angler-fishThe Vulnerability History Project

sysctl: pass kernel pointers to ->proc_handler

      Instead of having all the sysctl handlers deal with user pointers, which
is rather hairy in terms of the BPF interaction, copy the input to and
from  userspace in common code.  This also means that the strings are
always NUL-terminated by the common code, making the API a little bit
safer.

As most handler just pass through the data to one of the common handlers
a lot of the changes are mechnical.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Andrey Ignatov <rdna@fb.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
by Rosalie the Mongoose 2020-04-24 06:43:38 UTC
commit 32927393dc1ccd60fb2bdc05b9e8e88753761469
Linux Kernel VCC CVE-2020-25285
arch/arm64/kernel/armv8_deprecated.c
+1 -1
arch/arm64/kernel/fpsimd.c
+1 -2
arch/mips/lasat/sysctl.c
+5 -8
arch/s390/appldata/appldata_base.c
+5 -6
arch/s390/kernel/debug.c
+1 -1
arch/s390/kernel/topology.c
+1 -1
arch/s390/mm/cmm.c
+5 -7
arch/x86/kernel/itmt.c
+1 -2
drivers/cdrom/cdrom.c
+1 -1
drivers/char/random.c
+1 -1
drivers/macintosh/mac_hid.c
+1 -2
drivers/parport/procfs.c
+18 -21
fs/dcache.c
+1 -1
fs/drop_caches.c
+1 -1
fs/file_table.c
+2 -2
fs/fscache/main.c
+1 -2
fs/inode.c
+1 -1
fs/proc/proc_sysctl.c
+29 -18
fs/quota/dquot.c
+1 -1
fs/xfs/xfs_sysctl.c
+2 -2
include/linux/bpf-cgroup.h
+4 -5
include/linux/compaction.h
+1 -1
include/linux/fs.h
+3 -3
include/linux/ftrace.h
+1 -2
include/linux/hugetlb.h
+7 -8
include/linux/kprobes.h
+1 -1
include/linux/latencytop.h
+2 -2
include/linux/mm.h
+6 -6
include/linux/mmzone.h
+11 -12
include/linux/nmi.h
+5 -10
include/linux/perf_event.h
+5 -8
include/linux/printk.h
+1 -1
include/linux/sched/sysctl.h
+15 -29
include/linux/security.h
+1 -1
include/linux/sysctl.h
+22 -31
include/linux/timer.h
+1 -2
include/linux/vmstat.h
+4 -4
include/linux/writeback.h
+11 -17
ipc/ipc_sysctl.c
+5 -5
ipc/mq_sysctl.c
+2 -2
kernel/bpf/cgroup.c
+12 -23
kernel/events/callchain.c
+1 -1
kernel/events/core.c
+2 -4
kernel/kprobes.c
+1 -1
kernel/latencytop.c
+2 -2
kernel/pid_namespace.c
+1 -1
kernel/printk/printk.c
+1 -1
kernel/sched/core.c
+4 -5
kernel/sched/fair.c
+1 -2
kernel/sched/rt.c
+4 -6
kernel/sched/topology.c
+1 -1
kernel/seccomp.c
+1 -1
kernel/sysctl.c
+91 -148
kernel/time/timer.c
+1 -2
kernel/trace/trace.c
+1 -1
kernel/umh.c
+1 -1
kernel/utsname_sysctl.c
+1 -1
kernel/watchdog.c
+6 -6
mm/compaction.c
+1 -1
mm/hugetlb.c
+4 -5
mm/page-writeback.c
+6 -10
mm/page_alloc.c
+10 -20
mm/util.c
+4 -6
mm/vmstat.c
+2 -2
net/bridge/br_netfilter_hooks.c
+1 -1
net/core/neighbour.c
+13 -15
net/core/sysctl_net_core.c
+10 -17
net/decnet/dn_dev.c
+3 -4
net/decnet/sysctl_net_decnet.c
+8 -19
net/ipv4/devinet.c
+3 -6
net/ipv4/route.c
+1 -2
net/ipv4/sysctl_net_ipv4.c
+15 -23
net/ipv6/addrconf.c
+13 -20
net/ipv6/ndisc.c
+2 -1
net/ipv6/route.c
+2 -3
net/ipv6/sysctl_net_ipv6.c
+1 -2
net/mpls/af_mpls.c
+2 -3
net/netfilter/ipvs/ip_vs_ctl.c
+3 -3
net/netfilter/nf_conntrack_standalone.c
+1 -1
net/netfilter/nf_log.c
+1 -1
net/phonet/sysctl.c
+1 -2
net/rds/tcp.c
+2 -4
net/sctp/sysctl.c
+11 -21
net/sunrpc/sysctl.c
+13 -16
net/sunrpc/xprtrdma/svc_rdma.c
+3 -4
security/apparmor/lsm.c
+1 -1
security/min_addr.c
+1 -1
security/yama/yama_lsm.c
+1 -1
expand_less