Commit 0e148d3c authored May 03, 2024 by Thomas Weißschuh Committed by Kees Cook May 03, 2024

stackleak: Use a copy of the ctl_table argument



Sysctl handlers are not supposed to modify the ctl_table passed to them.
Adapt the logic to work with a temporary variable, similar to how it is
done in other parts of the kernel.

This is also a prerequisite to enforce the immutability of the argument
through the callbacks.

Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Reviewed-by: Tycho Andersen <tycho@tycho.pizza>
Link: https://lore.kernel.org/r/20240503-sysctl-const-stackleak-v1-1-603fecb19170@weissschuh.net


Signed-off-by: Kees Cook <keescook@chromium.org>

parent 7d78a777

kernel/stackleak.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -27,10 +27,10 @@ static int stack_erasing_sysctl(struct ctl_table *table, int write,
		int ret = 0;
		int state = !static_branch_unlikely(&stack_erasing_bypass);
		int prev_state = state;
		struct ctl_table table_copy = *table;

		table->data = &state;
		table->maxlen = sizeof(int);
		ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
		table_copy.data = &state;
		ret = proc_dointvec_minmax(&table_copy, write, buffer, lenp, ppos);
		state = !!state;
		if (ret \|\| !write \|\| state == prev_state)
		return ret;