On Fri, May 09, 2025 at 12:01:24PM -0700, Kees Cook wrote:
> On Fri, May 09, 2025 at 02:54:13PM +0200, Joel Granados wrote:
> > Move cad_pid as well as supporting function proc_do_cad_pid into
> > kernel/pic.c. Replaced call to __do_proc_dointvec with proc_dointvec
> > inside proc_do_cad_pid which requires the copy of the ctl_table to
> > handle the temp value.
> >
> > This is part of a greater effort to move ctl tables into their
> > respective subsystems which will reduce the merge conflicts in
> > kernel/sysctl.c.
> >
> > Signed-off-by: Joel Granados <joel.grana...@kernel.org>
> > ---
> > kernel/pid.c | 32 ++++++++++++++++++++++++++++++++
> > kernel/sysctl.c | 31 -------------------------------
> > 2 files changed, 32 insertions(+), 31 deletions(-)
> >
> > diff --git a/kernel/pid.c b/kernel/pid.c
> > index
> > 4ac2ce46817fdefff8888681bb5ca3f2676e8add..bc87ba08ae8b7c67f3457b31309b56b5d90f8c52
> > 100644
> > --- a/kernel/pid.c
> > +++ b/kernel/pid.c
> > @@ -717,6 +717,29 @@ static struct ctl_table_root pid_table_root = {
> > .set_ownership = pid_table_root_set_ownership,
> > };
> >
> > +static int proc_do_cad_pid(const struct ctl_table *table, int write, void
> > *buffer,
> > + size_t *lenp, loff_t *ppos)
> > +{
> > + struct pid *new_pid;
> > + pid_t tmp_pid;
> > + int r;
> > + struct ctl_table tmp_table = *table;
> > +
> > + tmp_pid = pid_vnr(cad_pid);
> > + tmp_table.data = &tmp_pid;
> > +
> > + r = proc_dointvec(&tmp_table, write, buffer, lenp, ppos);
> > + if (r || !write)
> > + return r;
> > +
> > + new_pid = find_get_pid(tmp_pid);
> > + if (!new_pid)
> > + return -ESRCH;
> > +
> > + put_pid(xchg(&cad_pid, new_pid));
> > + return 0;
> > +}
> > +
> > static const struct ctl_table pid_table[] = {
> > {
> > .procname = "pid_max",
> > @@ -727,6 +750,15 @@ static const struct ctl_table pid_table[] = {
> > .extra1 = &pid_max_min,
> > .extra2 = &pid_max_max,
> > },
> > +#ifdef CONFIG_PROC_SYSCTL
> > + {
> > + .procname = "cad_pid",
> > + .data = NULL,
>
> nit: this is redundant, any unspecified member will be zero-initialized.
Thx. Changed it locally, but will not resend for this.
>
> Regardless:
>
> Reviewed-by: Kees Cook <k...@kernel.org>
...
> > - .data = NULL,
> > - .maxlen = sizeof (int),
> > - .mode = 0600,
> > - .proc_handler = proc_do_cad_pid,
> > - },
> > #endif
> > {
> > .procname = "overflowuid",
> >
> > --
> > 2.47.2
> >
> >
>
> --
> Kees Cook-- Joel Granados
signature.asc
Description: PGP signature
