Merge branch 'net-constify-ctl_table-arguments-of-utility-functions'

kuba-moo · kuba-moo · commit 93bda33046e7 · 2024-05-28T19:49:51.000-07:00
Thomas Weißschuh says: ==================== net: constify ctl_table arguments of utility functions The sysctl core is preparing to only expose instances of struct ctl_table as "const". This will also affect the ctl_table argument of sysctl handlers. As the function prototype of all sysctl handlers throughout the tree needs to stay consistent that change will be done in one commit. To reduce the size of that final commit, switch utility functions which are not bound by "typedef proc_handler" to "const struct ctl_table". No functional change. This patch(set) is meant to be applied through your subsystem tree. Or at your preference through the sysctl tree. Motivation ========== Moving structures containing function pointers into unmodifiable .rodata prevents attackers or bugs from corrupting and diverting those pointers. Also the "struct ctl_table" exposed by the sysctl core were never meant to be mutated by users. For this goal changes to both the sysctl core and "const" qualifiers for various sysctl APIs are necessary. ==================== Link: https://lore.kernel.org/r/20240527-sysctl-const-handler-net-v1-0-16523767d0b2@weissschuh.net Signed-off-by: Jakub Kicinski <kuba@kernel.org>
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
@@ -3578,7 +3578,7 @@ static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
 	rcu_read_unlock();
 }
 
-static void neigh_proc_update(struct ctl_table *ctl, int write)
+static void neigh_proc_update(const struct ctl_table *ctl, int write)
 {
 	struct net_device *dev = ctl->extra1;
 	struct neigh_parms *p = ctl->extra2;
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
@@ -130,7 +130,8 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
 	return ret;
 }
 
-static void inet_get_ping_group_range_table(struct ctl_table *table, kgid_t *low, kgid_t *high)
+static void inet_get_ping_group_range_table(const struct ctl_table *table,
+					    kgid_t *low, kgid_t *high)
 {
 	kgid_t *data = table->data;
 	struct net *net =
@@ -145,7 +146,8 @@ static void inet_get_ping_group_range_table(struct ctl_table *table, kgid_t *low
 }
 
 /* Update system visible IP port range */
-static void set_ping_group_range(struct ctl_table *table, kgid_t low, kgid_t high)
+static void set_ping_group_range(const struct ctl_table *table,
+				 kgid_t low, kgid_t high)
 {
 	kgid_t *data = table->data;
 	struct net *net =
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
@@ -863,7 +863,7 @@ static void addrconf_forward_change(struct net *net, __s32 newf)
 	}
 }
 
-static int addrconf_fixup_forwarding(struct ctl_table *table, int *p, int newf)
+static int addrconf_fixup_forwarding(const struct ctl_table *table, int *p, int newf)
 {
 	struct net *net;
 	int old;
@@ -931,7 +931,7 @@ static void addrconf_linkdown_change(struct net *net, __s32 newf)
 	}
 }
 
-static int addrconf_fixup_linkdown(struct ctl_table *table, int *p, int newf)
+static int addrconf_fixup_linkdown(const struct ctl_table *table, int *p, int newf)
 {
 	struct net *net;
 	int old;
@@ -6378,7 +6378,7 @@ static void addrconf_disable_change(struct net *net, __s32 newf)
 	}
 }
 
-static int addrconf_disable_ipv6(struct ctl_table *table, int *p, int newf)
+static int addrconf_disable_ipv6(const struct ctl_table *table, int *p, int newf)
 {
 	struct net *net = (struct net *)table->extra2;
 	int old;
@@ -6669,7 +6669,7 @@ void addrconf_disable_policy_idev(struct inet6_dev *idev, int val)
 }
 
 static
-int addrconf_disable_policy(struct ctl_table *ctl, int *valp, int val)
+int addrconf_disable_policy(const struct ctl_table *ctl, int *valp, int val)
 {
 	struct net *net = (struct net *)ctl->extra2;
 	struct inet6_dev *idev;
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
@@ -1936,7 +1936,7 @@ static struct notifier_block ndisc_netdev_notifier = {
 };
 
 #ifdef CONFIG_SYSCTL
-static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
+static void ndisc_warn_deprecated_sysctl(const struct ctl_table *ctl,
 					 const char *func, const char *dev_name)
 {
 	static char warncomm[TASK_COMM_LEN];
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -1924,7 +1924,8 @@ proc_do_sync_ports(struct ctl_table *table, int write,
 	return rc;
 }
 
-static int ipvs_proc_est_cpumask_set(struct ctl_table *table, void *buffer)
+static int ipvs_proc_est_cpumask_set(const struct ctl_table *table,
+				     void *buffer)
 {
 	struct netns_ipvs *ipvs = table->extra2;
 	cpumask_var_t *valp = table->data;
@@ -1962,8 +1963,8 @@ static int ipvs_proc_est_cpumask_set(struct ctl_table *table, void *buffer)
 	return ret;
 }
 
-static int ipvs_proc_est_cpumask_get(struct ctl_table *table, void *buffer,
-				     size_t size)
+static int ipvs_proc_est_cpumask_get(const struct ctl_table *table,
+				     void *buffer, size_t size)
 {
 	struct netns_ipvs *ipvs = table->extra2;
 	cpumask_var_t *valp = table->data;

Original file line number	Diff line number	Diff line change
`@@ -3578,7 +3578,7 @@ static void neigh_copy_dflt_parms(struct net net, struct neigh_parms p,`
`3578`	`3578`	`rcu_read_unlock();`
`3579`	`3579`	`}`
`3580`	`3580`
`3581`		`-static void neigh_proc_update(struct ctl_table *ctl, int write)`
	`3581`	`+static void neigh_proc_update(const struct ctl_table *ctl, int write)`
`3582`	`3582`	`{`
`3583`	`3583`	`struct net_device *dev = ctl->extra1;`
`3584`	`3584`	`struct neigh_parms *p = ctl->extra2;`
Original file line number	Diff line number	Diff line change
`@@ -130,7 +130,8 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,`
`130`	`130`	`return ret;`
`131`	`131`	`}`
`132`	`132`
`133`		`-static void inet_get_ping_group_range_table(struct ctl_table table, kgid_t low, kgid_t *high)`
	`133`	`+static void inet_get_ping_group_range_table(const struct ctl_table *table,`
	`134`	`+ kgid_t low, kgid_t high)`
`134`	`135`	`{`
`135`	`136`	`kgid_t *data = table->data;`
`136`	`137`	`struct net *net =`
`@@ -145,7 +146,8 @@ static void inet_get_ping_group_range_table(struct ctl_table table, kgid_t low`
`145`	`146`	`}`
`146`	`147`
`147`	`148`	`/* Update system visible IP port range */`
`148`		`-static void set_ping_group_range(struct ctl_table *table, kgid_t low, kgid_t high)`
	`149`	`+static void set_ping_group_range(const struct ctl_table *table,`
	`150`	`+ kgid_t low, kgid_t high)`
`149`	`151`	`{`
`150`	`152`	`kgid_t *data = table->data;`
`151`	`153`	`struct net *net =`
Original file line number	Diff line number	Diff line change
`@@ -863,7 +863,7 @@ static void addrconf_forward_change(struct net *net, __s32 newf)`
`863`	`863`	`}`
`864`	`864`	`}`
`865`	`865`
`866`		`-static int addrconf_fixup_forwarding(struct ctl_table table, int p, int newf)`
	`866`	`+static int addrconf_fixup_forwarding(const struct ctl_table table, int p, int newf)`
`867`	`867`	`{`
`868`	`868`	`struct net *net;`
`869`	`869`	`int old;`
`@@ -931,7 +931,7 @@ static void addrconf_linkdown_change(struct net *net, __s32 newf)`
`931`	`931`	`}`
`932`	`932`	`}`
`933`	`933`
`934`		`-static int addrconf_fixup_linkdown(struct ctl_table table, int p, int newf)`
	`934`	`+static int addrconf_fixup_linkdown(const struct ctl_table table, int p, int newf)`
`935`	`935`	`{`
`936`	`936`	`struct net *net;`
`937`	`937`	`int old;`
`@@ -6378,7 +6378,7 @@ static void addrconf_disable_change(struct net *net, __s32 newf)`
`6378`	`6378`	`}`
`6379`	`6379`	`}`
`6380`	`6380`
`6381`		`-static int addrconf_disable_ipv6(struct ctl_table table, int p, int newf)`
	`6381`	`+static int addrconf_disable_ipv6(const struct ctl_table table, int p, int newf)`
`6382`	`6382`	`{`
`6383`	`6383`	`struct net net = (struct net )table->extra2;`
`6384`	`6384`	`int old;`
`@@ -6669,7 +6669,7 @@ void addrconf_disable_policy_idev(struct inet6_dev *idev, int val)`
`6669`	`6669`	`}`
`6670`	`6670`
`6671`	`6671`	`static`
`6672`		`-int addrconf_disable_policy(struct ctl_table ctl, int valp, int val)`
	`6672`	`+int addrconf_disable_policy(const struct ctl_table ctl, int valp, int val)`
`6673`	`6673`	`{`
`6674`	`6674`	`struct net net = (struct net )ctl->extra2;`
`6675`	`6675`	`struct inet6_dev *idev;`
Original file line number	Diff line number	Diff line change
`@@ -1936,7 +1936,7 @@ static struct notifier_block ndisc_netdev_notifier = {`
`1936`	`1936`	`};`
`1937`	`1937`
`1938`	`1938`	`#ifdef CONFIG_SYSCTL`
`1939`		`-static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,`
	`1939`	`+static void ndisc_warn_deprecated_sysctl(const struct ctl_table *ctl,`
`1940`	`1940`	`const char func, const char dev_name)`
`1941`	`1941`	`{`
`1942`	`1942`	`static char warncomm[TASK_COMM_LEN];`
Original file line number	Diff line number	Diff line change
`@@ -1924,7 +1924,8 @@ proc_do_sync_ports(struct ctl_table *table, int write,`
`1924`	`1924`	`return rc;`
`1925`	`1925`	`}`
`1926`	`1926`
`1927`		`-static int ipvs_proc_est_cpumask_set(struct ctl_table table, void buffer)`
	`1927`	`+static int ipvs_proc_est_cpumask_set(const struct ctl_table *table,`
	`1928`	`+ void *buffer)`
`1928`	`1929`	`{`
`1929`	`1930`	`struct netns_ipvs *ipvs = table->extra2;`
`1930`	`1931`	`cpumask_var_t *valp = table->data;`
`@@ -1962,8 +1963,8 @@ static int ipvs_proc_est_cpumask_set(struct ctl_table table, void buffer)`
`1962`	`1963`	`return ret;`
`1963`	`1964`	`}`
`1964`	`1965`
`1965`		`-static int ipvs_proc_est_cpumask_get(struct ctl_table table, void buffer,`
`1966`		`- size_t size)`
	`1966`	`+static int ipvs_proc_est_cpumask_get(const struct ctl_table *table,`
	`1967`	`+ void *buffer, size_t size)`
`1967`	`1968`	`{`
`1968`	`1969`	`struct netns_ipvs *ipvs = table->extra2;`
`1969`	`1970`	`cpumask_var_t *valp = table->data;`