From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.1 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 751DEC10F14 for ; Wed, 17 Apr 2019 03:22:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3C84120835 for ; Wed, 17 Apr 2019 03:22:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="NCI0ni3d" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729516AbfDQDWv (ORCPT ); Tue, 16 Apr 2019 23:22:51 -0400 Received: from mail-vs1-f66.google.com ([209.85.217.66]:46623 "EHLO mail-vs1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729446AbfDQDWv (ORCPT ); Tue, 16 Apr 2019 23:22:51 -0400 Received: by mail-vs1-f66.google.com with SMTP id e2so12768574vsc.13 for ; Tue, 16 Apr 2019 20:22:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SxvFZ8IaG2ZN1MUA/KWcr3EWiUYdKNMdKRGal60ZBBw=; b=NCI0ni3drpPOdYU9pW9QpwGYniGE4XO/OVYjYN7l9JVJUpxoBd0M5zIXbDoYBOLkec 1YnwI85Szj4MD3KpZ49A9rA5EzqpRhfCtApu68ESj1sKRDSwYKZUCPKJxwyKNLhuZACs 64h910mSYcm+wfgyrD5I3wc9UYxRxl4BbtXPo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SxvFZ8IaG2ZN1MUA/KWcr3EWiUYdKNMdKRGal60ZBBw=; b=Lu/QK32aHaiO/zdyvPn5LpKiX2ZToNheYbF7R7QReKEHdfepd4jCOBelHPCJsURQGj UL8h99pWPMZ0FraPV9SIIRfCrYJ/BX9n/PUtPqJk/pgrgmdbLFqxN32eRpCm4YXUll8B B9h9JxKrmuJts8se+ImSH08T02gexwtIZGQFVzR4+AXzBp2XIit7IZbW7YNYBpozKjA5 VdJcbgdcf17qQO9b7brteXYU9TOKsDZ5Kyl7JiJu4MGcsGbyE79B7Oy0Swt398fv0iHt GG9cHQ02cjBS91xfO7QrbC2mi2/WCrOFwx7ap35CKanm6wIuKv8qn6j7jv0tBkB1FI7P X4CQ== X-Gm-Message-State: APjAAAVqQnNH9iTjWhQHywh4AN1DclSCHi8cP2C4y3+o0QtazAiktNEA NJzRxUCCID+awexgBr/zaonJ8qp4/Vo= X-Google-Smtp-Source: APXvYqzBfThmu2ykx2y9xM80CAq0rVUPdGH0g7vIitt7oMoSHLM9VWR9uMsSWmpl+oyDhlY+ojjEhQ== X-Received: by 2002:a67:f849:: with SMTP id b9mr24538670vsp.188.1555471370182; Tue, 16 Apr 2019 20:22:50 -0700 (PDT) Received: from mail-vs1-f52.google.com (mail-vs1-f52.google.com. [209.85.217.52]) by smtp.gmail.com with ESMTPSA id b81sm13094327vkf.47.2019.04.16.20.22.49 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Apr 2019 20:22:49 -0700 (PDT) Received: by mail-vs1-f52.google.com with SMTP id j184so12778248vsd.11 for ; Tue, 16 Apr 2019 20:22:49 -0700 (PDT) X-Received: by 2002:a67:7816:: with SMTP id t22mr45204600vsc.115.1555471368835; Tue, 16 Apr 2019 20:22:48 -0700 (PDT) MIME-Version: 1.0 References: <20190408220925.13077-1-mcroce@redhat.com> <20190408220925.13077-3-mcroce@redhat.com> In-Reply-To: From: Kees Cook Date: Tue, 16 Apr 2019 22:22:36 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/2] kernel: use sysctl shared variables for range check To: Matteo Croce Cc: LKML , "linux-fsdevel@vger.kernel.org" , Luis Chamberlain , Kees Cook , Alexey Dobriyan Content-Type: text/plain; charset="UTF-8" Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Tue, Apr 16, 2019 at 10:21 PM Kees Cook wrote: > > On Mon, Apr 8, 2019 at 5:09 PM Matteo Croce wrote: > > > > Use the shared variables for range check, instead of declaring a local one > > in every source file. > > > > Signed-off-by: Matteo Croce > > --- > > kernel/pid_namespace.c | 3 +- > > kernel/sysctl.c | 193 ++++++++++++++++++++--------------------- > > kernel/ucount.c | 6 +- > > 3 files changed, 98 insertions(+), 104 deletions(-) > > > > diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c > > index aa6e72fb7c08..ddbb51bc4968 100644 > > --- a/kernel/pid_namespace.c > > +++ b/kernel/pid_namespace.c > > @@ -290,14 +290,13 @@ static int pid_ns_ctl_handler(struct ctl_table *table, int write, > > } > > > > extern int pid_max; > > -static int zero = 0; > > static struct ctl_table pid_ns_ctl_table[] = { > > { > > .procname = "ns_last_pid", > > .maxlen = sizeof(int), > > .mode = 0666, /* permissions are checked in the handler */ > > .proc_handler = pid_ns_ctl_handler, > > - .extra1 = &zero, > > + .extra1 = (void *)&sysctl_zero, > > BTW, I don't think these (void *) casts are actually needed. I thought > extra1/2 were already void * so assignments don't need the casting. Nevermind, I see akpm already mentioned this, and I see it's the "const" removal now. -- Kees Cook