog(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (!watchdog_hardlockup_available && write) @@ -795,7 +795,7 @@ int proc_nmi_watchdog(struct ctl_table *table, int write, /* * /proc/sys/kernel/soft_watchdog */ -int proc_soft_watchdog(struct ctl_table *table, int write, +static int proc_soft_watchdog(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return proc_watchdog_common(WATCHDOG_SOFTOCKUP_ENABLED, @@ -805,7 +805,7 @@ int proc_soft_watchdog(struct ctl_table *table, int write, /* * /proc/sys/kernel/watchdog_thresh */ -int proc_watchdog_thresh(struct ctl_table *table, int write, +static int proc_watchdog_thresh(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int err, old; @@ -828,7 +828,7 @@ int proc_watchdog_thresh(struct ctl_table *table, int write, * user to specify a mask that will include cpus that have not yet * been brought online, if desired. */ -int proc_watchdog_cpumask(struct ctl_table *table, int write, +static int proc_watchdog_cpumask(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int err; From patchwork Mon Dec 4 07:52:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477849 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="YvZQVv7h" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D583710E; Sun, 3 Dec 2023 23:52:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676351; bh=q4VE2o2FyvyFNG1LqUdQPdjkzoeYyweyQ8tzt1Zr98M=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=YvZQVv7h5D8dBbZC2USl0/LGJ0NYUJBbWTU6gw9zrE5BzBgs6GREiFYl+645cIPQY hbCfQvLOj0lKhEoVRdO1IkXwIAXAzSMwM3JY4WPe0PpDtiIJ7iNlEETgrMwtpB+lZs GNcyUZ4jYSKzKv+EoU/hmUX4GwERfFyKXIZx5FhU= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:15 +0100 Subject: [PATCH v2 02/18] sysctl: delete unused define SYSCTL_PERM_EMPTY_DIR Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-2-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=622; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=q4VE2o2FyvyFNG1LqUdQPdjkzoeYyweyQ8tzt1Zr98M=; b=w9UTx2HponGUKe8TWC0etLx9EWRzxuN1D/Eju+YpMZkSFCuCRce0znWXJDyiwUfDfeENARdb8 gNbmedabRpLB4Cu3/U/T/SDS4VwIA3XWLFu2VK3XeTU44B3TFShYaa0 X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= It seems it was never used. Signed-off-by: Thomas Weißschuh --- include/linux/sysctl.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 61b40ea81f4d..26a38161c28f 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -255,8 +255,6 @@ extern int unaligned_enabled; extern int unaligned_dump_stack; extern int no_unaligned_warning; -#define SYSCTL_PERM_EMPTY_DIR (1 << 0) - #else /* CONFIG_SYSCTL */ static inline void register_sysctl_init(const char *path, struct ctl_table *table) From patchwork Mon Dec 4 07:52:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477847 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="SQ4c4OJg" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73167F3; Sun, 3 Dec 2023 23:52:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676351; bh=IyP3fTXp1SAs7UkxiJUA9xlgTpZMUTTPQdr1Z8WPbb0=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=SQ4c4OJgJJCnisETb9hXUF5YYUf7C0UKd6c5Mww/aO3s77s0vnJ0BYmhq9jI56SXo ZOeCfh0d6Oci9O5gxeD87hctfl1w06lqiP3cEdVC5pjMtWexivDvWbYfte4WFes+8e nV0fUg21Ob0hYeGT65jveRMunFejdMDZjaDXK1Ak= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:16 +0100 Subject: [PATCH v2 03/18] sysctl: drop sysctl_is_perm_empty_ctl_table Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-3-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=1435; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=IyP3fTXp1SAs7UkxiJUA9xlgTpZMUTTPQdr1Z8WPbb0=; b=+ngBpUV2SiwicZA4ds9XMOzk5Pbxi+vGaZjien+LXgMroK7KKieP5OaWIcOCF+WqNuE4vgwZP xT40W0mgomqCFiuD3TvBSNW81r50LHid1h8Ji7pYWOHqATHnrdOYQdq X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= It is used only once and that caller would be simpler with sysctl_is_perm_empty_ctl_header(). So use this sibling function. Signed-off-by: Thomas Weißschuh --- fs/proc/proc_sysctl.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 8064ea76f80b..689a30196d0c 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -48,10 +48,8 @@ struct ctl_table_header *register_sysctl_mount_point(const char *path) } EXPORT_SYMBOL(register_sysctl_mount_point); -#define sysctl_is_perm_empty_ctl_table(tptr) \ - (tptr[0].type == SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) #define sysctl_is_perm_empty_ctl_header(hptr) \ - (sysctl_is_perm_empty_ctl_table(hptr->ctl_table)) + (hptr->ctl_table[0].type == SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) #define sysctl_set_perm_empty_ctl_header(hptr) \ (hptr->ctl_table[0].type = SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) #define sysctl_clear_perm_empty_ctl_header(hptr) \ @@ -233,7 +231,7 @@ static int insert_header(struct ctl_dir *dir, struct ctl_table_header *header) return -EROFS; /* Am I creating a permanently empty directory? */ - if (sysctl_is_perm_empty_ctl_table(header->ctl_table)) { + if (sysctl_is_perm_empty_ctl_header(header)) { if (!RB_EMPTY_ROOT(&dir->root)) return -EINVAL; sysctl_set_perm_empty_ctl_header(dir_h); From patchwork Mon Dec 4 07:52:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477851 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="ZBXFhIz9" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8626D135; Sun, 3 Dec 2023 23:52:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676351; bh=T3jII5zUnYlnbPPOk4OeB1e7CrcIRU8AQwdXqX+t2X0=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ZBXFhIz94gSg8Kt7v4w19SdE5yTe/j5v18vyl9a3isW/pKheYAYWCJ55ZQhgDSVA/ VVK2ulqv4htTjx9Gvb3dCYsL2nmaejGLVJvR8Fev13rdYXI3H7RuqdTH3r99MH26RL 3yay1rFxRe0DseFdG/F9jH9gklQnbzsfpENugf0o= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:17 +0100 Subject: [PATCH v2 04/18] cgroup: bpf: constify ctl_table arguments and fields Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-4-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=1943; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=T3jII5zUnYlnbPPOk4OeB1e7CrcIRU8AQwdXqX+t2X0=; b=empLB4oJMwGiCFdfTNXuKBYx88Wx32Olsk3PXjNKGw04ybJ6PSzYfGsjskQjHYM/x/F1Q2mHD B8qDNrFLuhSDfKF7RqS74q2ZdbS3z89noN6eESpUZOp3EUXpVM/QYbb X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the sysctl core will only use "const struct ctl_table". As a preparation for that adapt the cgroup-bpf code. Signed-off-by: Thomas Weißschuh --- include/linux/bpf-cgroup.h | 2 +- include/linux/filter.h | 2 +- kernel/bpf/cgroup.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h index a789266feac3..504fe9f8a3e7 100644 --- a/include/linux/bpf-cgroup.h +++ b/include/linux/bpf-cgroup.h @@ -138,7 +138,7 @@ int __cgroup_bpf_check_dev_permission(short dev_type, u32 major, u32 minor, short access, enum cgroup_bpf_attach_type atype); int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head, - struct ctl_table *table, int write, + const struct ctl_table *table, int write, char **buf, size_t *pcount, loff_t *ppos, enum cgroup_bpf_attach_type atype); diff --git a/include/linux/filter.h b/include/linux/filter.h index a4953fafc8cb..4d035fbd8558 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -1358,7 +1358,7 @@ struct bpf_sock_ops_kern { struct bpf_sysctl_kern { struct ctl_table_header *head; - struct ctl_table *table; + const struct ctl_table *table; void *cur_val; size_t cur_len; void *new_val; diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index 491d20038cbe..85476970b487 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -1694,7 +1694,7 @@ const struct bpf_verifier_ops cg_dev_verifier_ops = { * returned value != 1 during execution. In all other cases 0 is returned. */ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head, - struct ctl_table *table, int write, + const struct ctl_table *table, int write, char **buf, size_t *pcount, loff_t *ppos, enum cgroup_bpf_attach_type atype) { From patchwork Mon Dec 4 07:52:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477855 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="Az7F8rfS" Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79B79136; Sun, 3 Dec 2023 23:52:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=TZdNqn1SiSNc5YcuC4mCIk7Ynn2gUU/Or228atMtaJs=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Az7F8rfSpThZ1n25BdEvJp2p9E/AzY0X3wozV/MY1/PAa1/Qj0RAhj7z6fiRqI7kK 7HDAJXx5XOu/S6imHwuojXsRcbfmd6OiQSZzb0GGBpHVT+IA2v6TKvAaAa/d2HWf+4 /NehtYiQxYEIopU8YBWhQpz/RtDsgc+T9zG7k1jA= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:18 +0100 Subject: [PATCH v2 05/18] seccomp: constify ctl_table arguments of utility functions Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-5-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=1238; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=TZdNqn1SiSNc5YcuC4mCIk7Ynn2gUU/Or228atMtaJs=; b=+bb7R1dzvflk2V91q1B3apYuSZNzsswX5hsEfkK3Q7Bi6c2nVr2JfTll1pVlMP5bZS2K4J5GB XaPAF3lxcvpDah0XCW1ntvvsW9fI5ifFd/kDIevoOjVDZbSHl4zCMEZ X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the proc_handlers themselves will change to "const struct ctl_table". As a preparation for that adapt the internal helpers. Signed-off-by: Thomas Weißschuh Acked-by: Kees Cook --- kernel/seccomp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 255999ba9190..a23672674ff6 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -2334,7 +2334,7 @@ static bool seccomp_actions_logged_from_names(u32 *actions_logged, char *names) return true; } -static int read_actions_logged(struct ctl_table *ro_table, void *buffer, +static int read_actions_logged(const struct ctl_table *ro_table, void *buffer, size_t *lenp, loff_t *ppos) { char names[sizeof(seccomp_actions_avail)]; @@ -2352,7 +2352,7 @@ static int read_actions_logged(struct ctl_table *ro_table, void *buffer, return proc_dostring(&table, 0, buffer, lenp, ppos); } -static int write_actions_logged(struct ctl_table *ro_table, void *buffer, +static int write_actions_logged(const struct ctl_table *ro_table, void *buffer, size_t *lenp, loff_t *ppos, u32 *actions_logged) { char names[sizeof(seccomp_actions_avail)]; From patchwork Mon Dec 4 07:52:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477854 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="nz3O4Rpu" Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DC7F191; Sun, 3 Dec 2023 23:52:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=5+HgEomGEcSfal8KEHbNRv5xkdMmu5uXZxrXCkIqu/g=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=nz3O4RpuvWkpltHlM3RYR9Jf3NvPF4MsnW3PyS389PBHs7UcASGhvDwUxa3ZFViyw SO0u+5I4bzKzYUIEqvVCZftRUMx6dQVMYYTdwPSyzAPN/xYB1m/vA6+4/+qnJy+csx UZK2VBQBwUMeh7KlXYFHy6bMh96GzxGmUhbGU/co= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:19 +0100 Subject: [PATCH v2 06/18] hugetlb: constify ctl_table arguments of utility functions Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-6-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=1138; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=5+HgEomGEcSfal8KEHbNRv5xkdMmu5uXZxrXCkIqu/g=; b=zd4HWDIvql9ethCYqcpULcNo0aOGOKcNIZoT6kq593C2oMwlIWM/2afb9K5I09ugAwV7Xi7Yb FGDJ8iOEM8EDN5I7kHXRLNOjXCxYDRa8gF/KebTpU/Di8j9dEg7L9e7 X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the proc_handlers themselves will change to "const struct ctl_table". As a preparation for that adapt the internal helpers. Signed-off-by: Thomas Weißschuh --- mm/hugetlb.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 1169ef2f2176..2df21a295359 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -4835,7 +4835,7 @@ static unsigned int allowed_mems_nr(struct hstate *h) } #ifdef CONFIG_SYSCTL -static int proc_hugetlb_doulongvec_minmax(struct ctl_table *table, int write, +static int proc_hugetlb_doulongvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos, unsigned long *out) { @@ -4852,7 +4852,7 @@ static int proc_hugetlb_doulongvec_minmax(struct ctl_table *table, int write, } static int hugetlb_sysctl_handler_common(bool obey_mempolicy, - struct ctl_table *table, int write, + const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { struct hstate *h = &default_hstate; From patchwork Mon Dec 4 07:52:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477852 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="ebZp+DVY" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3444018E; Sun, 3 Dec 2023 23:52:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=XX/0Dgv+i6b2iH4R1etXfooZRb2dy5KXDGiPQVphnWA=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ebZp+DVYTEEAfjfaE0tgQxKbgsqYJFjNAFwcUYjBzNwvnbfhz3uNMC236Sa1fPfTw NyY5igxxS9b4fxVKkbyqn/gh+YLiw9R55X5EIHr6YQgzV7wOrcR9JY8Vf91oNlaGDV YtvSFjz8UWu4u5MQAanh2PNkPYJH1h1eebMkon+0= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:20 +0100 Subject: [PATCH v2 07/18] utsname: constify ctl_table arguments of utility function Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-7-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=696; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=XX/0Dgv+i6b2iH4R1etXfooZRb2dy5KXDGiPQVphnWA=; b=zWbb03OQ8wfovwcUfOlCCPX491ahk1eH62Nq+pjCquKuyWlS5cMqfrOW//ibS7ErluyLMRkWU 8/+YmIhOrdlDhhbBdhUvQ1jGzJTdwvIKPQmgi1Kr/jqFOIqsESa0dt6 X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the proc_handlers themselves will change to "const struct ctl_table". As a preparation for that adapt the internal helper. Signed-off-by: Thomas Weißschuh --- kernel/utsname_sysctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/utsname_sysctl.c b/kernel/utsname_sysctl.c index 019e3a1566cf..46590d4addc8 100644 --- a/kernel/utsname_sysctl.c +++ b/kernel/utsname_sysctl.c @@ -15,7 +15,7 @@ #ifdef CONFIG_PROC_SYSCTL -static void *get_uts(struct ctl_table *table) +static void *get_uts(const struct ctl_table *table) { char *which = table->data; struct uts_namespace *uts_ns; From patchwork Mon Dec 4 07:52:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477857 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="ci3b+tBl" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A430FF; Sun, 3 Dec 2023 23:52:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=IxovWkSQa7nkG31gg70HY4PZ86eNzdXLGZdnYvGdlOk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ci3b+tBlQJ2I4Tnz6Uq8xCRvClO69u71LCh7Jwtj+5JsnWUJoaWhvTg3js+PuZNVW tirBQ8o0jdqrYvHi8MAckWJ8O/mudw3ffSFWracoTmFkEf2CtxM9hp7OXWuLsgmKJf 8DARgLvu9Mjh2qEXOkDlubwYy0CivYcuPoJ8UMQo= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:21 +0100 Subject: [PATCH v2 08/18] stackleak: don't modify ctl_table argument Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-8-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=1076; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=IxovWkSQa7nkG31gg70HY4PZ86eNzdXLGZdnYvGdlOk=; b=qMyrGJ0w/4+XhOWDiE66KEjMCj0gweurC/6oQwk/Krqtt1DIpUqZeI5jGJHKrmVOFeGke54pt YQi71Ea3sghBwYXo0q8Kz3ZhIgB+zOH6G6jdpErT6vSnyCISy0KxjSU X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the proc_handlers will change to "const struct ctl_table". As a preparation for that adapt the logic to work with a temporary variable, similar to how it is done in other parts of the kernel. Signed-off-by: Thomas Weißschuh Acked-by: Kees Cook --- kernel/stackleak.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/kernel/stackleak.c b/kernel/stackleak.c index 34c9d81eea94..b292e5ca0b7d 100644 --- a/kernel/stackleak.c +++ b/kernel/stackleak.c @@ -27,10 +27,11 @@ static int stack_erasing_sysctl(struct ctl_table *table, int write, int ret = 0; int state = !static_branch_unlikely(&stack_erasing_bypass); int prev_state = state; + struct ctl_table tmp = *table; - table->data = &state; - table->maxlen = sizeof(int); - ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); + tmp.data = &state; + tmp.maxlen = sizeof(int); + ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); state = !!state; if (ret || !write || state == prev_state) return ret; From patchwork Mon Dec 4 07:52:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477856 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="NpAknuE+" Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3F0A7198; Sun, 3 Dec 2023 23:52:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=v0MXLGIsisRjyz+2q8S4lNJCjp7Kc1OsT9OWJgMTDC0=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=NpAknuE+SwTyR4zjPUm2h6dHi5u3Il/bBsvGZ3mlpPxjGYT2t7M7Y6Un/IYoB0iMK ReELEAwm3nZ5LEAMS3pGHH6hUh0PA0DFKWC8yDLs/wr4zGuRlSqCiFv1jPLY3p3kgC VDAFEp/kkHjLix6w3AIf0+hmrAH5OnqMB4G+JvZQ= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:22 +0100 Subject: [PATCH v2 09/18] sysctl: treewide: constify ctl_table_root::set_ownership Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-9-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=1372; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=v0MXLGIsisRjyz+2q8S4lNJCjp7Kc1OsT9OWJgMTDC0=; b=36piJllEmuNADES2V+irUyjSXbQwWiVHfuHvaVtX4ZUFuaW3bGFv0NxakonPgvNZa1veydxZy r6beTa7NJ3SCdG+Ab8rKNLOvH7rjBf1WSb68bEFxJ4QKHESQJbBmCiq X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the sysctl core will only use "const struct ctl_table". As a preparation for that adapt the set_ownership callbacks. Signed-off-by: Thomas Weißschuh --- include/linux/sysctl.h | 2 +- net/sysctl_net.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 26a38161c28f..800154e1ff88 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -205,7 +205,7 @@ struct ctl_table_root { struct ctl_table_set default_set; struct ctl_table_set *(*lookup)(struct ctl_table_root *root); void (*set_ownership)(struct ctl_table_header *head, - struct ctl_table *table, + const struct ctl_table *table, kuid_t *uid, kgid_t *gid); int (*permissions)(struct ctl_table_header *head, struct ctl_table *table); }; diff --git a/net/sysctl_net.c b/net/sysctl_net.c index 051ed5f6fc93..1310ef8f0958 100644 --- a/net/sysctl_net.c +++ b/net/sysctl_net.c @@ -54,7 +54,7 @@ static int net_ctl_permissions(struct ctl_table_header *head, } static void net_ctl_set_ownership(struct ctl_table_header *head, - struct ctl_table *table, + const struct ctl_table *table, kuid_t *uid, kgid_t *gid) { struct net *net = container_of(head->set, struct net, sysctls); From patchwork Mon Dec 4 07:52:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477853 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="KDc8hCKf" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA9A5102; Sun, 3 Dec 2023 23:52:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=S9V/IJQi2EMf1kRNVARgwVZ9ApUdndNydZjX5OKBihc=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=KDc8hCKfDhh524oHnRJPJz0iNBKtq1KksoAS8/EBsl7Ak4JWrGsbbXOdVe6MMDUM4 XfikUAI0N5MybtF9Lh//LM50eJilELIxaInUuWDBKyMvDd6gqAKsGpibPTN8X+imTO HMTwJbVN8BiCRjVmszIFT37OeQ88hi/Ykllu/AzY= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:23 +0100 Subject: [PATCH v2 10/18] sysctl: treewide: constify ctl_table_root::permissions Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-10-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=2382; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=S9V/IJQi2EMf1kRNVARgwVZ9ApUdndNydZjX5OKBihc=; b=HnfoCDmJBovIxiovoyRKYbwFwzbbCaj+R/sL4531aUB8MM1AzeDUZRnRsHT+2K69vhtsTyNUm 2Sv5i/tkSuQCcDN+8GyyuUL1c56UbP9k3xL8fjP8ojnT386O28+fLCs X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the sysctl core will only use "const struct ctl_table". As a preparation for that adapt the permission callbacks. Signed-off-by: Thomas Weißschuh --- include/linux/sysctl.h | 2 +- ipc/ipc_sysctl.c | 2 +- kernel/ucount.c | 2 +- net/sysctl_net.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 800154e1ff88..92c1d0114cdc 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -207,7 +207,7 @@ struct ctl_table_root { void (*set_ownership)(struct ctl_table_header *head, const struct ctl_table *table, kuid_t *uid, kgid_t *gid); - int (*permissions)(struct ctl_table_header *head, struct ctl_table *table); + int (*permissions)(struct ctl_table_header *head, const struct ctl_table *table); }; /* struct ctl_path describes where in the hierarchy a table is added */ diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c index 8c62e443f78b..b087787f608f 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -190,7 +190,7 @@ static int set_is_seen(struct ctl_table_set *set) return ¤t->nsproxy->ipc_ns->ipc_set == set; } -static int ipc_permissions(struct ctl_table_header *head, struct ctl_table *table) +static int ipc_permissions(struct ctl_table_header *head, const struct ctl_table *table) { int mode = table->mode; diff --git a/kernel/ucount.c b/kernel/ucount.c index 4aa6166cb856..90300840256b 100644 --- a/kernel/ucount.c +++ b/kernel/ucount.c @@ -38,7 +38,7 @@ static int set_is_seen(struct ctl_table_set *set) } static int set_permissions(struct ctl_table_header *head, - struct ctl_table *table) + const struct ctl_table *table) { struct user_namespace *user_ns = container_of(head->set, struct user_namespace, set); diff --git a/net/sysctl_net.c b/net/sysctl_net.c index 1310ef8f0958..2873a4fed47d 100644 --- a/net/sysctl_net.c +++ b/net/sysctl_net.c @@ -40,7 +40,7 @@ static int is_seen(struct ctl_table_set *set) /* Return standard mode bits for table entry. */ static int net_ctl_permissions(struct ctl_table_header *head, - struct ctl_table *table) + const struct ctl_table *table) { struct net *net = container_of(head->set, struct net, sysctls); From patchwork Mon Dec 4 07:52:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477860 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="Ha4O5LQv" Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4AF7E199; Sun, 3 Dec 2023 23:52:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=vXMcA8YQYm2FUpqjpEn4cJ52/C+SgDpaLPB9ntMBbJY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Ha4O5LQvgzb+eIcnyIaDw+qV2TmGRQfeldo6D+8PQCbxylpCyKRi7bl9TnXt0x+B6 h584DcuV/On+vuIJIB1UIpEVJMVWtUUhR7FS3P0VdbKvQMFaxkSCbryMmHbYZtn6NH OQoBluUF8YZ8E4iEHIF8kAuNVmaeB6fI5pqsUiM8= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:24 +0100 Subject: [PATCH v2 11/18] sysctl: treewide: constify ctl_table_header::ctl_table_arg Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-11-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=15050; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=vXMcA8YQYm2FUpqjpEn4cJ52/C+SgDpaLPB9ntMBbJY=; b=OwWuV9Xs9QPUA5m9POZBh/zXdAYHhnGV3tTqhswOKBt802HUj9KzAenQaV/+S2FOhExEd3WIg Aib7mqxY2enDKE4mo5rGY/BkeiwPPKCwZF51KBkfugeWa2nQveS7hyM X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the sysctl core will only use "const struct ctl_table". As a preparation for that adapt the ctl_table_arg member. Signed-off-by: Thomas Weißschuh --- drivers/net/vrf.c | 2 +- include/linux/sysctl.h | 2 +- ipc/ipc_sysctl.c | 2 +- ipc/mq_sysctl.c | 2 +- kernel/ucount.c | 2 +- net/ax25/sysctl_net_ax25.c | 2 +- net/bridge/br_netfilter_hooks.c | 4 +++- net/core/sysctl_net_core.c | 2 +- net/ieee802154/6lowpan/reassembly.c | 2 +- net/ipv4/devinet.c | 2 +- net/ipv4/ip_fragment.c | 2 +- net/ipv4/route.c | 2 +- net/ipv4/sysctl_net_ipv4.c | 2 +- net/ipv4/xfrm4_policy.c | 2 +- net/ipv6/addrconf.c | 2 +- net/ipv6/netfilter/nf_conntrack_reasm.c | 2 +- net/ipv6/reassembly.c | 2 +- net/ipv6/sysctl_net_ipv6.c | 6 +++--- net/ipv6/xfrm6_policy.c | 2 +- net/mpls/af_mpls.c | 4 ++-- net/mptcp/ctrl.c | 2 +- net/netfilter/nf_conntrack_standalone.c | 2 +- net/netfilter/nf_log.c | 2 +- net/sctp/sysctl.c | 2 +- net/smc/smc_sysctl.c | 2 +- net/unix/sysctl_net_unix.c | 2 +- net/xfrm/xfrm_sysctl.c | 2 +- 27 files changed, 32 insertions(+), 30 deletions(-) diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c index bb95ce43cd97..66f8542f3b18 100644 --- a/drivers/net/vrf.c +++ b/drivers/net/vrf.c @@ -1971,7 +1971,7 @@ static int vrf_netns_init_sysctl(struct net *net, struct netns_vrf *nn_vrf) static void vrf_netns_exit_sysctl(struct net *net) { struct netns_vrf *nn_vrf = net_generic(net, vrf_net_id); - struct ctl_table *table; + const struct ctl_table *table; table = nn_vrf->ctl_hdr->ctl_table_arg; unregister_net_sysctl_table(nn_vrf->ctl_hdr); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 92c1d0114cdc..56b89e5294e9 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -182,7 +182,7 @@ struct ctl_table_header { struct rcu_head rcu; }; struct completion *unregistering; - struct ctl_table *ctl_table_arg; + const struct ctl_table *ctl_table_arg; struct ctl_table_root *root; struct ctl_table_set *set; struct ctl_dir *parent; diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c index b087787f608f..55d6b9f1e508 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -274,7 +274,7 @@ bool setup_ipc_sysctls(struct ipc_namespace *ns) void retire_ipc_sysctls(struct ipc_namespace *ns) { - struct ctl_table *tbl; + const struct ctl_table *tbl; tbl = ns->ipc_sysctls->ctl_table_arg; unregister_sysctl_table(ns->ipc_sysctls); diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c index ebb5ed81c151..2a2ba6ded037 100644 --- a/ipc/mq_sysctl.c +++ b/ipc/mq_sysctl.c @@ -124,7 +124,7 @@ bool setup_mq_sysctls(struct ipc_namespace *ns) void retire_mq_sysctls(struct ipc_namespace *ns) { - struct ctl_table *tbl; + const struct ctl_table *tbl; tbl = ns->mq_sysctls->ctl_table_arg; unregister_sysctl_table(ns->mq_sysctls); diff --git a/kernel/ucount.c b/kernel/ucount.c index 90300840256b..366a2c1971f5 100644 --- a/kernel/ucount.c +++ b/kernel/ucount.c @@ -119,7 +119,7 @@ bool setup_userns_sysctls(struct user_namespace *ns) void retire_userns_sysctls(struct user_namespace *ns) { #ifdef CONFIG_SYSCTL - struct ctl_table *tbl; + const struct ctl_table *tbl; tbl = ns->sysctls->ctl_table_arg; unregister_sysctl_table(ns->sysctls); diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c index db66e11e7fe8..e0128dc9def3 100644 --- a/net/ax25/sysctl_net_ax25.c +++ b/net/ax25/sysctl_net_ax25.c @@ -171,7 +171,7 @@ int ax25_register_dev_sysctl(ax25_dev *ax25_dev) void ax25_unregister_dev_sysctl(ax25_dev *ax25_dev) { struct ctl_table_header *header = ax25_dev->sysheader; - struct ctl_table *table; + const struct ctl_table *table; if (header) { ax25_dev->sysheader = NULL; diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c index 6adcb45bca75..74056b563b95 100644 --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -1146,7 +1146,9 @@ static int br_netfilter_sysctl_init_net(struct net *net) static void br_netfilter_sysctl_exit_net(struct net *net, struct brnf_net *brnet) { - struct ctl_table *table = brnet->ctl_hdr->ctl_table_arg; + const struct ctl_table *table; + + table = brnet->ctl_hdr->ctl_table_arg; unregister_net_sysctl_table(brnet->ctl_hdr); if (!net_eq(net, &init_net)) diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index 03f1edb948d7..08a01b31be99 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -728,7 +728,7 @@ static __net_init int sysctl_core_net_init(struct net *net) static __net_exit void sysctl_core_net_exit(struct net *net) { - struct ctl_table *tbl; + const struct ctl_table *tbl; tbl = net->core.sysctl_hdr->ctl_table_arg; unregister_net_sysctl_table(net->core.sysctl_hdr); diff --git a/net/ieee802154/6lowpan/reassembly.c b/net/ieee802154/6lowpan/reassembly.c index 6dd960ec558c..2a983cf450da 100644 --- a/net/ieee802154/6lowpan/reassembly.c +++ b/net/ieee802154/6lowpan/reassembly.c @@ -399,7 +399,7 @@ static int __net_init lowpan_frags_ns_sysctl_register(struct net *net) static void __net_exit lowpan_frags_ns_sysctl_unregister(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; struct netns_ieee802154_lowpan *ieee802154_lowpan = net_ieee802154_lowpan(net); diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index ca0ff15dc8fa..f8a56fe95801 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -2767,7 +2767,7 @@ static __net_init int devinet_init_net(struct net *net) static __net_exit void devinet_exit_net(struct net *net) { #ifdef CONFIG_SYSCTL - struct ctl_table *tbl; + const struct ctl_table *tbl; tbl = net->ipv4.forw_hdr->ctl_table_arg; unregister_net_sysctl_table(net->ipv4.forw_hdr); diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c index a4941f53b523..6b9285fd6f06 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c @@ -632,7 +632,7 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) static void __net_exit ip4_frags_ns_ctl_unregister(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->ipv4.frags_hdr->ctl_table_arg; unregister_net_sysctl_table(net->ipv4.frags_hdr); diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 16615d107cf0..7c7884110a58 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -3590,7 +3590,7 @@ static __net_init int sysctl_route_net_init(struct net *net) static __net_exit void sysctl_route_net_exit(struct net *net) { - struct ctl_table *tbl; + const struct ctl_table *tbl; tbl = net->ipv4.route_hdr->ctl_table_arg; unregister_net_sysctl_table(net->ipv4.route_hdr); diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index f63a545a7374..599244f9ad65 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -1558,7 +1558,7 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) static __net_exit void ipv4_sysctl_exit_net(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; kfree(net->ipv4.sysctl_local_reserved_ports); table = net->ipv4.ipv4_hdr->ctl_table_arg; diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c index c33bca2c3841..1dda59e0aeab 100644 --- a/net/ipv4/xfrm4_policy.c +++ b/net/ipv4/xfrm4_policy.c @@ -186,7 +186,7 @@ static __net_init int xfrm4_net_sysctl_init(struct net *net) static __net_exit void xfrm4_net_sysctl_exit(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; if (!net->ipv4.xfrm4_hdr) return; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 3aaea56b5166..aa5654d29334 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -7180,7 +7180,7 @@ static int __addrconf_sysctl_register(struct net *net, char *dev_name, static void __addrconf_sysctl_unregister(struct net *net, struct ipv6_devconf *p, int ifindex) { - struct ctl_table *table; + const struct ctl_table *table; if (!p->sysctl_header) return; diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index b2dd48911c8d..1d6f6deb2562 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c @@ -105,7 +105,7 @@ static int nf_ct_frag6_sysctl_register(struct net *net) static void __net_exit nf_ct_frags6_sysctl_unregister(struct net *net) { struct nft_ct_frag6_pernet *nf_frag = nf_frag_pernet(net); - struct ctl_table *table; + const struct ctl_table *table; table = nf_frag->nf_frag_frags_hdr->ctl_table_arg; unregister_net_sysctl_table(nf_frag->nf_frag_frags_hdr); diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c index 5ebc47da1000..0746dc1f1e61 100644 --- a/net/ipv6/reassembly.c +++ b/net/ipv6/reassembly.c @@ -487,7 +487,7 @@ static int __net_init ip6_frags_ns_sysctl_register(struct net *net) static void __net_exit ip6_frags_ns_sysctl_unregister(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->ipv6.sysctl.frags_hdr->ctl_table_arg; unregister_net_sysctl_table(net->ipv6.sysctl.frags_hdr); diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c index 888676163e90..75de55f907b0 100644 --- a/net/ipv6/sysctl_net_ipv6.c +++ b/net/ipv6/sysctl_net_ipv6.c @@ -313,9 +313,9 @@ static int __net_init ipv6_sysctl_net_init(struct net *net) static void __net_exit ipv6_sysctl_net_exit(struct net *net) { - struct ctl_table *ipv6_table; - struct ctl_table *ipv6_route_table; - struct ctl_table *ipv6_icmp_table; + const struct ctl_table *ipv6_table; + const struct ctl_table *ipv6_route_table; + const struct ctl_table *ipv6_icmp_table; ipv6_table = net->ipv6.sysctl.hdr->ctl_table_arg; ipv6_route_table = net->ipv6.sysctl.route_hdr->ctl_table_arg; diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c index 42fb6996b077..4891012b692f 100644 --- a/net/ipv6/xfrm6_policy.c +++ b/net/ipv6/xfrm6_policy.c @@ -218,7 +218,7 @@ static int __net_init xfrm6_net_sysctl_init(struct net *net) static void __net_exit xfrm6_net_sysctl_exit(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; if (!net->ipv6.sysctl.xfrm6_hdr) return; diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c index 1af29af65388..832b63bb5646 100644 --- a/net/mpls/af_mpls.c +++ b/net/mpls/af_mpls.c @@ -1438,7 +1438,7 @@ static void mpls_dev_sysctl_unregister(struct net_device *dev, struct mpls_dev *mdev) { struct net *net = dev_net(dev); - struct ctl_table *table; + const struct ctl_table *table; if (!mdev->sysctl) return; @@ -2704,7 +2704,7 @@ static void mpls_net_exit(struct net *net) { struct mpls_route __rcu **platform_label; size_t platform_labels; - struct ctl_table *table; + const struct ctl_table *table; unsigned int index; table = net->mpls.ctl->ctl_table_arg; diff --git a/net/mptcp/ctrl.c b/net/mptcp/ctrl.c index 13fe0748dde8..8d661156ab8c 100644 --- a/net/mptcp/ctrl.c +++ b/net/mptcp/ctrl.c @@ -198,7 +198,7 @@ static int mptcp_pernet_new_table(struct net *net, struct mptcp_pernet *pernet) static void mptcp_pernet_del_table(struct mptcp_pernet *pernet) { - struct ctl_table *table = pernet->ctl_table_hdr->ctl_table_arg; + const struct ctl_table *table = pernet->ctl_table_hdr->ctl_table_arg; unregister_net_sysctl_table(pernet->ctl_table_hdr); diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 0ee98ce5b816..bb9dea676ec1 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -1122,7 +1122,7 @@ static int nf_conntrack_standalone_init_sysctl(struct net *net) static void nf_conntrack_standalone_fini_sysctl(struct net *net) { struct nf_conntrack_net *cnet = nf_ct_pernet(net); - struct ctl_table *table; + const struct ctl_table *table; table = cnet->sysctl_header->ctl_table_arg; unregister_net_sysctl_table(cnet->sysctl_header); diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 8cc52d2bd31b..2e897a9f0689 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c @@ -508,7 +508,7 @@ static int netfilter_log_sysctl_init(struct net *net) static void netfilter_log_sysctl_exit(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->nf.nf_log_dir_header->ctl_table_arg; unregister_net_sysctl_table(net->nf.nf_log_dir_header); diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c index f65d6f92afcb..25bdf17c7262 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c @@ -624,7 +624,7 @@ int sctp_sysctl_net_register(struct net *net) void sctp_sysctl_net_unregister(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->sctp.sysctl_header->ctl_table_arg; unregister_net_sysctl_table(net->sctp.sysctl_header); diff --git a/net/smc/smc_sysctl.c b/net/smc/smc_sysctl.c index 5cbc18c6e62b..c632df62ff90 100644 --- a/net/smc/smc_sysctl.c +++ b/net/smc/smc_sysctl.c @@ -109,7 +109,7 @@ int __net_init smc_sysctl_net_init(struct net *net) void __net_exit smc_sysctl_net_exit(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->smc.smc_hdr->ctl_table_arg; unregister_net_sysctl_table(net->smc.smc_hdr); diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c index 3e84b31c355a..44996af61999 100644 --- a/net/unix/sysctl_net_unix.c +++ b/net/unix/sysctl_net_unix.c @@ -52,7 +52,7 @@ int __net_init unix_sysctl_register(struct net *net) void unix_sysctl_unregister(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->unx.ctl->ctl_table_arg; unregister_net_sysctl_table(net->unx.ctl); diff --git a/net/xfrm/xfrm_sysctl.c b/net/xfrm/xfrm_sysctl.c index 7fdeafc838a7..e972930c292b 100644 --- a/net/xfrm/xfrm_sysctl.c +++ b/net/xfrm/xfrm_sysctl.c @@ -76,7 +76,7 @@ int __net_init xfrm_sysctl_init(struct net *net) void __net_exit xfrm_sysctl_fini(struct net *net) { - struct ctl_table *table; + const struct ctl_table *table; table = net->xfrm.sysctl_hdr->ctl_table_arg; unregister_net_sysctl_table(net->xfrm.sysctl_hdr); From patchwork Mon Dec 4 07:52:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477865 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="kx/nqCFM" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 985931A6; Sun, 3 Dec 2023 23:52:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=OvGfsmYmDAUZa6ocEzDc9Q0JwNuefDI0e0GVlm7Gr0M=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=kx/nqCFMsMCL6699FSDK+mRcHNyYAVlRU3oC2+8qyqMN9L26SojjIxxdZ+bZRVx9a 27voqrV2g1o2Ks7cJ3Es/9Y1+GBAlf1JoKvLDaWiFDQJTUjQcphQe/mNvxfG48X+Va N6GzC/8jdzO955Vne/pm9tP+9K0k2QQc9jX2xEhc= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:25 +0100 Subject: [PATCH v2 12/18] sysctl: treewide: constify the ctl_table argument of handlers Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-12-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=111769; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=OvGfsmYmDAUZa6ocEzDc9Q0JwNuefDI0e0GVlm7Gr0M=; b=jq2zmmtAXBECFe4vLj3r1vjkTWXmPNrw5AV8CuDReYJ7wAHpn5WneJChogTrGmobgnvanHT6D 8MKI3nivq1yDjfwDQ4CHIWhW2wVjVVSf0qzYOBVoULpAGOU8wx2aKBP X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the sysctl core will only use "const struct ctl_table". As a preparation for that adapt all the proc handlers. Signed-off-by: Thomas Weißschuh Reviewed-by: Kees Cook # security/* --- arch/arm64/kernel/armv8_deprecated.c | 2 +- arch/arm64/kernel/fpsimd.c | 2 +- arch/s390/appldata/appldata_base.c | 8 +-- arch/s390/kernel/debug.c | 2 +- arch/s390/kernel/topology.c | 2 +- arch/s390/mm/cmm.c | 6 +-- arch/x86/kernel/itmt.c | 2 +- drivers/cdrom/cdrom.c | 4 +- drivers/char/random.c | 4 +- drivers/macintosh/mac_hid.c | 2 +- drivers/net/vrf.c | 2 +- drivers/parport/procfs.c | 12 ++--- fs/coredump.c | 2 +- fs/dcache.c | 4 +- fs/drop_caches.c | 2 +- fs/exec.c | 4 +- fs/file_table.c | 2 +- fs/fs-writeback.c | 2 +- fs/inode.c | 4 +- fs/pipe.c | 2 +- fs/quota/dquot.c | 2 +- fs/xfs/xfs_sysctl.c | 6 +-- include/linux/ftrace.h | 4 +- include/linux/mm.h | 8 +-- include/linux/perf_event.h | 6 +-- include/linux/security.h | 2 +- include/linux/sysctl.h | 36 +++++++------- include/linux/vmstat.h | 6 +-- include/linux/writeback.h | 2 +- include/net/ndisc.h | 2 +- include/net/neighbour.h | 6 +-- include/net/netfilter/nf_hooks_lwtunnel.h | 2 +- ipc/ipc_sysctl.c | 8 +-- kernel/bpf/syscall.c | 4 +- kernel/delayacct.c | 4 +- kernel/events/callchain.c | 2 +- kernel/events/core.c | 4 +- kernel/fork.c | 2 +- kernel/hung_task.c | 4 +- kernel/kexec_core.c | 2 +- kernel/kprobes.c | 2 +- kernel/latencytop.c | 4 +- kernel/pid_namespace.c | 2 +- kernel/pid_sysctl.h | 2 +- kernel/printk/internal.h | 2 +- kernel/printk/printk.c | 2 +- kernel/printk/sysctl.c | 5 +- kernel/sched/core.c | 8 +-- kernel/sched/rt.c | 12 ++--- kernel/sched/topology.c | 2 +- kernel/seccomp.c | 4 +- kernel/stackleak.c | 2 +- kernel/sysctl.c | 82 +++++++++++++++---------------- kernel/time/timer.c | 2 +- kernel/trace/ftrace.c | 2 +- kernel/trace/trace.c | 2 +- kernel/trace/trace_events_user.c | 2 +- kernel/trace/trace_stack.c | 2 +- kernel/umh.c | 2 +- kernel/utsname_sysctl.c | 2 +- kernel/watchdog.c | 15 +++--- mm/compaction.c | 8 +-- mm/hugetlb.c | 6 +-- mm/page-writeback.c | 18 +++---- mm/page_alloc.c | 22 ++++----- mm/util.c | 12 ++--- mm/vmstat.c | 4 +- net/bridge/br_netfilter_hooks.c | 2 +- net/core/neighbour.c | 24 ++++----- net/core/sysctl_net_core.c | 20 ++++---- net/ipv4/devinet.c | 6 +-- net/ipv4/route.c | 2 +- net/ipv4/sysctl_net_ipv4.c | 33 +++++++------ net/ipv6/addrconf.c | 27 +++++----- net/ipv6/ndisc.c | 4 +- net/ipv6/route.c | 2 +- net/ipv6/sysctl_net_ipv6.c | 4 +- net/mpls/af_mpls.c | 4 +- net/netfilter/ipvs/ip_vs_ctl.c | 16 +++--- net/netfilter/nf_conntrack_standalone.c | 2 +- net/netfilter/nf_hooks_lwtunnel.c | 2 +- net/netfilter/nf_log.c | 2 +- net/phonet/sysctl.c | 2 +- net/rds/tcp.c | 4 +- net/sctp/sysctl.c | 28 +++++------ net/sunrpc/sysctl.c | 6 +-- net/sunrpc/xprtrdma/svc_rdma.c | 2 +- security/apparmor/lsm.c | 2 +- security/min_addr.c | 2 +- security/yama/yama_lsm.c | 2 +- 90 files changed, 306 insertions(+), 302 deletions(-) diff --git a/arch/arm64/kernel/armv8_deprecated.c b/arch/arm64/kernel/armv8_deprecated.c index dd6ce86d4332..a3085cb68852 100644 --- a/arch/arm64/kernel/armv8_deprecated.c +++ b/arch/arm64/kernel/armv8_deprecated.c @@ -504,7 +504,7 @@ static int update_insn_emulation_mode(struct insn_emulation *insn, return ret; } -static int emulation_proc_handler(struct ctl_table *table, int write, +static int emulation_proc_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c index 1559c706d32d..2b947031cd0e 100644 --- a/arch/arm64/kernel/fpsimd.c +++ b/arch/arm64/kernel/fpsimd.c @@ -555,7 +555,7 @@ static unsigned int find_supported_vector_length(enum vec_type type, #if defined(CONFIG_ARM64_SVE) && defined(CONFIG_SYSCTL) -static int vec_proc_do_default_vl(struct ctl_table *table, int write, +static int vec_proc_do_default_vl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct vl_info *info = table->extra1; diff --git a/arch/s390/appldata/appldata_base.c b/arch/s390/appldata/appldata_base.c index c2978cb03b36..2bd253623be1 100644 --- a/arch/s390/appldata/appldata_base.c +++ b/arch/s390/appldata/appldata_base.c @@ -46,9 +46,9 @@ * /proc entries (sysctl) */ static const char appldata_proc_name[APPLDATA_PROC_NAME_LENGTH] = "appldata"; -static int appldata_timer_handler(struct ctl_table *ctl, int write, +static int appldata_timer_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int appldata_interval_handler(struct ctl_table *ctl, int write, +static int appldata_interval_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); static struct ctl_table_header *appldata_sysctl_header; @@ -199,7 +199,7 @@ static void __appldata_vtimer_setup(int cmd) * Start/Stop timer, show status of timer (0 = not active, 1 = active) */ static int -appldata_timer_handler(struct ctl_table *ctl, int write, +appldata_timer_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int timer_active = appldata_timer_active; @@ -232,7 +232,7 @@ appldata_timer_handler(struct ctl_table *ctl, int write, * current timer interval. */ static int -appldata_interval_handler(struct ctl_table *ctl, int write, +appldata_interval_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int interval = appldata_interval; diff --git a/arch/s390/kernel/debug.c b/arch/s390/kernel/debug.c index 85328a0ef3b6..bce50ca75ea7 100644 --- a/arch/s390/kernel/debug.c +++ b/arch/s390/kernel/debug.c @@ -954,7 +954,7 @@ static int debug_active = 1; * always allow read, allow write only if debug_stoppable is set or * if debug_active is already off */ -static int s390dbf_procactive(struct ctl_table *table, int write, +static int s390dbf_procactive(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (!write || debug_stoppable || !debug_active) diff --git a/arch/s390/kernel/topology.c b/arch/s390/kernel/topology.c index 89e91b8ce842..1df3dc118696 100644 --- a/arch/s390/kernel/topology.c +++ b/arch/s390/kernel/topology.c @@ -600,7 +600,7 @@ static int __init topology_setup(char *str) } early_param("topology", topology_setup); -static int topology_ctl_handler(struct ctl_table *ctl, int write, +static int topology_ctl_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int enabled = topology_is_enabled(); diff --git a/arch/s390/mm/cmm.c b/arch/s390/mm/cmm.c index f8b13f247646..1d6749e095f7 100644 --- a/arch/s390/mm/cmm.c +++ b/arch/s390/mm/cmm.c @@ -243,7 +243,7 @@ static int cmm_skip_blanks(char *cp, char **endp) return str != cp; } -static int cmm_pages_handler(struct ctl_table *ctl, int write, +static int cmm_pages_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { long nr = cmm_get_pages(); @@ -262,7 +262,7 @@ static int cmm_pages_handler(struct ctl_table *ctl, int write, return 0; } -static int cmm_timed_pages_handler(struct ctl_table *ctl, int write, +static int cmm_timed_pages_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -282,7 +282,7 @@ static int cmm_timed_pages_handler(struct ctl_table *ctl, int write, return 0; } -static int cmm_timeout_handler(struct ctl_table *ctl, int write, +static int cmm_timeout_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { char buf[64], *p; diff --git a/arch/x86/kernel/itmt.c b/arch/x86/kernel/itmt.c index 9a7c03d47861..51b805c727fc 100644 --- a/arch/x86/kernel/itmt.c +++ b/arch/x86/kernel/itmt.c @@ -38,7 +38,7 @@ static bool __read_mostly sched_itmt_capable; */ unsigned int __read_mostly sysctl_sched_itmt_enabled; -static int sched_itmt_update_handler(struct ctl_table *table, int write, +static int sched_itmt_update_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { unsigned int old_sysctl; diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c index a5e07270e0d4..d0bd64129d43 100644 --- a/drivers/cdrom/cdrom.c +++ b/drivers/cdrom/cdrom.c @@ -3473,7 +3473,7 @@ static int cdrom_print_info(const char *header, int val, char *info, return 0; } -static int cdrom_sysctl_info(struct ctl_table *ctl, int write, +static int cdrom_sysctl_info(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int pos; @@ -3586,7 +3586,7 @@ static void cdrom_update_settings(void) mutex_unlock(&cdrom_mutex); } -static int cdrom_sysctl_handler(struct ctl_table *ctl, int write, +static int cdrom_sysctl_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/drivers/char/random.c b/drivers/char/random.c index 4a9c79391dee..04b224bffbdd 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1606,7 +1606,7 @@ static u8 sysctl_bootid[UUID_SIZE]; * UUID. The difference is in whether table->data is NULL; if it is, * then a new UUID is generated and returned to the user. */ -static int proc_do_uuid(struct ctl_table *table, int write, void *buf, +static int proc_do_uuid(const struct ctl_table *table, int write, void *buf, size_t *lenp, loff_t *ppos) { u8 tmp_uuid[UUID_SIZE], *uuid; @@ -1637,7 +1637,7 @@ static int proc_do_uuid(struct ctl_table *table, int write, void *buf, } /* The same as proc_dointvec, but writes don't change anything. */ -static int proc_do_rointvec(struct ctl_table *table, int write, void *buf, +static int proc_do_rointvec(const struct ctl_table *table, int write, void *buf, size_t *lenp, loff_t *ppos) { return write ? 0 : proc_dointvec(table, 0, buf, lenp, ppos); diff --git a/drivers/macintosh/mac_hid.c b/drivers/macintosh/mac_hid.c index 1ae3539beff5..891047c8a110 100644 --- a/drivers/macintosh/mac_hid.c +++ b/drivers/macintosh/mac_hid.c @@ -182,7 +182,7 @@ static void mac_hid_stop_emulation(void) mac_hid_destroy_emumouse(); } -static int mac_hid_toggle_emumouse(struct ctl_table *table, int write, +static int mac_hid_toggle_emumouse(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = table->data; diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c index 66f8542f3b18..14c5efd234ad 100644 --- a/drivers/net/vrf.c +++ b/drivers/net/vrf.c @@ -1908,7 +1908,7 @@ static int vrf_strict_mode_change(struct vrf_map *vmap, bool new_mode) return res; } -static int vrf_shared_table_handler(struct ctl_table *table, int write, +static int vrf_shared_table_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = (struct net *)table->extra1; diff --git a/drivers/parport/procfs.c b/drivers/parport/procfs.c index bd388560ed59..efa7c90e4234 100644 --- a/drivers/parport/procfs.c +++ b/drivers/parport/procfs.c @@ -33,7 +33,7 @@ #define PARPORT_MIN_SPINTIME_VALUE 1 #define PARPORT_MAX_SPINTIME_VALUE 1000 -static int do_active_device(struct ctl_table *table, int write, +static int do_active_device(const struct ctl_table *table, int write, void *result, size_t *lenp, loff_t *ppos) { struct parport *port = (struct parport *)table->extra1; @@ -70,7 +70,7 @@ static int do_active_device(struct ctl_table *table, int write, } #ifdef CONFIG_PARPORT_1284 -static int do_autoprobe(struct ctl_table *table, int write, +static int do_autoprobe(const struct ctl_table *table, int write, void *result, size_t *lenp, loff_t *ppos) { struct parport_device_info *info = table->extra2; @@ -113,7 +113,7 @@ static int do_autoprobe(struct ctl_table *table, int write, } #endif /* IEEE1284.3 support. */ -static int do_hardware_base_addr(struct ctl_table *table, int write, +static int do_hardware_base_addr(const struct ctl_table *table, int write, void *result, size_t *lenp, loff_t *ppos) { struct parport *port = (struct parport *)table->extra1; @@ -140,7 +140,7 @@ static int do_hardware_base_addr(struct ctl_table *table, int write, return 0; } -static int do_hardware_irq(struct ctl_table *table, int write, +static int do_hardware_irq(const struct ctl_table *table, int write, void *result, size_t *lenp, loff_t *ppos) { struct parport *port = (struct parport *)table->extra1; @@ -167,7 +167,7 @@ static int do_hardware_irq(struct ctl_table *table, int write, return 0; } -static int do_hardware_dma(struct ctl_table *table, int write, +static int do_hardware_dma(const struct ctl_table *table, int write, void *result, size_t *lenp, loff_t *ppos) { struct parport *port = (struct parport *)table->extra1; @@ -194,7 +194,7 @@ static int do_hardware_dma(struct ctl_table *table, int write, return 0; } -static int do_hardware_modes(struct ctl_table *table, int write, +static int do_hardware_modes(const struct ctl_table *table, int write, void *result, size_t *lenp, loff_t *ppos) { struct parport *port = (struct parport *)table->extra1; diff --git a/fs/coredump.c b/fs/coredump.c index 9d235fa14ab9..51283a671921 100644 --- a/fs/coredump.c +++ b/fs/coredump.c @@ -949,7 +949,7 @@ void validate_coredump_safety(void) } } -static int proc_dostring_coredump(struct ctl_table *table, int write, +static int proc_dostring_coredump(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int error = proc_dostring(table, write, buffer, lenp, ppos); diff --git a/fs/dcache.c b/fs/dcache.c index c82ae731df9a..0ea86ad6cedf 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -174,8 +174,8 @@ static long get_nr_dentry_negative(void) return sum < 0 ? 0 : sum; } -static int proc_nr_dentry(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int proc_nr_dentry(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { dentry_stat.nr_dentry = get_nr_dentry(); dentry_stat.nr_unused = get_nr_dentry_unused(); diff --git a/fs/drop_caches.c b/fs/drop_caches.c index b9575957a7c2..d45ef541d848 100644 --- a/fs/drop_caches.c +++ b/fs/drop_caches.c @@ -48,7 +48,7 @@ static void drop_pagecache_sb(struct super_block *sb, void *unused) iput(toput_inode); } -int drop_caches_sysctl_handler(struct ctl_table *table, int write, +int drop_caches_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { int ret; diff --git a/fs/exec.c b/fs/exec.c index 4aa19b24f281..e3d124206020 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -2145,8 +2145,8 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, #ifdef CONFIG_SYSCTL -static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int proc_dointvec_minmax_coredump(const struct ctl_table *table, + int write, void *buffer, size_t *lenp, loff_t *ppos) { int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos); diff --git a/fs/file_table.c b/fs/file_table.c index de4a2915bfd4..bab68d672e33 100644 --- a/fs/file_table.c +++ b/fs/file_table.c @@ -109,7 +109,7 @@ EXPORT_SYMBOL_GPL(get_max_files); /* * Handle nr_files sysctl */ -static int proc_nr_files(struct ctl_table *table, int write, void *buffer, +static int proc_nr_files(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { files_stat.nr_files = get_nr_files(); diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c index 1767493dffda..a66c9d0556dc 100644 --- a/fs/fs-writeback.c +++ b/fs/fs-writeback.c @@ -2379,7 +2379,7 @@ static int __init start_dirtytime_writeback(void) } __initcall(start_dirtytime_writeback); -int dirtytime_interval_handler(struct ctl_table *table, int write, +int dirtytime_interval_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/fs/inode.c b/fs/inode.c index f238d987dec9..76cf31ef25c8 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -106,8 +106,8 @@ long get_nr_dirty_inodes(void) */ static struct inodes_stat_t inodes_stat; -static int proc_nr_inodes(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int proc_nr_inodes(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { inodes_stat.nr_inodes = get_nr_inodes(); inodes_stat.nr_unused = get_nr_inodes_unused(); diff --git a/fs/pipe.c b/fs/pipe.c index 804a7d789452..1dc57b4a283a 100644 --- a/fs/pipe.c +++ b/fs/pipe.c @@ -1468,7 +1468,7 @@ static int do_proc_dopipe_max_size_conv(unsigned long *lvalp, return 0; } -static int proc_dopipe_max_size(struct ctl_table *table, int write, +static int proc_dopipe_max_size(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_douintvec(table, write, buffer, lenp, ppos, diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c index 58b5de081b57..d1a6511e48dc 100644 --- a/fs/quota/dquot.c +++ b/fs/quota/dquot.c @@ -2887,7 +2887,7 @@ const struct quotactl_ops dquot_quotactl_sysfile_ops = { }; EXPORT_SYMBOL(dquot_quotactl_sysfile_ops); -static int do_proc_dqstats(struct ctl_table *table, int write, +static int do_proc_dqstats(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { unsigned int type = (unsigned long *)table->data - dqstats.stat; diff --git a/fs/xfs/xfs_sysctl.c b/fs/xfs/xfs_sysctl.c index fade33735393..2c5adc88a830 100644 --- a/fs/xfs/xfs_sysctl.c +++ b/fs/xfs/xfs_sysctl.c @@ -11,7 +11,7 @@ static struct ctl_table_header *xfs_table_header; #ifdef CONFIG_PROC_FS STATIC int xfs_stats_clear_proc_handler( - struct ctl_table *ctl, + const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, @@ -31,7 +31,7 @@ xfs_stats_clear_proc_handler( STATIC int xfs_panic_mask_proc_handler( - struct ctl_table *ctl, + const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, @@ -52,7 +52,7 @@ xfs_panic_mask_proc_handler( STATIC int xfs_deprecated_dointvec_minmax( - struct ctl_table *ctl, + const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, diff --git a/include/linux/ftrace.h b/include/linux/ftrace.h index e8921871ef9a..3e10fe61c2bf 100644 --- a/include/linux/ftrace.h +++ b/include/linux/ftrace.h @@ -470,7 +470,7 @@ static inline void arch_ftrace_set_direct_caller(struct ftrace_regs *fregs, extern int stack_tracer_enabled; -int stack_trace_sysctl(struct ctl_table *table, int write, void *buffer, +int stack_trace_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); /* DO NOT MODIFY THIS VARIABLE DIRECTLY! */ @@ -1157,7 +1157,7 @@ extern int tracepoint_printk; extern void disable_trace_on_warning(void); extern int __disable_trace_on_warning; -int tracepoint_printk_sysctl(struct ctl_table *table, int write, +int tracepoint_printk_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); #else /* CONFIG_TRACING */ diff --git a/include/linux/mm.h b/include/linux/mm.h index 418d26608ece..e95efc7bdc85 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -202,11 +202,11 @@ extern int sysctl_overcommit_memory; extern int sysctl_overcommit_ratio; extern unsigned long sysctl_overcommit_kbytes; -int overcommit_ratio_handler(struct ctl_table *, int, void *, size_t *, +int overcommit_ratio_handler(const struct ctl_table *, int, void *, size_t *, loff_t *); -int overcommit_kbytes_handler(struct ctl_table *, int, void *, size_t *, +int overcommit_kbytes_handler(const struct ctl_table *, int, void *, size_t *, loff_t *); -int overcommit_policy_handler(struct ctl_table *, int, void *, size_t *, +int overcommit_policy_handler(const struct ctl_table *, int, void *, size_t *, loff_t *); #if defined(CONFIG_SPARSEMEM) && !defined(CONFIG_SPARSEMEM_VMEMMAP) @@ -3805,7 +3805,7 @@ extern bool process_shares_mm(struct task_struct *p, struct mm_struct *mm); #ifdef CONFIG_SYSCTL extern int sysctl_drop_caches; -int drop_caches_sysctl_handler(struct ctl_table *, int, void *, size_t *, +int drop_caches_sysctl_handler(const struct ctl_table *, int, void *, size_t *, loff_t *); #endif diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h index 5547ba68e6e4..a48c183cfbe0 100644 --- a/include/linux/perf_event.h +++ b/include/linux/perf_event.h @@ -1578,11 +1578,11 @@ extern int sysctl_perf_cpu_time_max_percent; extern void perf_sample_event_took(u64 sample_len_ns); -int perf_event_max_sample_rate_handler(struct ctl_table *table, int write, +int perf_event_max_sample_rate_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, +int perf_cpu_time_max_percent_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -int perf_event_max_stack_handler(struct ctl_table *table, int write, +int perf_event_max_stack_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); /* Access to perf_event_open(2) syscall. */ diff --git a/include/linux/security.h b/include/linux/security.h index 1d1df326c881..d5aca07d5e1d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -223,7 +223,7 @@ struct request_sock; #define LSM_UNSAFE_NO_NEW_PRIVS 4 #ifdef CONFIG_MMU -extern int mmap_min_addr_handler(struct ctl_table *table, int write, +extern int mmap_min_addr_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); #endif diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 56b89e5294e9..ada36ef8cecb 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -61,31 +61,31 @@ extern const int sysctl_vals[]; extern const unsigned long sysctl_long_vals[]; -typedef int proc_handler(struct ctl_table *ctl, int write, void *buffer, +typedef int proc_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -int proc_dostring(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dobool(struct ctl_table *table, int write, void *buffer, +int proc_dostring(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_dobool(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -int proc_dointvec(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_douintvec(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dointvec_minmax(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_douintvec_minmax(struct ctl_table *table, int write, void *buffer, +int proc_dointvec(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_douintvec(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_dointvec_minmax(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_douintvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -int proc_dou8vec_minmax(struct ctl_table *table, int write, void *buffer, +int proc_dou8vec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -int proc_dointvec_jiffies(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dointvec_ms_jiffies_minmax(struct ctl_table *table, int write, +int proc_dointvec_jiffies(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_dointvec_ms_jiffies_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -int proc_dointvec_userhz_jiffies(struct ctl_table *, int, void *, size_t *, +int proc_dointvec_userhz_jiffies(const struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dointvec_ms_jiffies(struct ctl_table *, int, void *, size_t *, +int proc_dointvec_ms_jiffies(const struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_doulongvec_minmax(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int, void *, +int proc_doulongvec_minmax(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_doulongvec_ms_jiffies_minmax(const struct ctl_table *table, int, void *, size_t *, loff_t *); -int proc_do_large_bitmap(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_do_static_key(struct ctl_table *table, int write, void *buffer, +int proc_do_large_bitmap(const struct ctl_table *, int, void *, size_t *, loff_t *); +int proc_do_static_key(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); /* @@ -243,7 +243,7 @@ extern struct ctl_table_header *register_sysctl_mount_point(const char *path); void do_sysctl_args(void); bool sysctl_is_alias(char *param); -int do_proc_douintvec(struct ctl_table *table, int write, +int do_proc_douintvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, int (*conv)(unsigned long *lvalp, unsigned int *valp, @@ -293,7 +293,7 @@ static inline bool sysctl_is_alias(char *param) } #endif /* CONFIG_SYSCTL */ -int sysctl_max_threads(struct ctl_table *table, int write, void *buffer, +int sysctl_max_threads(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); #endif /* _LINUX_SYSCTL_H */ diff --git a/include/linux/vmstat.h b/include/linux/vmstat.h index fed855bae6d8..267b56b7c56a 100644 --- a/include/linux/vmstat.h +++ b/include/linux/vmstat.h @@ -17,7 +17,7 @@ extern int sysctl_stat_interval; #define DISABLE_NUMA_STAT 0 extern int sysctl_vm_numa_stat; DECLARE_STATIC_KEY_TRUE(vm_numa_stat_key); -int sysctl_vm_numa_stat_handler(struct ctl_table *table, int write, +int sysctl_vm_numa_stat_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos); #endif @@ -301,8 +301,8 @@ void cpu_vm_stats_fold(int cpu); void refresh_zone_stat_thresholds(void); struct ctl_table; -int vmstat_refresh(struct ctl_table *, int write, void *buffer, size_t *lenp, - loff_t *ppos); +int vmstat_refresh(const struct ctl_table *, int write, void *buffer, + size_t *lenp, loff_t *ppos); void drain_zonestat(struct zone *zone, struct per_cpu_zonestat *); diff --git a/include/linux/writeback.h b/include/linux/writeback.h index 083387c00f0c..8dc4d16bb7c3 100644 --- a/include/linux/writeback.h +++ b/include/linux/writeback.h @@ -344,7 +344,7 @@ extern unsigned int dirty_expire_interval; extern unsigned int dirtytime_expire_interval; extern int laptop_mode; -int dirtytime_interval_handler(struct ctl_table *table, int write, +int dirtytime_interval_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); void global_dirty_limits(unsigned long *pbackground, unsigned long *pdirty); diff --git a/include/net/ndisc.h b/include/net/ndisc.h index 9bbdf6eaa942..7a533d5b1d59 100644 --- a/include/net/ndisc.h +++ b/include/net/ndisc.h @@ -486,7 +486,7 @@ void igmp6_event_report(struct sk_buff *skb); #ifdef CONFIG_SYSCTL -int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, +int ndisc_ifinfo_sysctl_change(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); #endif diff --git a/include/net/neighbour.h b/include/net/neighbour.h index 0d28172193fa..a44f262a7384 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h @@ -412,12 +412,12 @@ void *neigh_seq_start(struct seq_file *, loff_t *, struct neigh_table *, void *neigh_seq_next(struct seq_file *, void *, loff_t *); void neigh_seq_stop(struct seq_file *, void *); -int neigh_proc_dointvec(struct ctl_table *ctl, int write, +int neigh_proc_dointvec(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, +int neigh_proc_dointvec_jiffies(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write, +int neigh_proc_dointvec_ms_jiffies(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, diff --git a/include/net/netfilter/nf_hooks_lwtunnel.h b/include/net/netfilter/nf_hooks_lwtunnel.h index 52e27920f829..cef7a4eb8f97 100644 --- a/include/net/netfilter/nf_hooks_lwtunnel.h +++ b/include/net/netfilter/nf_hooks_lwtunnel.h @@ -2,6 +2,6 @@ #include #ifdef CONFIG_SYSCTL -int nf_hooks_lwtunnel_sysctl_handler(struct ctl_table *table, int write, +int nf_hooks_lwtunnel_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); #endif diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c index 55d6b9f1e508..d876f96f5992 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -16,8 +16,8 @@ #include #include "util.h" -static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int proc_ipc_dointvec_minmax_orphans(const struct ctl_table *table, + int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ipc_namespace *ns = container_of(table->data, struct ipc_namespace, shm_rmid_forced); @@ -32,7 +32,7 @@ static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int write, return err; } -static int proc_ipc_auto_msgmni(struct ctl_table *table, int write, +static int proc_ipc_auto_msgmni(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table ipc_table; @@ -47,7 +47,7 @@ static int proc_ipc_auto_msgmni(struct ctl_table *table, int write, return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos); } -static int proc_ipc_sem_dointvec(struct ctl_table *table, int write, +static int proc_ipc_sem_dointvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ipc_namespace *ns = diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 0ed286b8a0f0..f13daa0916bf 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -5652,7 +5652,7 @@ const struct bpf_prog_ops bpf_syscall_prog_ops = { }; #ifdef CONFIG_SYSCTL -static int bpf_stats_handler(struct ctl_table *table, int write, +static int bpf_stats_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct static_key *key = (struct static_key *)table->data; @@ -5687,7 +5687,7 @@ void __weak unpriv_ebpf_notify(int new_state) { } -static int bpf_unpriv_handler(struct ctl_table *table, int write, +static int bpf_unpriv_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret, unpriv_enable = *(int *)table->data; diff --git a/kernel/delayacct.c b/kernel/delayacct.c index 6f0c358e73d8..939c57c30a79 100644 --- a/kernel/delayacct.c +++ b/kernel/delayacct.c @@ -44,8 +44,8 @@ void delayacct_init(void) } #ifdef CONFIG_PROC_SYSCTL -static int sysctl_delayacct(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int sysctl_delayacct(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int state = delayacct_on; struct ctl_table t; diff --git a/kernel/events/callchain.c b/kernel/events/callchain.c index 1273be84392c..bd5699f869c3 100644 --- a/kernel/events/callchain.c +++ b/kernel/events/callchain.c @@ -229,7 +229,7 @@ get_perf_callchain(struct pt_regs *regs, u32 init_nr, bool kernel, bool user, * Used for sysctl_perf_event_max_stack and * sysctl_perf_event_max_contexts_per_stack. */ -int perf_event_max_stack_handler(struct ctl_table *table, int write, +int perf_event_max_stack_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *value = table->data; diff --git a/kernel/events/core.c b/kernel/events/core.c index b704d83a28b2..cbf0f4dfa4af 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -450,7 +450,7 @@ static void update_perf_cpu_limits(void) static bool perf_rotate_context(struct perf_cpu_pmu_context *cpc); -int perf_event_max_sample_rate_handler(struct ctl_table *table, int write, +int perf_event_max_sample_rate_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; @@ -474,7 +474,7 @@ int perf_event_max_sample_rate_handler(struct ctl_table *table, int write, int sysctl_perf_cpu_time_max_percent __read_mostly = DEFAULT_CPU_TIME_MAX_PERCENT; -int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, +int perf_cpu_time_max_percent_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); diff --git a/kernel/fork.c b/kernel/fork.c index 10917c3e1f03..ce4b220e6ae2 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -3528,7 +3528,7 @@ int unshare_files(void) return 0; } -int sysctl_max_threads(struct ctl_table *table, int write, +int sysctl_max_threads(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table t; diff --git a/kernel/hung_task.c b/kernel/hung_task.c index 9a24574988d2..b310a500b7b2 100644 --- a/kernel/hung_task.c +++ b/kernel/hung_task.c @@ -238,8 +238,8 @@ static long hung_timeout_jiffies(unsigned long last_checked, /* * Process updating of timeout sysctl */ -static int proc_dohung_task_timeout_secs(struct ctl_table *table, int write, - void *buffer, +static int proc_dohung_task_timeout_secs(const struct ctl_table *table, + int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c index be5642a4ec49..7bb9bf85f058 100644 --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -928,7 +928,7 @@ struct kimage *kexec_crash_image; static int kexec_load_disabled; #ifdef CONFIG_SYSCTL -static int kexec_limit_handler(struct ctl_table *table, int write, +static int kexec_limit_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct kexec_load_limit *limit = table->data; diff --git a/kernel/kprobes.c b/kernel/kprobes.c index d5a0ee40bf66..9e160dd23e61 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -939,7 +939,7 @@ static void unoptimize_all_kprobes(void) static DEFINE_MUTEX(kprobe_sysctl_mutex); static int sysctl_kprobes_optimization; -static int proc_kprobes_optimization_handler(struct ctl_table *table, +static int proc_kprobes_optimization_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { diff --git a/kernel/latencytop.c b/kernel/latencytop.c index 781249098cb6..e09b935b822c 100644 --- a/kernel/latencytop.c +++ b/kernel/latencytop.c @@ -65,8 +65,8 @@ static struct latency_record latency_record[MAXLR]; int latencytop_enabled; #ifdef CONFIG_SYSCTL -static int sysctl_latencytop(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int sysctl_latencytop(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int err; diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c index 3028b2218aa4..a1926cf01cfb 100644 --- a/kernel/pid_namespace.c +++ b/kernel/pid_namespace.c @@ -276,7 +276,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns) } #ifdef CONFIG_CHECKPOINT_RESTORE -static int pid_ns_ctl_handler(struct ctl_table *table, int write, +static int pid_ns_ctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct pid_namespace *pid_ns = task_active_pid_ns(current); diff --git a/kernel/pid_sysctl.h b/kernel/pid_sysctl.h index 2ee41a3a1dfd..a1b47ad10ebc 100644 --- a/kernel/pid_sysctl.h +++ b/kernel/pid_sysctl.h @@ -5,7 +5,7 @@ #include #if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE) -static int pid_mfd_noexec_dointvec_minmax(struct ctl_table *table, +static int pid_mfd_noexec_dointvec_minmax(const struct ctl_table *table, int write, void *buf, size_t *lenp, loff_t *ppos) { struct pid_namespace *ns = task_active_pid_ns(current); diff --git a/kernel/printk/internal.h b/kernel/printk/internal.h index 6c2afee5ef62..19dcc5832651 100644 --- a/kernel/printk/internal.h +++ b/kernel/printk/internal.h @@ -8,7 +8,7 @@ #if defined(CONFIG_PRINTK) && defined(CONFIG_SYSCTL) void __init printk_sysctl_init(void); -int devkmsg_sysctl_set_loglvl(struct ctl_table *table, int write, +int devkmsg_sysctl_set_loglvl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); #else #define printk_sysctl_init() do { } while (0) diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c index f2444b581e16..964f0614767b 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -197,7 +197,7 @@ __setup("printk.devkmsg=", control_devkmsg); char devkmsg_log_str[DEVKMSG_STR_MAX_SIZE] = "ratelimit"; #if defined(CONFIG_PRINTK) && defined(CONFIG_SYSCTL) -int devkmsg_sysctl_set_loglvl(struct ctl_table *table, int write, +int devkmsg_sysctl_set_loglvl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { char old_str[DEVKMSG_STR_MAX_SIZE]; diff --git a/kernel/printk/sysctl.c b/kernel/printk/sysctl.c index c228343eeb97..187b27981111 100644 --- a/kernel/printk/sysctl.c +++ b/kernel/printk/sysctl.c @@ -11,8 +11,9 @@ static const int ten_thousand = 10000; -static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int proc_dointvec_minmax_sysadmin(const struct ctl_table *table, + int write, void *buffer, size_t *lenp, + loff_t *ppos) { if (write && !capable(CAP_SYS_ADMIN)) return -EPERM; diff --git a/kernel/sched/core.c b/kernel/sched/core.c index a708d225c28e..a36419645a62 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -1813,7 +1813,7 @@ static void uclamp_sync_util_min_rt_default(void) uclamp_update_util_min_rt_default(p); } -static int sysctl_sched_uclamp_handler(struct ctl_table *table, int write, +static int sysctl_sched_uclamp_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { bool update_root_tg = false; @@ -4570,7 +4570,7 @@ static void reset_memory_tiering(void) } } -static int sysctl_numa_balancing(struct ctl_table *table, int write, +static int sysctl_numa_balancing(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table t; @@ -4639,8 +4639,8 @@ static int __init setup_schedstats(char *str) __setup("schedstats=", setup_schedstats); #ifdef CONFIG_PROC_SYSCTL -static int sysctl_schedstats(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int sysctl_schedstats(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table t; int err; diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c index 6aaf0a3d6081..a972c9601a39 100644 --- a/kernel/sched/rt.c +++ b/kernel/sched/rt.c @@ -26,9 +26,9 @@ int sysctl_sched_rt_runtime = 950000; #ifdef CONFIG_SYSCTL static int sysctl_sched_rr_timeslice = (MSEC_PER_SEC * RR_TIMESLICE) / HZ; -static int sched_rt_handler(struct ctl_table *table, int write, void *buffer, +static int sched_rt_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int sched_rr_handler(struct ctl_table *table, int write, void *buffer, +static int sched_rr_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos); static struct ctl_table sched_rt_sysctls[] = { { @@ -2962,8 +2962,8 @@ static void sched_rt_do_global(void) raw_spin_unlock_irqrestore(&def_rt_bandwidth.rt_runtime_lock, flags); } -static int sched_rt_handler(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int sched_rt_handler(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int old_period, old_runtime; static DEFINE_MUTEX(mutex); @@ -3001,8 +3001,8 @@ static int sched_rt_handler(struct ctl_table *table, int write, void *buffer, return ret; } -static int sched_rr_handler(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int sched_rr_handler(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int ret; static DEFINE_MUTEX(mutex); diff --git a/kernel/sched/topology.c b/kernel/sched/topology.c index 10d1391e7416..3e3b69314e30 100644 --- a/kernel/sched/topology.c +++ b/kernel/sched/topology.c @@ -285,7 +285,7 @@ void rebuild_sched_domains_energy(void) } #ifdef CONFIG_PROC_SYSCTL -static int sched_energy_aware_handler(struct ctl_table *table, int write, +static int sched_energy_aware_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret, state; diff --git a/kernel/seccomp.c b/kernel/seccomp.c index a23672674ff6..95aba3cf6b84 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -2413,8 +2413,8 @@ static void audit_actions_logged(u32 actions_logged, u32 old_actions_logged, return audit_seccomp_actions_logged(new, old, !ret); } -static int seccomp_actions_logged_handler(struct ctl_table *ro_table, int write, - void *buffer, size_t *lenp, +static int seccomp_actions_logged_handler(const struct ctl_table *ro_table, + int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/kernel/stackleak.c b/kernel/stackleak.c index b292e5ca0b7d..95e4a9332599 100644 --- a/kernel/stackleak.c +++ b/kernel/stackleak.c @@ -21,7 +21,7 @@ static DEFINE_STATIC_KEY_FALSE(stack_erasing_bypass); #ifdef CONFIG_SYSCTL -static int stack_erasing_sysctl(struct ctl_table *table, int write, +static int stack_erasing_sysctl(const struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { int ret = 0; diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 157f7ce2942d..d60daa4e36fc 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -205,7 +205,7 @@ static int _proc_do_string(char *data, int maxlen, int write, return 0; } -static void warn_sysctl_write(struct ctl_table *table) +static void warn_sysctl_write(const struct ctl_table *table) { pr_warn_once("%s wrote to %s when file position was not 0!\n" "This will not be supported in the future. To silence this\n" @@ -223,7 +223,7 @@ static void warn_sysctl_write(struct ctl_table *table) * handlers can ignore the return value. */ static bool proc_first_pos_non_zero_ignore(loff_t *ppos, - struct ctl_table *table) + const struct ctl_table *table) { if (!*ppos) return false; @@ -256,7 +256,7 @@ static bool proc_first_pos_non_zero_ignore(loff_t *ppos, * * Returns 0 on success. */ -int proc_dostring(struct ctl_table *table, int write, +int proc_dostring(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (write) @@ -468,7 +468,7 @@ static int do_proc_douintvec_conv(unsigned long *lvalp, static const char proc_wspace_sep[] = { ' ', '\t', '\n' }; -static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table, +static int __do_proc_dointvec(void *tbl_data, const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, int (*conv)(bool *negp, unsigned long *lvalp, int *valp, @@ -541,7 +541,7 @@ static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table, return err; } -static int do_proc_dointvec(struct ctl_table *table, int write, +static int do_proc_dointvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, int (*conv)(bool *negp, unsigned long *lvalp, int *valp, int write, void *data), @@ -552,7 +552,7 @@ static int do_proc_dointvec(struct ctl_table *table, int write, } static int do_proc_douintvec_w(unsigned int *tbl_data, - struct ctl_table *table, + const struct ctl_table *table, void *buffer, size_t *lenp, loff_t *ppos, int (*conv)(unsigned long *lvalp, @@ -639,7 +639,7 @@ static int do_proc_douintvec_r(unsigned int *tbl_data, void *buffer, return err; } -static int __do_proc_douintvec(void *tbl_data, struct ctl_table *table, +static int __do_proc_douintvec(void *tbl_data, const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, int (*conv)(unsigned long *lvalp, @@ -675,7 +675,7 @@ static int __do_proc_douintvec(void *tbl_data, struct ctl_table *table, return do_proc_douintvec_r(i, buffer, lenp, ppos, conv, data); } -int do_proc_douintvec(struct ctl_table *table, int write, +int do_proc_douintvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, int (*conv)(unsigned long *lvalp, unsigned int *valp, @@ -702,7 +702,7 @@ int do_proc_douintvec(struct ctl_table *table, int write, * * Returns 0 on success. */ -int proc_dobool(struct ctl_table *table, int write, void *buffer, +int proc_dobool(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table tmp; @@ -739,7 +739,7 @@ int proc_dobool(struct ctl_table *table, int write, void *buffer, * * Returns 0 on success. */ -int proc_dointvec(struct ctl_table *table, int write, void *buffer, +int proc_dointvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL); @@ -758,7 +758,7 @@ int proc_dointvec(struct ctl_table *table, int write, void *buffer, * * Returns 0 on success. */ -int proc_douintvec(struct ctl_table *table, int write, void *buffer, +int proc_douintvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_douintvec(table, write, buffer, lenp, ppos, @@ -769,7 +769,7 @@ int proc_douintvec(struct ctl_table *table, int write, void *buffer, * Taint values can only be increased * This means we can safely use a temporary. */ -static int proc_taint(struct ctl_table *table, int write, +static int proc_taint(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table t; @@ -864,7 +864,7 @@ static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, * * Returns 0 on success or -EINVAL on write when the range check fails. */ -int proc_dointvec_minmax(struct ctl_table *table, int write, +int proc_dointvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct do_proc_dointvec_minmax_conv_param param = { @@ -933,7 +933,7 @@ static int do_proc_douintvec_minmax_conv(unsigned long *lvalp, * * Returns 0 on success or -ERANGE on write when the range check fails. */ -int proc_douintvec_minmax(struct ctl_table *table, int write, +int proc_douintvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct do_proc_douintvec_minmax_conv_param param = { @@ -961,7 +961,7 @@ int proc_douintvec_minmax(struct ctl_table *table, int write, * * Returns 0 on success or an error on write when the range check fails. */ -int proc_dou8vec_minmax(struct ctl_table *table, int write, +int proc_dou8vec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table tmp; @@ -1004,7 +1004,7 @@ int proc_dou8vec_minmax(struct ctl_table *table, int write, EXPORT_SYMBOL_GPL(proc_dou8vec_minmax); #ifdef CONFIG_MAGIC_SYSRQ -static int sysrq_sysctl_handler(struct ctl_table *table, int write, +static int sysrq_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int tmp, ret; @@ -1023,7 +1023,7 @@ static int sysrq_sysctl_handler(struct ctl_table *table, int write, } #endif -static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, +static int __do_proc_doulongvec_minmax(void *data, const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, unsigned long convmul, unsigned long convdiv) { @@ -1096,7 +1096,7 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, return err; } -static int do_proc_doulongvec_minmax(struct ctl_table *table, int write, +static int do_proc_doulongvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos, unsigned long convmul, unsigned long convdiv) { @@ -1120,7 +1120,7 @@ static int do_proc_doulongvec_minmax(struct ctl_table *table, int write, * * Returns 0 on success. */ -int proc_doulongvec_minmax(struct ctl_table *table, int write, +int proc_doulongvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l); @@ -1143,7 +1143,7 @@ int proc_doulongvec_minmax(struct ctl_table *table, int write, * * Returns 0 on success. */ -int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, +int proc_doulongvec_ms_jiffies_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_doulongvec_minmax(table, write, buffer, @@ -1264,14 +1264,14 @@ static int do_proc_dointvec_ms_jiffies_minmax_conv(bool *negp, unsigned long *lv * * Returns 0 on success. */ -int proc_dointvec_jiffies(struct ctl_table *table, int write, +int proc_dointvec_jiffies(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_dointvec(table,write,buffer,lenp,ppos, do_proc_dointvec_jiffies_conv,NULL); } -int proc_dointvec_ms_jiffies_minmax(struct ctl_table *table, int write, +int proc_dointvec_ms_jiffies_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct do_proc_dointvec_minmax_conv_param param = { @@ -1297,7 +1297,7 @@ int proc_dointvec_ms_jiffies_minmax(struct ctl_table *table, int write, * * Returns 0 on success. */ -int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, +int proc_dointvec_userhz_jiffies(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_dointvec(table, write, buffer, lenp, ppos, @@ -1320,14 +1320,14 @@ int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, * * Returns 0 on success. */ -int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, void *buffer, +int proc_dointvec_ms_jiffies(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return do_proc_dointvec(table, write, buffer, lenp, ppos, do_proc_dointvec_ms_jiffies_conv, NULL); } -static int proc_do_cad_pid(struct ctl_table *table, int write, void *buffer, +static int proc_do_cad_pid(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct pid *new_pid; @@ -1366,7 +1366,7 @@ static int proc_do_cad_pid(struct ctl_table *table, int write, void *buffer, * * Returns 0 on success. */ -int proc_do_large_bitmap(struct ctl_table *table, int write, +int proc_do_large_bitmap(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int err = 0; @@ -1498,85 +1498,85 @@ int proc_do_large_bitmap(struct ctl_table *table, int write, #else /* CONFIG_PROC_SYSCTL */ -int proc_dostring(struct ctl_table *table, int write, +int proc_dostring(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dobool(struct ctl_table *table, int write, +int proc_dobool(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dointvec(struct ctl_table *table, int write, +int proc_dointvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_douintvec(struct ctl_table *table, int write, +int proc_douintvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dointvec_minmax(struct ctl_table *table, int write, +int proc_dointvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_douintvec_minmax(struct ctl_table *table, int write, +int proc_douintvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dou8vec_minmax(struct ctl_table *table, int write, +int proc_dou8vec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dointvec_jiffies(struct ctl_table *table, int write, +int proc_dointvec_jiffies(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dointvec_ms_jiffies_minmax(struct ctl_table *table, int write, +int proc_dointvec_ms_jiffies_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, +int proc_dointvec_userhz_jiffies(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, +int proc_dointvec_ms_jiffies(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_doulongvec_minmax(struct ctl_table *table, int write, +int proc_doulongvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, +int proc_doulongvec_ms_jiffies_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; } -int proc_do_large_bitmap(struct ctl_table *table, int write, +int proc_do_large_bitmap(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return -ENOSYS; @@ -1585,7 +1585,7 @@ int proc_do_large_bitmap(struct ctl_table *table, int write, #endif /* CONFIG_PROC_SYSCTL */ #if defined(CONFIG_SYSCTL) -int proc_do_static_key(struct ctl_table *table, int write, +int proc_do_static_key(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct static_key *key = (struct static_key *)table->data; diff --git a/kernel/time/timer.c b/kernel/time/timer.c index 63a8ce7177dd..cb8b93fec895 100644 --- a/kernel/time/timer.c +++ b/kernel/time/timer.c @@ -237,7 +237,7 @@ static void timers_update_migration(void) } #ifdef CONFIG_SYSCTL -static int timer_migration_handler(struct ctl_table *table, int write, +static int timer_migration_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 8de8bec5f366..6334a2268acf 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -8213,7 +8213,7 @@ static bool is_permanent_ops_registered(void) } static int -ftrace_enable_sysctl(struct ctl_table *table, int write, +ftrace_enable_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret = -ENODEV; diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 9aebf904ff97..380b9cb7210a 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -2972,7 +2972,7 @@ static void output_printk(struct trace_event_buffer *fbuffer) raw_spin_unlock_irqrestore(&tracepoint_iter_lock, flags); } -int tracepoint_printk_sysctl(struct ctl_table *table, int write, +int tracepoint_printk_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c index 9365ce407426..4331d3bcae61 100644 --- a/kernel/trace/trace_events_user.c +++ b/kernel/trace/trace_events_user.c @@ -2724,7 +2724,7 @@ static int create_user_tracefs(void) return -ENODEV; } -static int set_max_user_events_sysctl(struct ctl_table *table, int write, +static int set_max_user_events_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/kernel/trace/trace_stack.c b/kernel/trace/trace_stack.c index 5a48dba912ea..7f9572a37333 100644 --- a/kernel/trace/trace_stack.c +++ b/kernel/trace/trace_stack.c @@ -514,7 +514,7 @@ static const struct file_operations stack_trace_filter_fops = { #endif /* CONFIG_DYNAMIC_FTRACE */ int -stack_trace_sysctl(struct ctl_table *table, int write, void *buffer, +stack_trace_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int was_enabled; diff --git a/kernel/umh.c b/kernel/umh.c index 1b13c5d34624..112d3fea3869 100644 --- a/kernel/umh.c +++ b/kernel/umh.c @@ -495,7 +495,7 @@ int call_usermodehelper(const char *path, char **argv, char **envp, int wait) EXPORT_SYMBOL(call_usermodehelper); #if defined(CONFIG_SYSCTL) -static int proc_cap_handler(struct ctl_table *table, int write, +static int proc_cap_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table t; diff --git a/kernel/utsname_sysctl.c b/kernel/utsname_sysctl.c index 46590d4addc8..f074a92eae78 100644 --- a/kernel/utsname_sysctl.c +++ b/kernel/utsname_sysctl.c @@ -30,7 +30,7 @@ static void *get_uts(const struct ctl_table *table) * Special case of dostring for the UTS structure. This has locks * to observe. Should this be in kernel/sys.c ???? */ -static int proc_do_uts_string(struct ctl_table *table, int write, +static int proc_do_uts_string(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table uts_table; diff --git a/kernel/watchdog.c b/kernel/watchdog.c index 0fe72e89627d..4c48f543bcd2 100644 --- a/kernel/watchdog.c +++ b/kernel/watchdog.c @@ -745,8 +745,9 @@ static void proc_watchdog_update(void) * -------------------|----------------------------------|------------------------------- * proc_soft_watchdog | watchdog_softlockup_user_enabled | WATCHDOG_SOFTOCKUP_ENABLED */ -static int proc_watchdog_common(int which, struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int proc_watchdog_common(int which, const struct ctl_table *table, + int write, void *buffer, size_t *lenp, + loff_t *ppos) { int err, old, *param = table->data; @@ -772,7 +773,7 @@ static int proc_watchdog_common(int which, struct ctl_table *table, int write, /* * /proc/sys/kernel/watchdog */ -static int proc_watchdog(struct ctl_table *table, int write, +static int proc_watchdog(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return proc_watchdog_common(WATCHDOG_HARDLOCKUP_ENABLED | @@ -783,7 +784,7 @@ static int proc_watchdog(struct ctl_table *table, int write, /* * /proc/sys/kernel/nmi_watchdog */ -static int proc_nmi_watchdog(struct ctl_table *table, int write, +static int proc_nmi_watchdog(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (!watchdog_hardlockup_available && write) @@ -795,7 +796,7 @@ static int proc_nmi_watchdog(struct ctl_table *table, int write, /* * /proc/sys/kernel/soft_watchdog */ -static int proc_soft_watchdog(struct ctl_table *table, int write, +static int proc_soft_watchdog(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { return proc_watchdog_common(WATCHDOG_SOFTOCKUP_ENABLED, @@ -805,7 +806,7 @@ static int proc_soft_watchdog(struct ctl_table *table, int write, /* * /proc/sys/kernel/watchdog_thresh */ -static int proc_watchdog_thresh(struct ctl_table *table, int write, +static int proc_watchdog_thresh(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int err, old; @@ -828,7 +829,7 @@ static int proc_watchdog_thresh(struct ctl_table *table, int write, * user to specify a mask that will include cpus that have not yet * been brought online, if desired. */ -static int proc_watchdog_cpumask(struct ctl_table *table, int write, +static int proc_watchdog_cpumask(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int err; diff --git a/mm/compaction.c b/mm/compaction.c index 01ba298739dd..87fe40cc76a8 100644 --- a/mm/compaction.c +++ b/mm/compaction.c @@ -2842,8 +2842,8 @@ static void compact_nodes(void) compact_node(nid); } -static int compaction_proactiveness_sysctl_handler(struct ctl_table *table, int write, - void *buffer, size_t *length, loff_t *ppos) +static int compaction_proactiveness_sysctl_handler(const struct ctl_table *table, + int write, void *buffer, size_t *length, loff_t *ppos) { int rc, nid; @@ -2872,7 +2872,7 @@ static int compaction_proactiveness_sysctl_handler(struct ctl_table *table, int * This is the entry point for compacting all nodes via * /proc/sys/vm/compact_memory */ -static int sysctl_compaction_handler(struct ctl_table *table, int write, +static int sysctl_compaction_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { int ret; @@ -3183,7 +3183,7 @@ static int kcompactd_cpu_online(unsigned int cpu) return 0; } -static int proc_dointvec_minmax_warn_RT_change(struct ctl_table *table, +static int proc_dointvec_minmax_warn_RT_change(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret, old; diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 2df21a295359..babb70d990aa 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -4874,7 +4874,7 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, return ret; } -static int hugetlb_sysctl_handler(struct ctl_table *table, int write, +static int hugetlb_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { @@ -4883,7 +4883,7 @@ static int hugetlb_sysctl_handler(struct ctl_table *table, int write, } #ifdef CONFIG_NUMA -static int hugetlb_mempolicy_sysctl_handler(struct ctl_table *table, int write, +static int hugetlb_mempolicy_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { return hugetlb_sysctl_handler_common(true, table, write, @@ -4891,7 +4891,7 @@ static int hugetlb_mempolicy_sysctl_handler(struct ctl_table *table, int write, } #endif /* CONFIG_NUMA */ -static int hugetlb_overcommit_handler(struct ctl_table *table, int write, +static int hugetlb_overcommit_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { struct hstate *h = &default_hstate; diff --git a/mm/page-writeback.c b/mm/page-writeback.c index ee2fd6a6af40..52f28e6f7a33 100644 --- a/mm/page-writeback.c +++ b/mm/page-writeback.c @@ -493,8 +493,8 @@ bool node_dirty_ok(struct pglist_data *pgdat) } #ifdef CONFIG_SYSCTL -static int dirty_background_ratio_handler(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int dirty_background_ratio_handler(const struct ctl_table *table, + int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; @@ -504,8 +504,8 @@ static int dirty_background_ratio_handler(struct ctl_table *table, int write, return ret; } -static int dirty_background_bytes_handler(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int dirty_background_bytes_handler(const struct ctl_table *table, + int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; @@ -515,8 +515,8 @@ static int dirty_background_bytes_handler(struct ctl_table *table, int write, return ret; } -static int dirty_ratio_handler(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +static int dirty_ratio_handler(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int old_ratio = vm_dirty_ratio; int ret; @@ -529,7 +529,7 @@ static int dirty_ratio_handler(struct ctl_table *table, int write, void *buffer, return ret; } -static int dirty_bytes_handler(struct ctl_table *table, int write, +static int dirty_bytes_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { unsigned long old_bytes = vm_dirty_bytes; @@ -2132,8 +2132,8 @@ bool wb_over_bg_thresh(struct bdi_writeback *wb) /* * sysctl handler for /proc/sys/vm/dirty_writeback_centisecs */ -static int dirty_writeback_centisecs_handler(struct ctl_table *table, int write, - void *buffer, size_t *length, loff_t *ppos) +static int dirty_writeback_centisecs_handler(const struct ctl_table *table, + int write, void *buffer, size_t *length, loff_t *ppos) { unsigned int old_interval = dirty_writeback_interval; int ret; diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 733732e7e0ba..5eb29269d39e 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -4985,7 +4985,7 @@ static char numa_zonelist_order[] = "Node"; /* * sysctl handler for numa_zonelist_order */ -static int numa_zonelist_order_handler(struct ctl_table *table, int write, +static int numa_zonelist_order_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { if (write) @@ -5978,8 +5978,8 @@ postcore_initcall(init_per_zone_wmark_min) * that we can call two helper functions whenever min_free_kbytes * changes. */ -static int min_free_kbytes_sysctl_handler(struct ctl_table *table, int write, - void *buffer, size_t *length, loff_t *ppos) +static int min_free_kbytes_sysctl_handler(const struct ctl_table *table, + int write, void *buffer, size_t *length, loff_t *ppos) { int rc; @@ -5994,8 +5994,8 @@ static int min_free_kbytes_sysctl_handler(struct ctl_table *table, int write, return 0; } -static int watermark_scale_factor_sysctl_handler(struct ctl_table *table, int write, - void *buffer, size_t *length, loff_t *ppos) +static int watermark_scale_factor_sysctl_handler(const struct ctl_table *table, + int write, void *buffer, size_t *length, loff_t *ppos) { int rc; @@ -6024,8 +6024,8 @@ static void setup_min_unmapped_ratio(void) } -static int sysctl_min_unmapped_ratio_sysctl_handler(struct ctl_table *table, int write, - void *buffer, size_t *length, loff_t *ppos) +static int sysctl_min_unmapped_ratio_sysctl_handler(const struct ctl_table *table, + int write, void *buffer, size_t *length, loff_t *ppos) { int rc; @@ -6051,8 +6051,8 @@ static void setup_min_slab_ratio(void) sysctl_min_slab_ratio) / 100; } -static int sysctl_min_slab_ratio_sysctl_handler(struct ctl_table *table, int write, - void *buffer, size_t *length, loff_t *ppos) +static int sysctl_min_slab_ratio_sysctl_handler(const struct ctl_table *table, + int write, void *buffer, size_t *length, loff_t *ppos) { int rc; @@ -6075,7 +6075,7 @@ static int sysctl_min_slab_ratio_sysctl_handler(struct ctl_table *table, int wri * minimum watermarks. The lowmem reserve ratio can only make sense * if in function of the boot time zone sizes. */ -static int lowmem_reserve_ratio_sysctl_handler(struct ctl_table *table, +static int lowmem_reserve_ratio_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { int i; @@ -6096,7 +6096,7 @@ static int lowmem_reserve_ratio_sysctl_handler(struct ctl_table *table, * cpu. It is the fraction of total pages in each zone that a hot per cpu * pagelist can have before it gets flushed back to buddy allocator. */ -static int percpu_pagelist_high_fraction_sysctl_handler(struct ctl_table *table, +static int percpu_pagelist_high_fraction_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { struct zone *zone; diff --git a/mm/util.c b/mm/util.c index 744b4d7e3fae..98338ab35b68 100644 --- a/mm/util.c +++ b/mm/util.c @@ -818,8 +818,8 @@ int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT; unsigned long sysctl_user_reserve_kbytes __read_mostly = 1UL << 17; /* 128MB */ unsigned long sysctl_admin_reserve_kbytes __read_mostly = 1UL << 13; /* 8MB */ -int overcommit_ratio_handler(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +int overcommit_ratio_handler(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int ret; @@ -834,8 +834,8 @@ static void sync_overcommit_as(struct work_struct *dummy) percpu_counter_sync(&vm_committed_as); } -int overcommit_policy_handler(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +int overcommit_policy_handler(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table t; int new_policy = -1; @@ -870,8 +870,8 @@ int overcommit_policy_handler(struct ctl_table *table, int write, void *buffer, return ret; } -int overcommit_kbytes_handler(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +int overcommit_kbytes_handler(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/mm/vmstat.c b/mm/vmstat.c index 359460deb377..a65316426012 100644 --- a/mm/vmstat.c +++ b/mm/vmstat.c @@ -74,7 +74,7 @@ static void invalid_numa_statistics(void) static DEFINE_MUTEX(vm_numa_stat_lock); -int sysctl_vm_numa_stat_handler(struct ctl_table *table, int write, +int sysctl_vm_numa_stat_handler(const struct ctl_table *table, int write, void *buffer, size_t *length, loff_t *ppos) { int ret, oldval; @@ -1883,7 +1883,7 @@ static void refresh_vm_stats(struct work_struct *work) refresh_cpu_vm_stats(true); } -int vmstat_refresh(struct ctl_table *table, int write, +int vmstat_refresh(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { long val; diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c index 74056b563b95..c284bd9c2d7a 100644 --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -1048,7 +1048,7 @@ int br_nf_hook_thresh(unsigned int hook, struct net *net, #ifdef CONFIG_SYSCTL static -int brnf_sysctl_call_tables(struct ctl_table *ctl, int write, +int brnf_sysctl_call_tables(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/net/core/neighbour.c b/net/core/neighbour.c index df81c1f0a570..8d13979c0c38 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -3531,7 +3531,7 @@ EXPORT_SYMBOL(neigh_app_ns); #ifdef CONFIG_SYSCTL static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN); -static int proc_unres_qlen(struct ctl_table *ctl, int write, +static int proc_unres_qlen(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int size, ret; @@ -3566,7 +3566,7 @@ static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p, rcu_read_unlock(); } -static void neigh_proc_update(struct ctl_table *ctl, int write) +static void neigh_proc_update(const struct ctl_table *ctl, int write) { struct net_device *dev = ctl->extra1; struct neigh_parms *p = ctl->extra2; @@ -3583,9 +3583,9 @@ static void neigh_proc_update(struct ctl_table *ctl, int write) neigh_copy_dflt_parms(net, p, index); } -static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, - void *buffer, size_t *lenp, - loff_t *ppos) +static int neigh_proc_dointvec_zero_intmax(const struct ctl_table *ctl, + int write, void *buffer, + size_t *lenp, loff_t *ppos) { struct ctl_table tmp = *ctl; int ret; @@ -3598,7 +3598,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, return ret; } -static int neigh_proc_dointvec_ms_jiffies_positive(struct ctl_table *ctl, int write, +static int neigh_proc_dointvec_ms_jiffies_positive(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table tmp = *ctl; @@ -3614,7 +3614,7 @@ static int neigh_proc_dointvec_ms_jiffies_positive(struct ctl_table *ctl, int wr return ret; } -int neigh_proc_dointvec(struct ctl_table *ctl, int write, void *buffer, +int neigh_proc_dointvec(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); @@ -3624,7 +3624,7 @@ int neigh_proc_dointvec(struct ctl_table *ctl, int write, void *buffer, } EXPORT_SYMBOL(neigh_proc_dointvec); -int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, void *buffer, +int neigh_proc_dointvec_jiffies(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); @@ -3634,7 +3634,7 @@ int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, void *buffer, } EXPORT_SYMBOL(neigh_proc_dointvec_jiffies); -static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write, +static int neigh_proc_dointvec_userhz_jiffies(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -3644,7 +3644,7 @@ static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write, return ret; } -int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write, +int neigh_proc_dointvec_ms_jiffies(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); @@ -3654,7 +3654,7 @@ int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write, } EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies); -static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write, +static int neigh_proc_dointvec_unres_qlen(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -3664,7 +3664,7 @@ static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write, return ret; } -static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write, +static int neigh_proc_base_reachable_time(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index 08a01b31be99..b5093796f196 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -91,7 +91,7 @@ static struct cpumask *rps_default_mask_cow_alloc(struct net *net) return rps_default_mask; } -static int rps_default_mask_sysctl(struct ctl_table *table, int write, +static int rps_default_mask_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = (struct net *)table->data; @@ -122,7 +122,7 @@ static int rps_default_mask_sysctl(struct ctl_table *table, int write, return err; } -static int rps_sock_flow_sysctl(struct ctl_table *table, int write, +static int rps_sock_flow_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { unsigned int orig_size, size; @@ -191,7 +191,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write, #ifdef CONFIG_NET_FLOW_LIMIT static DEFINE_MUTEX(flow_limit_update_mutex); -static int flow_limit_cpu_sysctl(struct ctl_table *table, int write, +static int flow_limit_cpu_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct sd_flow_limit *cur; @@ -248,7 +248,7 @@ static int flow_limit_cpu_sysctl(struct ctl_table *table, int write, return ret; } -static int flow_limit_table_len_sysctl(struct ctl_table *table, int write, +static int flow_limit_table_len_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { unsigned int old, *ptr; @@ -270,7 +270,7 @@ static int flow_limit_table_len_sysctl(struct ctl_table *table, int write, #endif /* CONFIG_NET_FLOW_LIMIT */ #ifdef CONFIG_NET_SCHED -static int set_default_qdisc(struct ctl_table *table, int write, +static int set_default_qdisc(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { char id[IFNAMSIZ]; @@ -289,7 +289,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, } #endif -static int proc_do_dev_weight(struct ctl_table *table, int write, +static int proc_do_dev_weight(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { static DEFINE_MUTEX(dev_weight_mutex); @@ -307,7 +307,7 @@ static int proc_do_dev_weight(struct ctl_table *table, int write, return ret; } -static int proc_do_rss_key(struct ctl_table *table, int write, +static int proc_do_rss_key(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table fake_table; @@ -320,7 +320,7 @@ static int proc_do_rss_key(struct ctl_table *table, int write, } #ifdef CONFIG_BPF_JIT -static int proc_dointvec_minmax_bpf_enable(struct ctl_table *table, int write, +static int proc_dointvec_minmax_bpf_enable(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -353,7 +353,7 @@ static int proc_dointvec_minmax_bpf_enable(struct ctl_table *table, int write, # ifdef CONFIG_HAVE_EBPF_JIT static int -proc_dointvec_minmax_bpf_restricted(struct ctl_table *table, int write, +proc_dointvec_minmax_bpf_restricted(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (!capable(CAP_SYS_ADMIN)) @@ -364,7 +364,7 @@ proc_dointvec_minmax_bpf_restricted(struct ctl_table *table, int write, # endif /* CONFIG_HAVE_EBPF_JIT */ static int -proc_dolongvec_minmax_bpf_restricted(struct ctl_table *table, int write, +proc_dolongvec_minmax_bpf_restricted(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (!capable(CAP_SYS_ADMIN)) diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index f8a56fe95801..bf53518cfef8 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -2395,7 +2395,7 @@ static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf) } } -static int devinet_conf_proc(struct ctl_table *ctl, int write, +static int devinet_conf_proc(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int old_value = *(int *)ctl->data; @@ -2447,7 +2447,7 @@ static int devinet_conf_proc(struct ctl_table *ctl, int write, return ret; } -static int devinet_sysctl_forward(struct ctl_table *ctl, int write, +static int devinet_sysctl_forward(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = ctl->data; @@ -2494,7 +2494,7 @@ static int devinet_sysctl_forward(struct ctl_table *ctl, int write, return ret; } -static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, +static int ipv4_doint_and_flush(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = ctl->data; diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 7c7884110a58..adabe2aa3d8b 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -3408,7 +3408,7 @@ static int ip_rt_gc_min_interval __read_mostly = HZ / 2; static int ip_rt_gc_elasticity __read_mostly = 8; static int ip_min_valid_pmtu __read_mostly = IPV4_MIN_MTU; -static int ipv4_sysctl_rtcache_flush(struct ctl_table *__ctl, int write, +static int ipv4_sysctl_rtcache_flush(const struct ctl_table *__ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = (struct net *)__ctl->extra1; diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 599244f9ad65..eef0082233e1 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -65,7 +65,7 @@ static void set_local_port_range(struct net *net, int range[2]) } /* Validate changes from /proc interface. */ -static int ipv4_local_port_range(struct ctl_table *table, int write, +static int ipv4_local_port_range(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = @@ -100,7 +100,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write, } /* Validate changes from /proc interface. */ -static int ipv4_privileged_ports(struct ctl_table *table, int write, +static int ipv4_privileged_ports(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = container_of(table->data, struct net, @@ -134,7 +134,8 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write, return ret; } -static void inet_get_ping_group_range_table(struct ctl_table *table, kgid_t *low, kgid_t *high) +static void inet_get_ping_group_range_table(const struct ctl_table *table, kgid_t *low, + kgid_t *high) { kgid_t *data = table->data; struct net *net = @@ -149,7 +150,7 @@ static void inet_get_ping_group_range_table(struct ctl_table *table, kgid_t *low } /* Update system visible IP port range */ -static void set_ping_group_range(struct ctl_table *table, kgid_t low, kgid_t high) +static void set_ping_group_range(const struct ctl_table *table, kgid_t low, kgid_t high) { kgid_t *data = table->data; struct net *net = @@ -161,7 +162,7 @@ static void set_ping_group_range(struct ctl_table *table, kgid_t low, kgid_t hig } /* Validate changes from /proc interface. */ -static int ipv4_ping_group_range(struct ctl_table *table, int write, +static int ipv4_ping_group_range(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct user_namespace *user_ns = current_user_ns(); @@ -196,7 +197,7 @@ static int ipv4_ping_group_range(struct ctl_table *table, int write, return ret; } -static int ipv4_fwd_update_priority(struct ctl_table *table, int write, +static int ipv4_fwd_update_priority(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net; @@ -212,7 +213,7 @@ static int ipv4_fwd_update_priority(struct ctl_table *table, int write, return ret; } -static int proc_tcp_congestion_control(struct ctl_table *ctl, int write, +static int proc_tcp_congestion_control(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = container_of(ctl->data, struct net, @@ -232,7 +233,7 @@ static int proc_tcp_congestion_control(struct ctl_table *ctl, int write, return ret; } -static int proc_tcp_available_congestion_control(struct ctl_table *ctl, +static int proc_tcp_available_congestion_control(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -248,7 +249,7 @@ static int proc_tcp_available_congestion_control(struct ctl_table *ctl, return ret; } -static int proc_allowed_congestion_control(struct ctl_table *ctl, +static int proc_allowed_congestion_control(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -285,7 +286,7 @@ static int sscanf_key(char *buf, __le32 *key) return ret; } -static int proc_tcp_fastopen_key(struct ctl_table *table, int write, +static int proc_tcp_fastopen_key(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = container_of(table->data, struct net, @@ -356,7 +357,7 @@ static int proc_tcp_fastopen_key(struct ctl_table *table, int write, return ret; } -static int proc_tfo_blackhole_detect_timeout(struct ctl_table *table, +static int proc_tfo_blackhole_detect_timeout(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -371,7 +372,7 @@ static int proc_tfo_blackhole_detect_timeout(struct ctl_table *table, return ret; } -static int proc_tcp_available_ulp(struct ctl_table *ctl, +static int proc_tcp_available_ulp(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -388,7 +389,7 @@ static int proc_tcp_available_ulp(struct ctl_table *ctl, return ret; } -static int proc_tcp_ehash_entries(struct ctl_table *table, int write, +static int proc_tcp_ehash_entries(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = container_of(table->data, struct net, @@ -412,7 +413,7 @@ static int proc_tcp_ehash_entries(struct ctl_table *table, int write, return proc_dointvec(&tbl, write, buffer, lenp, ppos); } -static int proc_udp_hash_entries(struct ctl_table *table, int write, +static int proc_udp_hash_entries(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = container_of(table->data, struct net, @@ -436,7 +437,7 @@ static int proc_udp_hash_entries(struct ctl_table *table, int write, } #ifdef CONFIG_IP_ROUTE_MULTIPATH -static int proc_fib_multipath_hash_policy(struct ctl_table *table, int write, +static int proc_fib_multipath_hash_policy(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -451,7 +452,7 @@ static int proc_fib_multipath_hash_policy(struct ctl_table *table, int write, return ret; } -static int proc_fib_multipath_hash_fields(struct ctl_table *table, int write, +static int proc_fib_multipath_hash_fields(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index aa5654d29334..6732ee1bb901 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -859,7 +859,7 @@ static void addrconf_forward_change(struct net *net, __s32 newf) } } -static int addrconf_fixup_forwarding(struct ctl_table *table, int *p, int newf) +static int addrconf_fixup_forwarding(const struct ctl_table *table, int *p, int newf) { struct net *net; int old; @@ -927,7 +927,7 @@ static void addrconf_linkdown_change(struct net *net, __s32 newf) } } -static int addrconf_fixup_linkdown(struct ctl_table *table, int *p, int newf) +static int addrconf_fixup_linkdown(const struct ctl_table *table, int *p, int newf) { struct net *net; int old; @@ -6258,7 +6258,7 @@ static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) #ifdef CONFIG_SYSCTL -static int addrconf_sysctl_forward(struct ctl_table *ctl, int write, +static int addrconf_sysctl_forward(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = ctl->data; @@ -6283,7 +6283,7 @@ static int addrconf_sysctl_forward(struct ctl_table *ctl, int write, return ret; } -static int addrconf_sysctl_mtu(struct ctl_table *ctl, int write, +static int addrconf_sysctl_mtu(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct inet6_dev *idev = ctl->extra1; @@ -6327,7 +6327,7 @@ static void addrconf_disable_change(struct net *net, __s32 newf) } } -static int addrconf_disable_ipv6(struct ctl_table *table, int *p, int newf) +static int addrconf_disable_ipv6(const struct ctl_table *table, int *p, int newf) { struct net *net; int old; @@ -6354,7 +6354,7 @@ static int addrconf_disable_ipv6(struct ctl_table *table, int *p, int newf) return 0; } -static int addrconf_sysctl_disable(struct ctl_table *ctl, int write, +static int addrconf_sysctl_disable(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = ctl->data; @@ -6379,7 +6379,7 @@ static int addrconf_sysctl_disable(struct ctl_table *ctl, int write, return ret; } -static int addrconf_sysctl_proxy_ndp(struct ctl_table *ctl, int write, +static int addrconf_sysctl_proxy_ndp(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = ctl->data; @@ -6420,7 +6420,7 @@ static int addrconf_sysctl_proxy_ndp(struct ctl_table *ctl, int write, return ret; } -static int addrconf_sysctl_addr_gen_mode(struct ctl_table *ctl, int write, +static int addrconf_sysctl_addr_gen_mode(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -6482,7 +6482,7 @@ static int addrconf_sysctl_addr_gen_mode(struct ctl_table *ctl, int write, return ret; } -static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write, +static int addrconf_sysctl_stable_secret(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -6549,7 +6549,7 @@ static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write, } static -int addrconf_sysctl_ignore_routes_with_linkdown(struct ctl_table *ctl, +int addrconf_sysctl_ignore_routes_with_linkdown(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) @@ -6617,7 +6617,7 @@ void addrconf_disable_policy_idev(struct inet6_dev *idev, int val) } static -int addrconf_disable_policy(struct ctl_table *ctl, int *valp, int val) +int addrconf_disable_policy(const struct ctl_table *ctl, int *valp, int val) { struct inet6_dev *idev; struct net *net; @@ -6650,8 +6650,9 @@ int addrconf_disable_policy(struct ctl_table *ctl, int *valp, int val) return 0; } -static int addrconf_sysctl_disable_policy(struct ctl_table *ctl, int write, - void *buffer, size_t *lenp, loff_t *ppos) +static int addrconf_sysctl_disable_policy(const struct ctl_table *ctl, + int write, void *buffer, size_t *lenp, + loff_t *ppos) { int *valp = ctl->data; int val = *valp; diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index a19999b30bc0..e423b4fe0836 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c @@ -1922,7 +1922,7 @@ static struct notifier_block ndisc_netdev_notifier = { }; #ifdef CONFIG_SYSCTL -static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl, +static void ndisc_warn_deprecated_sysctl(const struct ctl_table *ctl, const char *func, const char *dev_name) { static char warncomm[TASK_COMM_LEN]; @@ -1937,7 +1937,7 @@ static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl, } } -int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void *buffer, +int ndisc_ifinfo_sysctl_change(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net_device *dev = ctl->extra1; diff --git a/net/ipv6/route.c b/net/ipv6/route.c index b132feae3393..a318fba122b3 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -6325,7 +6325,7 @@ static int rt6_stats_seq_show(struct seq_file *seq, void *v) #ifdef CONFIG_SYSCTL -static int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write, +static int ipv6_sysctl_rtcache_flush(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net; diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c index 75de55f907b0..e5a4cbc3e8c3 100644 --- a/net/ipv6/sysctl_net_ipv6.c +++ b/net/ipv6/sysctl_net_ipv6.c @@ -30,7 +30,7 @@ static u32 rt6_multipath_hash_fields_all_mask = static u32 ioam6_id_max = IOAM6_DEFAULT_ID; static u64 ioam6_id_wide_max = IOAM6_DEFAULT_ID_WIDE; -static int proc_rt6_multipath_hash_policy(struct ctl_table *table, int write, +static int proc_rt6_multipath_hash_policy(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net; @@ -46,7 +46,7 @@ static int proc_rt6_multipath_hash_policy(struct ctl_table *table, int write, } static int -proc_rt6_multipath_hash_fields(struct ctl_table *table, int write, void *buffer, +proc_rt6_multipath_hash_fields(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net; diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c index 832b63bb5646..c107de0b4e49 100644 --- a/net/mpls/af_mpls.c +++ b/net/mpls/af_mpls.c @@ -1363,7 +1363,7 @@ static int mpls_netconf_dump_devconf(struct sk_buff *skb, #define MPLS_PERDEV_SYSCTL_OFFSET(field) \ (&((struct mpls_dev *)0)->field) -static int mpls_conf_proc(struct ctl_table *ctl, int write, +static int mpls_conf_proc(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { int oval = *(int *)ctl->data; @@ -2615,7 +2615,7 @@ static int resize_platform_label_table(struct net *net, size_t limit) return -ENOMEM; } -static int mpls_platform_labels(struct ctl_table *table, int write, +static int mpls_platform_labels(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = table->data; diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 143a341bbc0a..8b7720925699 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -1846,7 +1846,7 @@ static int ip_vs_zero_all(struct netns_ipvs *ipvs) #ifdef CONFIG_SYSCTL static int -proc_do_defense_mode(struct ctl_table *table, int write, +proc_do_defense_mode(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct netns_ipvs *ipvs = table->extra2; @@ -1873,7 +1873,7 @@ proc_do_defense_mode(struct ctl_table *table, int write, } static int -proc_do_sync_threshold(struct ctl_table *table, int write, +proc_do_sync_threshold(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct netns_ipvs *ipvs = table->extra2; @@ -1901,7 +1901,7 @@ proc_do_sync_threshold(struct ctl_table *table, int write, } static int -proc_do_sync_ports(struct ctl_table *table, int write, +proc_do_sync_ports(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int *valp = table->data; @@ -1924,7 +1924,7 @@ proc_do_sync_ports(struct ctl_table *table, int write, return rc; } -static int ipvs_proc_est_cpumask_set(struct ctl_table *table, void *buffer) +static int ipvs_proc_est_cpumask_set(const struct ctl_table *table, void *buffer) { struct netns_ipvs *ipvs = table->extra2; cpumask_var_t *valp = table->data; @@ -1962,7 +1962,7 @@ static int ipvs_proc_est_cpumask_set(struct ctl_table *table, void *buffer) return ret; } -static int ipvs_proc_est_cpumask_get(struct ctl_table *table, void *buffer, +static int ipvs_proc_est_cpumask_get(const struct ctl_table *table, void *buffer, size_t size) { struct netns_ipvs *ipvs = table->extra2; @@ -1983,7 +1983,7 @@ static int ipvs_proc_est_cpumask_get(struct ctl_table *table, void *buffer, return ret; } -static int ipvs_proc_est_cpulist(struct ctl_table *table, int write, +static int ipvs_proc_est_cpulist(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; @@ -2010,7 +2010,7 @@ static int ipvs_proc_est_cpulist(struct ctl_table *table, int write, return ret; } -static int ipvs_proc_est_nice(struct ctl_table *table, int write, +static int ipvs_proc_est_nice(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct netns_ipvs *ipvs = table->extra2; @@ -2040,7 +2040,7 @@ static int ipvs_proc_est_nice(struct ctl_table *table, int write, return ret; } -static int ipvs_proc_run_estimation(struct ctl_table *table, int write, +static int ipvs_proc_run_estimation(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct netns_ipvs *ipvs = table->extra2; diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index bb9dea676ec1..3d5284639ca8 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -527,7 +527,7 @@ EXPORT_SYMBOL_GPL(nf_conntrack_count); static unsigned int nf_conntrack_htable_size_user __read_mostly; static int -nf_conntrack_hash_sysctl(struct ctl_table *table, int write, +nf_conntrack_hash_sysctl(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/net/netfilter/nf_hooks_lwtunnel.c b/net/netfilter/nf_hooks_lwtunnel.c index 00e89ffd78f6..3d237f9cc8ee 100644 --- a/net/netfilter/nf_hooks_lwtunnel.c +++ b/net/netfilter/nf_hooks_lwtunnel.c @@ -25,7 +25,7 @@ static inline int nf_hooks_lwtunnel_set(int enable) } #ifdef CONFIG_SYSCTL -int nf_hooks_lwtunnel_sysctl_handler(struct ctl_table *table, int write, +int nf_hooks_lwtunnel_sysctl_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int proc_nf_hooks_lwtunnel_enabled = 0; diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 2e897a9f0689..9432a6c6c140 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c @@ -403,7 +403,7 @@ static struct ctl_table nf_log_sysctl_ftable[] = { { } }; -static int nf_log_proc_dostring(struct ctl_table *table, int write, +static int nf_log_proc_dostring(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { const struct nf_logger *logger; diff --git a/net/phonet/sysctl.c b/net/phonet/sysctl.c index 0d0bf41381c2..e59d16e67376 100644 --- a/net/phonet/sysctl.c +++ b/net/phonet/sysctl.c @@ -48,7 +48,7 @@ void phonet_get_local_port_range(int *min, int *max) } while (read_seqretry(&local_port_range_lock, seq)); } -static int proc_local_port_range(struct ctl_table *table, int write, +static int proc_local_port_range(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/net/rds/tcp.c b/net/rds/tcp.c index 2dba7505b414..d23ea8c11902 100644 --- a/net/rds/tcp.c +++ b/net/rds/tcp.c @@ -61,7 +61,7 @@ static atomic_t rds_tcp_unloading = ATOMIC_INIT(0); static struct kmem_cache *rds_tcp_conn_slab; -static int rds_tcp_skbuf_handler(struct ctl_table *ctl, int write, +static int rds_tcp_skbuf_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *fpos); static int rds_tcp_min_sndbuf = SOCK_MIN_SNDBUF; @@ -683,7 +683,7 @@ static void rds_tcp_sysctl_reset(struct net *net) spin_unlock_irq(&rds_tcp_conn_lock); } -static int rds_tcp_skbuf_handler(struct ctl_table *ctl, int write, +static int rds_tcp_skbuf_handler(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *fpos) { struct net *net = current->nsproxy->net_ns; diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c index 25bdf17c7262..8317421d1b83 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c @@ -43,19 +43,19 @@ static unsigned long max_autoclose_max = (MAX_SCHEDULE_TIMEOUT / HZ > UINT_MAX) ? UINT_MAX : MAX_SCHEDULE_TIMEOUT / HZ; -static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, +static int proc_sctp_do_hmac_alg(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, +static int proc_sctp_do_rto_min(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, void *buffer, +static int proc_sctp_do_rto_max(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, void *buffer, +static int proc_sctp_do_udp_port(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int proc_sctp_do_alpha_beta(struct ctl_table *ctl, int write, +static int proc_sctp_do_alpha_beta(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int proc_sctp_do_auth(struct ctl_table *ctl, int write, +static int proc_sctp_do_auth(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); -static int proc_sctp_do_probe_interval(struct ctl_table *ctl, int write, +static int proc_sctp_do_probe_interval(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); static struct ctl_table sctp_table[] = { @@ -388,7 +388,7 @@ static struct ctl_table sctp_net_table[] = { { /* sentinel */ } }; -static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, +static int proc_sctp_do_hmac_alg(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -433,7 +433,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, return ret; } -static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, +static int proc_sctp_do_rto_min(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -461,7 +461,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, return ret; } -static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, +static int proc_sctp_do_rto_max(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -489,7 +489,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, return ret; } -static int proc_sctp_do_alpha_beta(struct ctl_table *ctl, int write, +static int proc_sctp_do_alpha_beta(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (write) @@ -499,7 +499,7 @@ static int proc_sctp_do_alpha_beta(struct ctl_table *ctl, int write, return proc_dointvec_minmax(ctl, write, buffer, lenp, ppos); } -static int proc_sctp_do_auth(struct ctl_table *ctl, int write, +static int proc_sctp_do_auth(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -528,7 +528,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, return ret; } -static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, +static int proc_sctp_do_udp_port(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -569,7 +569,7 @@ static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, return ret; } -static int proc_sctp_do_probe_interval(struct ctl_table *ctl, int write, +static int proc_sctp_do_probe_interval(const struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; diff --git a/net/sunrpc/sysctl.c b/net/sunrpc/sysctl.c index 93941ab12549..672067efacef 100644 --- a/net/sunrpc/sysctl.c +++ b/net/sunrpc/sysctl.c @@ -40,7 +40,7 @@ EXPORT_SYMBOL_GPL(nlm_debug); #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) -static int proc_do_xprt(struct ctl_table *table, int write, +static int proc_do_xprt(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { char tmpbuf[256]; @@ -62,8 +62,8 @@ static int proc_do_xprt(struct ctl_table *table, int write, } static int -proc_dodebug(struct ctl_table *table, int write, void *buffer, size_t *lenp, - loff_t *ppos) +proc_dodebug(const struct ctl_table *table, int write, void *buffer, + size_t *lenp, loff_t *ppos) { char tmpbuf[20], *s = NULL; char *p; diff --git a/net/sunrpc/xprtrdma/svc_rdma.c b/net/sunrpc/xprtrdma/svc_rdma.c index f0d5eeed4c88..fb1d5432080e 100644 --- a/net/sunrpc/xprtrdma/svc_rdma.c +++ b/net/sunrpc/xprtrdma/svc_rdma.c @@ -74,7 +74,7 @@ enum { SVCRDMA_COUNTER_BUFSIZ = sizeof(unsigned long long), }; -static int svcrdma_counter_handler(struct ctl_table *table, int write, +static int svcrdma_counter_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct percpu_counter *stat = (struct percpu_counter *)table->data; diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 4981bdf02993..2828aadcd732 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1980,7 +1980,7 @@ static int __init alloc_buffers(void) } #ifdef CONFIG_SYSCTL -static int apparmor_dointvec(struct ctl_table *table, int write, +static int apparmor_dointvec(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { if (!aa_current_policy_admin_capable(NULL)) diff --git a/security/min_addr.c b/security/min_addr.c index 88c9a6a21f47..0ce267c041ab 100644 --- a/security/min_addr.c +++ b/security/min_addr.c @@ -29,7 +29,7 @@ static void update_mmap_min_addr(void) * sysctl handler which just sets dac_mmap_min_addr = the new value and then * calls update_mmap_min_addr() so non MAP_FIXED hints get rounded properly */ -int mmap_min_addr_handler(struct ctl_table *table, int write, +int mmap_min_addr_handler(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { int ret; diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 2503cf153d4a..9cb8e7cded56 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -429,7 +429,7 @@ static struct security_hook_list yama_hooks[] __ro_after_init = { }; #ifdef CONFIG_SYSCTL -static int yama_dointvec_minmax(struct ctl_table *table, int write, +static int yama_dointvec_minmax(const struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { struct ctl_table table_copy; From patchwork Mon Dec 4 07:52:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477859 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="hfVmBXDq" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B27771B1; Sun, 3 Dec 2023 23:52:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=qsEBHDax+s7znxB3EesnA+Cx/J6JWc+CwYaqV7C/mz4=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=hfVmBXDqoE2YJJldVofqpz/WfcE44RA5hrjOLjKrsSgg8+Vqz84+o+k8l9htgRRuh GNgCzJ2F8uqa8XxJuyz10kUjmac79RpTKqgK2TP3AAPjAx7N0rDGu3MpOebqHilblI e96AYqMrxRiH3i0WeQj0kc2hdK4B6hopDMqYiW6c= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:26 +0100 Subject: [PATCH v2 13/18] sysctl: move sysctl type to ctl_table_header Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-13-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=3565; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=qsEBHDax+s7znxB3EesnA+Cx/J6JWc+CwYaqV7C/mz4=; b=tMIii9ffAADr2UzePskIfAqvkha4rSZzcbOgaBFMjvqiqSSnOcNxY/LJgEC+njVgyCMiCAdq9 SW3QXP7NxdDA0aQiXdPhxD49iCJoOupbeLO1zlHRwAauVfNse8Y++Ct X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= In a future commit the sysctl core will only use "const struct ctl_table". As a preparation for that move this mutable field from "struct ctl_table" to "struct ctl_table_header". This is also more correct in general as this is in fact a property of the header and not the table itself. Signed-off-by: Thomas Weißschuh --- fs/proc/proc_sysctl.c | 11 ++++++----- include/linux/sysctl.h | 22 +++++++++++----------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 689a30196d0c..a398cc77637f 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -31,7 +31,7 @@ static const struct inode_operations proc_sys_dir_operations; /* Support for permanently empty directories */ static struct ctl_table sysctl_mount_point[] = { - {.type = SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY } + { } }; /** @@ -49,11 +49,11 @@ struct ctl_table_header *register_sysctl_mount_point(const char *path) EXPORT_SYMBOL(register_sysctl_mount_point); #define sysctl_is_perm_empty_ctl_header(hptr) \ - (hptr->ctl_table[0].type == SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) + (hptr->type == SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) #define sysctl_set_perm_empty_ctl_header(hptr) \ - (hptr->ctl_table[0].type = SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) + (hptr->type = SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) #define sysctl_clear_perm_empty_ctl_header(hptr) \ - (hptr->ctl_table[0].type = SYSCTL_TABLE_TYPE_DEFAULT) + (hptr->type = SYSCTL_TABLE_TYPE_DEFAULT) void proc_sys_poll_notify(struct ctl_table_poll *poll) { @@ -231,7 +231,8 @@ static int insert_header(struct ctl_dir *dir, struct ctl_table_header *header) return -EROFS; /* Am I creating a permanently empty directory? */ - if (sysctl_is_perm_empty_ctl_header(header)) { + if (header->ctl_table == sysctl_mount_point || + sysctl_is_perm_empty_ctl_header(header)) { if (!RB_EMPTY_ROOT(&dir->root)) return -EINVAL; sysctl_set_perm_empty_ctl_header(dir_h); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index ada36ef8cecb..061ea65104be 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -137,17 +137,6 @@ struct ctl_table { void *data; int maxlen; umode_t mode; - /** - * enum type - Enumeration to differentiate between ctl target types - * @SYSCTL_TABLE_TYPE_DEFAULT: ctl target with no special considerations - * @SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY: Used to identify a permanently - * empty directory target to serve - * as mount point. - */ - enum { - SYSCTL_TABLE_TYPE_DEFAULT, - SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY - } type; proc_handler *proc_handler; /* Callback for text formatting */ struct ctl_table_poll *poll; void *extra1; @@ -188,6 +177,17 @@ struct ctl_table_header { struct ctl_dir *parent; struct ctl_node *node; struct hlist_head inodes; /* head for proc_inode->sysctl_inodes */ + /** + * enum type - Enumeration to differentiate between ctl target types + * @SYSCTL_TABLE_TYPE_DEFAULT: ctl target with no special considerations + * @SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY: Used to identify a permanently + * empty directory target to serve + * as mount point. + */ + enum { + SYSCTL_TABLE_TYPE_DEFAULT, + SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY + } type; }; struct ctl_dir { From patchwork Mon Dec 4 07:52:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477864 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="jvhWRH89" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35CC7D40; Sun, 3 Dec 2023 23:52:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=9nBMacsanlhzZJASTxZhPJi991jsWkTabtKO81fhipo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=jvhWRH89Ic9vDUHTzSt8Uh+iGp7YizRcPKiVw81WlZX1yZnc/R2JZUORrhSjYpzeo DRxt93ZsBTvHlu/kMmI4oH4Yh317qatN1y4rxBg696Q5SkxftQrOMSY3ez1kgHUF4T Boi8nAL7vzG5r+kw9udhZbdDALc2GjNei+vbt+bU= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:27 +0100 Subject: [PATCH v2 14/18] sysctl: move internal interfaces to const struct ctl_table Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-14-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=13639; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=9nBMacsanlhzZJASTxZhPJi991jsWkTabtKO81fhipo=; b=d9aQrvd48wyO+t/Vy/qlJHL1hqbyG3yItKw5Tjbj44p8a6JshvGWXkVDo+4pPt8ZadWp4E9TJ 8AIbS1RDcJ1ADppPe9iRU6AOt5P7CSzSZEz0Tu8nAC3q4oJ5YZ0Hb5Q X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= As a preparation to make all the sysctl code work with const struct ctl_table switch over the internal function to use the const variant. Signed-off-by: Thomas Weißschuh --- fs/proc/internal.h | 2 +- fs/proc/proc_sysctl.c | 81 +++++++++++++++++++++++++------------------------- include/linux/sysctl.h | 2 +- 3 files changed, 43 insertions(+), 42 deletions(-) diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9a8f32f21ff5..36d6bf581688 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -101,7 +101,7 @@ struct proc_inode { union proc_op op; struct proc_dir_entry *pde; struct ctl_table_header *sysctl; - struct ctl_table *sysctl_entry; + const struct ctl_table *sysctl_entry; struct hlist_node sibling_inodes; const struct proc_ns_operations *ns_ops; struct inode vfs_inode; diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index a398cc77637f..e7fd1680d479 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -86,7 +86,7 @@ static DEFINE_SPINLOCK(sysctl_lock); static void drop_sysctl_table(struct ctl_table_header *header); static int sysctl_follow_link(struct ctl_table_header **phead, - struct ctl_table **pentry); + const struct ctl_table **pentry); static int insert_links(struct ctl_table_header *head); static void put_links(struct ctl_table_header *header); @@ -108,11 +108,11 @@ static int namecmp(const char *name1, int len1, const char *name2, int len2) } /* Called under sysctl_lock */ -static struct ctl_table *find_entry(struct ctl_table_header **phead, +static const struct ctl_table *find_entry(struct ctl_table_header **phead, struct ctl_dir *dir, const char *name, int namelen) { struct ctl_table_header *head; - struct ctl_table *entry; + const struct ctl_table *entry; struct rb_node *node = dir->root.rb_node; while (node) @@ -139,7 +139,7 @@ static struct ctl_table *find_entry(struct ctl_table_header **phead, return NULL; } -static int insert_entry(struct ctl_table_header *head, struct ctl_table *entry) +static int insert_entry(struct ctl_table_header *head, const struct ctl_table *entry) { struct rb_node *node = &head->node[entry - head->ctl_table].node; struct rb_node **p = &head->parent->root.rb_node; @@ -149,7 +149,7 @@ static int insert_entry(struct ctl_table_header *head, struct ctl_table *entry) while (*p) { struct ctl_table_header *parent_head; - struct ctl_table *parent_entry; + const struct ctl_table *parent_entry; struct ctl_node *parent_node; const char *parent_name; int cmp; @@ -178,7 +178,7 @@ static int insert_entry(struct ctl_table_header *head, struct ctl_table *entry) return 0; } -static void erase_entry(struct ctl_table_header *head, struct ctl_table *entry) +static void erase_entry(struct ctl_table_header *head, const struct ctl_table *entry) { struct rb_node *node = &head->node[entry - head->ctl_table].node; @@ -187,7 +187,7 @@ static void erase_entry(struct ctl_table_header *head, struct ctl_table *entry) static void init_header(struct ctl_table_header *head, struct ctl_table_root *root, struct ctl_table_set *set, - struct ctl_node *node, struct ctl_table *table, size_t table_size) + struct ctl_node *node, const struct ctl_table *table, size_t table_size) { head->ctl_table = table; head->ctl_table_size = table_size; @@ -202,7 +202,7 @@ static void init_header(struct ctl_table_header *head, head->node = node; INIT_HLIST_HEAD(&head->inodes); if (node) { - struct ctl_table *entry; + const struct ctl_table *entry; list_for_each_table_entry(entry, head) { node->header = head; @@ -213,7 +213,7 @@ static void init_header(struct ctl_table_header *head, static void erase_header(struct ctl_table_header *head) { - struct ctl_table *entry; + const struct ctl_table *entry; list_for_each_table_entry(entry, head) erase_entry(head, entry); @@ -221,7 +221,7 @@ static void erase_header(struct ctl_table_header *head) static int insert_header(struct ctl_dir *dir, struct ctl_table_header *header) { - struct ctl_table *entry; + const struct ctl_table *entry; struct ctl_table_header *dir_h = &dir->header; int err; @@ -341,12 +341,12 @@ lookup_header_set(struct ctl_table_root *root) return set; } -static struct ctl_table *lookup_entry(struct ctl_table_header **phead, - struct ctl_dir *dir, - const char *name, int namelen) +static const struct ctl_table *lookup_entry(struct ctl_table_header **phead, + struct ctl_dir *dir, + const char *name, int namelen) { struct ctl_table_header *head; - struct ctl_table *entry; + const struct ctl_table *entry; spin_lock(&sysctl_lock); entry = find_entry(&head, dir, name, namelen); @@ -371,10 +371,10 @@ static struct ctl_node *first_usable_entry(struct rb_node *node) } static void first_entry(struct ctl_dir *dir, - struct ctl_table_header **phead, struct ctl_table **pentry) + struct ctl_table_header **phead, const struct ctl_table **pentry) { struct ctl_table_header *head = NULL; - struct ctl_table *entry = NULL; + const struct ctl_table *entry = NULL; struct ctl_node *ctl_node; spin_lock(&sysctl_lock); @@ -388,10 +388,10 @@ static void first_entry(struct ctl_dir *dir, *pentry = entry; } -static void next_entry(struct ctl_table_header **phead, struct ctl_table **pentry) +static void next_entry(struct ctl_table_header **phead, const struct ctl_table **pentry) { struct ctl_table_header *head = *phead; - struct ctl_table *entry = *pentry; + const struct ctl_table *entry = *pentry; struct ctl_node *ctl_node = &head->node[entry - head->ctl_table]; spin_lock(&sysctl_lock); @@ -424,7 +424,7 @@ static int test_perm(int mode, int op) return -EACCES; } -static int sysctl_perm(struct ctl_table_header *head, struct ctl_table *table, int op) +static int sysctl_perm(struct ctl_table_header *head, const struct ctl_table *table, int op) { struct ctl_table_root *root = head->root; int mode; @@ -438,7 +438,7 @@ static int sysctl_perm(struct ctl_table_header *head, struct ctl_table *table, i } static struct inode *proc_sys_make_inode(struct super_block *sb, - struct ctl_table_header *head, struct ctl_table *table) + struct ctl_table_header *head, const struct ctl_table *table) { struct ctl_table_root *root = head->root; struct inode *inode; @@ -511,7 +511,7 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry, struct ctl_table_header *head = grab_header(dir); struct ctl_table_header *h = NULL; const struct qstr *name = &dentry->d_name; - struct ctl_table *p; + const struct ctl_table *p; struct inode *inode; struct dentry *err = ERR_PTR(-ENOENT); struct ctl_dir *ctl_dir; @@ -554,7 +554,7 @@ static ssize_t proc_sys_call_handler(struct kiocb *iocb, struct iov_iter *iter, { struct inode *inode = file_inode(iocb->ki_filp); struct ctl_table_header *head = grab_header(inode); - struct ctl_table *table = PROC_I(inode)->sysctl_entry; + const struct ctl_table *table = PROC_I(inode)->sysctl_entry; size_t count = iov_iter_count(iter); char *kbuf; ssize_t error; @@ -628,7 +628,7 @@ static ssize_t proc_sys_write(struct kiocb *iocb, struct iov_iter *iter) static int proc_sys_open(struct inode *inode, struct file *filp) { struct ctl_table_header *head = grab_header(inode); - struct ctl_table *table = PROC_I(inode)->sysctl_entry; + const struct ctl_table *table = PROC_I(inode)->sysctl_entry; /* sysctl was unregistered */ if (IS_ERR(head)) @@ -646,7 +646,7 @@ static __poll_t proc_sys_poll(struct file *filp, poll_table *wait) { struct inode *inode = file_inode(filp); struct ctl_table_header *head = grab_header(inode); - struct ctl_table *table = PROC_I(inode)->sysctl_entry; + const struct ctl_table *table = PROC_I(inode)->sysctl_entry; __poll_t ret = DEFAULT_POLLMASK; unsigned long event; @@ -677,7 +677,7 @@ static __poll_t proc_sys_poll(struct file *filp, poll_table *wait) static bool proc_sys_fill_cache(struct file *file, struct dir_context *ctx, struct ctl_table_header *head, - struct ctl_table *table) + const struct ctl_table *table) { struct dentry *child, *dir = file->f_path.dentry; struct inode *inode; @@ -726,7 +726,7 @@ static bool proc_sys_fill_cache(struct file *file, static bool proc_sys_link_fill_cache(struct file *file, struct dir_context *ctx, struct ctl_table_header *head, - struct ctl_table *table) + const struct ctl_table *table) { bool ret = true; @@ -744,7 +744,7 @@ static bool proc_sys_link_fill_cache(struct file *file, return ret; } -static int scan(struct ctl_table_header *head, struct ctl_table *table, +static int scan(struct ctl_table_header *head, const struct ctl_table *table, unsigned long *pos, struct file *file, struct dir_context *ctx) { @@ -768,7 +768,7 @@ static int proc_sys_readdir(struct file *file, struct dir_context *ctx) { struct ctl_table_header *head = grab_header(file_inode(file)); struct ctl_table_header *h = NULL; - struct ctl_table *entry; + const struct ctl_table *entry; struct ctl_dir *ctl_dir; unsigned long pos; @@ -801,7 +801,7 @@ static int proc_sys_permission(struct mnt_idmap *idmap, * are _NOT_ writeable, capabilities or not. */ struct ctl_table_header *head; - struct ctl_table *table; + const struct ctl_table *table; int error; /* Executable files are not allowed under /proc/sys/ */ @@ -845,7 +845,7 @@ static int proc_sys_getattr(struct mnt_idmap *idmap, { struct inode *inode = d_inode(path->dentry); struct ctl_table_header *head = grab_header(inode); - struct ctl_table *table = PROC_I(inode)->sysctl_entry; + const struct ctl_table *table = PROC_I(inode)->sysctl_entry; if (IS_ERR(head)) return PTR_ERR(head); @@ -944,7 +944,7 @@ static struct ctl_dir *find_subdir(struct ctl_dir *dir, const char *name, int namelen) { struct ctl_table_header *head; - struct ctl_table *entry; + const struct ctl_table *entry; entry = find_entry(&head, dir, name, namelen); if (!entry) @@ -1055,12 +1055,12 @@ static struct ctl_dir *xlate_dir(struct ctl_table_set *set, struct ctl_dir *dir) } static int sysctl_follow_link(struct ctl_table_header **phead, - struct ctl_table **pentry) + const struct ctl_table **pentry) { struct ctl_table_header *head; + const struct ctl_table *entry; struct ctl_table_root *root; struct ctl_table_set *set; - struct ctl_table *entry; struct ctl_dir *dir; int ret; @@ -1087,7 +1087,7 @@ static int sysctl_follow_link(struct ctl_table_header **phead, return ret; } -static int sysctl_err(const char *path, struct ctl_table *table, char *fmt, ...) +static int sysctl_err(const char *path, const struct ctl_table *table, char *fmt, ...) { struct va_format vaf; va_list args; @@ -1103,7 +1103,7 @@ static int sysctl_err(const char *path, struct ctl_table *table, char *fmt, ...) return -EINVAL; } -static int sysctl_check_table_array(const char *path, struct ctl_table *table) +static int sysctl_check_table_array(const char *path, const struct ctl_table *table) { int err = 0; @@ -1128,7 +1128,7 @@ static int sysctl_check_table_array(const char *path, struct ctl_table *table) static int sysctl_check_table(const char *path, struct ctl_table_header *header) { - struct ctl_table *entry; + const struct ctl_table *entry; int err = 0; list_for_each_table_entry(entry, header) { if ((entry->proc_handler == proc_dostring) || @@ -1162,8 +1162,9 @@ static int sysctl_check_table(const char *path, struct ctl_table_header *header) static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table_header *head) { - struct ctl_table *link_table, *entry, *link; + struct ctl_table *link_table, *link; struct ctl_table_header *links; + const struct ctl_table *entry; struct ctl_node *node; char *link_name; int nr_entries, name_bytes; @@ -1210,7 +1211,7 @@ static bool get_links(struct ctl_dir *dir, struct ctl_table_root *link_root) { struct ctl_table_header *tmp_head; - struct ctl_table *entry, *link; + const struct ctl_table *entry, *link; /* Are there links available for every entry in table? */ list_for_each_table_entry(entry, header) { @@ -1463,7 +1464,7 @@ static void put_links(struct ctl_table_header *header) struct ctl_table_root *root = header->root; struct ctl_dir *parent = header->parent; struct ctl_dir *core_parent; - struct ctl_table *entry; + const struct ctl_table *entry; if (header->set == root_set) return; @@ -1474,7 +1475,7 @@ static void put_links(struct ctl_table_header *header) list_for_each_table_entry(entry, header) { struct ctl_table_header *link_head; - struct ctl_table *link; + const struct ctl_table *link; const char *name = entry->procname; link = find_entry(&link_head, core_parent, name, strlen(name)); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 061ea65104be..2f4d577f2e93 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -162,7 +162,7 @@ struct ctl_node { struct ctl_table_header { union { struct { - struct ctl_table *ctl_table; + const struct ctl_table *ctl_table; int ctl_table_size; int used; int count; From patchwork Mon Dec 4 07:52:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477862 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="hS+KtsOG" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2B8471BE; Sun, 3 Dec 2023 23:52:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=Bgwfb+pVaZrTgWleM6LMFvhfRSLvAMWx6yDuVgjieRE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=hS+KtsOGw+GkISuRELYWbCR6vRk45wcNHZKHpo4XsB5+XM3eXIrVJpfiK0t8zlEQI mIt3XWEubn3fTpXUeuFj8Yo1pDmok1buwCVfburMkLyYAOmG3cjdeIJ7NzYK4hRJY6 UDnZrzYSCHhBMv1pgPXBF30Vu3at8PTzvtgbHQkc= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:28 +0100 Subject: [PATCH v2 15/18] sysctl: allow registration of const struct ctl_table Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-15-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=3419; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=Bgwfb+pVaZrTgWleM6LMFvhfRSLvAMWx6yDuVgjieRE=; b=hS2QmFvAg4VXxquXbstpDfzCkvr3rvB9crvRKmffiTA7i23BVWn4ObMCxEzeZPYrUhn2F4IbL N8KOruqBeCPCRkK62ZIkp4Hmw1w2oAsG+SM7NulyfuKFMlSyp2QJtZl X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= This allows sysctl table to be put into read-only data. Signed-off-by: Thomas Weißschuh --- fs/proc/proc_sysctl.c | 6 +++--- include/linux/sysctl.h | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index e7fd1680d479..d09107a5b43f 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -1356,7 +1356,7 @@ static struct ctl_dir *sysctl_mkdir_p(struct ctl_dir *dir, const char *path) */ struct ctl_table_header *__register_sysctl_table( struct ctl_table_set *set, - const char *path, struct ctl_table *table, size_t table_size) + const char *path, const struct ctl_table *table, size_t table_size) { struct ctl_table_root *root = set->dir.header.root; struct ctl_table_header *header; @@ -1417,7 +1417,7 @@ struct ctl_table_header *__register_sysctl_table( * * See __register_sysctl_table for more details. */ -struct ctl_table_header *register_sysctl_sz(const char *path, struct ctl_table *table, +struct ctl_table_header *register_sysctl_sz(const char *path, const struct ctl_table *table, size_t table_size) { return __register_sysctl_table(&sysctl_table_root.default_set, @@ -1446,7 +1446,7 @@ EXPORT_SYMBOL(register_sysctl_sz); * * Context: if your base directory does not exist it will be created for you. */ -void __init __register_sysctl_init(const char *path, struct ctl_table *table, +void __init __register_sysctl_init(const char *path, const struct ctl_table *table, const char *table_name, size_t table_size) { struct ctl_table_header *hdr = register_sysctl_sz(path, table, table_size); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 2f4d577f2e93..7c96d5abafc7 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -229,13 +229,13 @@ extern void retire_sysctl_set(struct ctl_table_set *set); struct ctl_table_header *__register_sysctl_table( struct ctl_table_set *set, - const char *path, struct ctl_table *table, size_t table_size); -struct ctl_table_header *register_sysctl_sz(const char *path, struct ctl_table *table, + const char *path, const struct ctl_table *table, size_t table_size); +struct ctl_table_header *register_sysctl_sz(const char *path, const struct ctl_table *table, size_t table_size); void unregister_sysctl_table(struct ctl_table_header * table); extern int sysctl_init_bases(void); -extern void __register_sysctl_init(const char *path, struct ctl_table *table, +extern void __register_sysctl_init(const char *path, const struct ctl_table *table, const char *table_name, size_t table_size); #define register_sysctl_init(path, table) \ __register_sysctl_init(path, table, #table, ARRAY_SIZE(table)) @@ -257,7 +257,7 @@ extern int no_unaligned_warning; #else /* CONFIG_SYSCTL */ -static inline void register_sysctl_init(const char *path, struct ctl_table *table) +static inline void register_sysctl_init(const char *path, const struct ctl_table *table) { } @@ -267,7 +267,7 @@ static inline struct ctl_table_header *register_sysctl_mount_point(const char *p } static inline struct ctl_table_header *register_sysctl_sz(const char *path, - struct ctl_table *table, + const struct ctl_table *table, size_t table_size) { return NULL; From patchwork Mon Dec 4 07:52:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477861 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="HwF1ZmCk" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A2653D42; Sun, 3 Dec 2023 23:52:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=YBK5uUUq4Kh+mKXkGIMtbxBTs5GdJO+UnTKPHI6RDtU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=HwF1ZmCkK3/cZsLZOJv8oo4VnkXsmy+e83QTxGR6OAMWy6034AS1J05Qn6iJDUsRa NARdauvNtYkyLtyyJLRFVL7ZgNTceZ1GxnYNFemiMoGsmcTpJCCoAvGGCwuh/bqW8H 7eXQnHLp1awlSAlZluXVC2x32y7csTxkaF56ZgfA= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:29 +0100 Subject: [PATCH v2 16/18] const_structs.checkpatch: add ctl_table Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-16-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=637; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=YBK5uUUq4Kh+mKXkGIMtbxBTs5GdJO+UnTKPHI6RDtU=; b=nnAQEMVMy+ZyEC0A8HsNGfIvnZ+oZD9y9hLvLr/X2z+gUtVWX0NEtzyKPo6I2oGRHVEgqgT2b 3WDkqH05KtyB4unVcVSlwDpFO055j+V5E2NTovlZVL9t8mub1r/wjSp X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Now that the sysctl core can handle "const struct ctl_table", make sure that new usages of the struct already enter the tree as const. Signed-off-by: Thomas Weißschuh --- scripts/const_structs.checkpatch | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/const_structs.checkpatch b/scripts/const_structs.checkpatch index 188412aa2757..0621c2d652bb 100644 --- a/scripts/const_structs.checkpatch +++ b/scripts/const_structs.checkpatch @@ -5,6 +5,7 @@ block_device_operations clk_ops comedi_lrange component_ops +ctl_table dentry_operations dev_pm_ops dma_map_ops From patchwork Mon Dec 4 07:52:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477863 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="rRkFq96C" Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ACF72D45; Sun, 3 Dec 2023 23:52:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=zByUx3Gq6P8LcvcqSjdgxm/5wuG+rVoanucvNQrnBwQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=rRkFq96C53W4Qa03A41B32MvmVyDQRkTNCbQcM+Xuz/1K/4p2IVfE2RJFXISV9AT8 +m2cFw8KOv+tWlhuOzE6u2hMX6VCaCZMEltICxc898tMWOwUHR0wapekUgvvel1l/P 8jLMdDolwt2ssl4Gs0CMz+V1cUJtzZejX/mM8hrk= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:30 +0100 Subject: [PATCH v2 17/18] sysctl: make ctl_table sysctl_mount_point const Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-17-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=707; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=zByUx3Gq6P8LcvcqSjdgxm/5wuG+rVoanucvNQrnBwQ=; b=T4fe4Y4H+z9NMgxNToLMvDIdzWzUsQ1ROmqM+wleaFzcaGQIwqyaLjcqz7LoArGFd6dKvGI3b rnc8VQL+TsKC8bU/mHopWYEMAy89LdgzfJW/9Gr5m8N/9iOqPxqaHiW X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= This is a first example on how to use const struct ctl_table. Signed-off-by: Thomas Weißschuh --- fs/proc/proc_sysctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index d09107a5b43f..f2b663e0be33 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -30,7 +30,7 @@ static const struct file_operations proc_sys_dir_file_operations; static const struct inode_operations proc_sys_dir_operations; /* Support for permanently empty directories */ -static struct ctl_table sysctl_mount_point[] = { +static const struct ctl_table sysctl_mount_point[] = { { } }; From patchwork Mon Dec 4 07:52:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 13477858 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="STO8kui6" Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 989AA1A7; Sun, 3 Dec 2023 23:52:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1701676352; bh=iOBuDxNgWayHfZg8ll4jl4+gQO+POEL5ZSXO0IYskQo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=STO8kui6mbh1g6598MiaxLRX5mQc341d0YjLWS7Nqws1kfRzH1lwxwoSt5ziD1VFK aSwpZnNYfLd9cTApCGEXs0XYNCcDuD8ICVixi2JcvAH+kMfhWhB0uQW14hHfUy14Br 1s7Tge5tpoCyCqnF10AtWRGzNJCAb5+Q0gLsx8Ms= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Mon, 04 Dec 2023 08:52:31 +0100 Subject: [PATCH v2 18/18] sysctl: constify standard sysctl tables Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20231204-const-sysctl-v2-18-7a5060b11447@weissschuh.net> References: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> In-Reply-To: <20231204-const-sysctl-v2-0-7a5060b11447@weissschuh.net> To: Kees Cook , "Gustavo A. R. Silva" , Luis Chamberlain , Iurii Zaikin , Greg Kroah-Hartman , Joel Granados Cc: linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.4 X-Developer-Signature: v=1; a=ed25519-sha256; t=1701676350; l=624; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=iOBuDxNgWayHfZg8ll4jl4+gQO+POEL5ZSXO0IYskQo=; b=bcxZcbAl3IUbAiyq3MmFXuykvVpQnzM+YWbExIJXohNBpBz3JEWJo7sT7X/oXLjwCNCq/Uf7w /af+RETE8JFBNjQumlPQ165901a6AM1OKKo8JHVeUGKYxVfkiX6XZfN X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Recent changes in the sysctl allow sysctl tables to be put into .rodata. Signed-off-by: Thomas Weißschuh --- kernel/sysctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/sysctl.c b/kernel/sysctl.c index d60daa4e36fc..e48a60887c7e 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1615,7 +1615,7 @@ int proc_do_static_key(const struct ctl_table *table, int write, return ret; } -static struct ctl_table kern_table[] = { +static const struct ctl_table kern_table[] = { { .procname = "panic", .data = &panic_timeout,