From e346fb6d774abf1d9a87d39b1e3eef0b7397d154 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:05 -0300 Subject: [PATCH 01/30] xattr: make the xattr array itself const As it is currently declared, the xattr_handler structs are const but the array containing their pointers is not. This patch makes it so that fs modules can place them in .rodata, which makes it harder for accidental/malicious modifications at runtime. Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-2-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/xattr.c | 6 +++--- include/linux/fs.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fs/xattr.c b/fs/xattr.c index efd4736bc94b..09d927603433 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -56,7 +56,7 @@ strcmp_prefix(const char *a, const char *a_prefix) static const struct xattr_handler * xattr_resolve_name(struct inode *inode, const char **name) { - const struct xattr_handler **handlers = inode->i_sb->s_xattr; + const struct xattr_handler * const *handlers = inode->i_sb->s_xattr; const struct xattr_handler *handler; if (!(inode->i_opflags & IOP_XATTR)) { @@ -162,7 +162,7 @@ xattr_permission(struct mnt_idmap *idmap, struct inode *inode, int xattr_supports_user_prefix(struct inode *inode) { - const struct xattr_handler **handlers = inode->i_sb->s_xattr; + const struct xattr_handler * const *handlers = inode->i_sb->s_xattr; const struct xattr_handler *handler; if (!(inode->i_opflags & IOP_XATTR)) { @@ -999,7 +999,7 @@ int xattr_list_one(char **buffer, ssize_t *remaining_size, const char *name) ssize_t generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size) { - const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr; + const struct xattr_handler *handler, * const *handlers = dentry->d_sb->s_xattr; ssize_t remaining_size = buffer_size; int err = 0; diff --git a/include/linux/fs.h b/include/linux/fs.h index 4aeb3fa11927..bba22e25664d 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1206,7 +1206,7 @@ struct super_block { #ifdef CONFIG_SECURITY void *s_security; #endif - const struct xattr_handler **s_xattr; + const struct xattr_handler * const *s_xattr; #ifdef CONFIG_FS_ENCRYPTION const struct fscrypt_operations *s_cop; struct fscrypt_keyring *s_master_keys; /* master crypto keys in use */ From e60ac12833400296433c450d346f539d662ab4b0 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:06 -0300 Subject: [PATCH 02/30] ext4: move ext4_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to ext4_xattr_handlers at runtime. Cc: Theodore Ts'o Cc: Andreas Dilger Cc: linux-ext4@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-3-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/ext4/xattr.c | 2 +- fs/ext4/xattr.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 92ba28cebac6..a3b68eb4f6f7 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -98,7 +98,7 @@ static const struct xattr_handler * const ext4_xattr_handler_map[] = { [EXT4_XATTR_INDEX_HURD] = &ext4_xattr_hurd_handler, }; -const struct xattr_handler *ext4_xattr_handlers[] = { +const struct xattr_handler * const ext4_xattr_handlers[] = { &ext4_xattr_user_handler, &ext4_xattr_trusted_handler, #ifdef CONFIG_EXT4_FS_SECURITY diff --git a/fs/ext4/xattr.h b/fs/ext4/xattr.h index 824faf0b15a8..bd97c4aa8177 100644 --- a/fs/ext4/xattr.h +++ b/fs/ext4/xattr.h @@ -193,7 +193,7 @@ extern int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize, struct ext4_inode *raw_inode, handle_t *handle); extern void ext4_evict_ea_inode(struct inode *inode); -extern const struct xattr_handler *ext4_xattr_handlers[]; +extern const struct xattr_handler * const ext4_xattr_handlers[]; extern int ext4_xattr_ibody_find(struct inode *inode, struct ext4_xattr_info *i, struct ext4_xattr_ibody_find *is); From b6079dc9cb5182518b8f14fa350d5c501cba80d3 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:07 -0300 Subject: [PATCH 03/30] 9p: move xattr-related structs to .rodata This makes it harder for accidental or malicious changes to v9fs_xattr_user_handler, v9fs_xattr_trusted_handler, v9fs_xattr_security_handler, or v9fs_xattr_handlers at runtime. Cc: Eric Van Hensbergen Cc: Latchesar Ionkov Cc: Dominique Martinet Cc: Christian Schoenebeck Cc: v9fs@lists.linux.dev Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-4-wedsonaf@gmail.com Acked-by: Dominique Martinet Reviewed-by: Christian Schoenebeck Signed-off-by: Christian Brauner --- fs/9p/xattr.c | 8 ++++---- fs/9p/xattr.h | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/fs/9p/xattr.c b/fs/9p/xattr.c index e00cf8109b3f..053d1cef6e13 100644 --- a/fs/9p/xattr.c +++ b/fs/9p/xattr.c @@ -162,27 +162,27 @@ static int v9fs_xattr_handler_set(const struct xattr_handler *handler, return v9fs_xattr_set(dentry, full_name, value, size, flags); } -static struct xattr_handler v9fs_xattr_user_handler = { +static const struct xattr_handler v9fs_xattr_user_handler = { .prefix = XATTR_USER_PREFIX, .get = v9fs_xattr_handler_get, .set = v9fs_xattr_handler_set, }; -static struct xattr_handler v9fs_xattr_trusted_handler = { +static const struct xattr_handler v9fs_xattr_trusted_handler = { .prefix = XATTR_TRUSTED_PREFIX, .get = v9fs_xattr_handler_get, .set = v9fs_xattr_handler_set, }; #ifdef CONFIG_9P_FS_SECURITY -static struct xattr_handler v9fs_xattr_security_handler = { +static const struct xattr_handler v9fs_xattr_security_handler = { .prefix = XATTR_SECURITY_PREFIX, .get = v9fs_xattr_handler_get, .set = v9fs_xattr_handler_set, }; #endif -const struct xattr_handler *v9fs_xattr_handlers[] = { +const struct xattr_handler * const v9fs_xattr_handlers[] = { &v9fs_xattr_user_handler, &v9fs_xattr_trusted_handler, #ifdef CONFIG_9P_FS_SECURITY diff --git a/fs/9p/xattr.h b/fs/9p/xattr.h index b5636e544c8a..3ad5a802352a 100644 --- a/fs/9p/xattr.h +++ b/fs/9p/xattr.h @@ -10,7 +10,7 @@ #include #include -extern const struct xattr_handler *v9fs_xattr_handlers[]; +extern const struct xattr_handler * const v9fs_xattr_handlers[]; ssize_t v9fs_fid_xattr_get(struct p9_fid *fid, const char *name, void *buffer, size_t buffer_size); From f710c2e4813559e84fb2deb9f36ff43f0ebdf94e Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:08 -0300 Subject: [PATCH 04/30] afs: move afs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to afs_xattr_handlers at runtime. Cc: David Howells Cc: Marc Dionne Cc: linux-afs@lists.infradead.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-5-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/afs/internal.h | 2 +- fs/afs/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/afs/internal.h b/fs/afs/internal.h index da73b97e19a9..23e2cc4efe41 100644 --- a/fs/afs/internal.h +++ b/fs/afs/internal.h @@ -1541,7 +1541,7 @@ int afs_launder_folio(struct folio *); /* * xattr.c */ -extern const struct xattr_handler *afs_xattr_handlers[]; +extern const struct xattr_handler * const afs_xattr_handlers[]; /* * yfsclient.c diff --git a/fs/afs/xattr.c b/fs/afs/xattr.c index 9048d8ccc715..64b2c0224f62 100644 --- a/fs/afs/xattr.c +++ b/fs/afs/xattr.c @@ -353,7 +353,7 @@ static const struct xattr_handler afs_xattr_afs_volume_handler = { .get = afs_xattr_get_volume, }; -const struct xattr_handler *afs_xattr_handlers[] = { +const struct xattr_handler * const afs_xattr_handlers[] = { &afs_xattr_afs_acl_handler, &afs_xattr_afs_cell_handler, &afs_xattr_afs_fid_handler, From 8a25b4189896411136fcce5f271673f6239725ba Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:09 -0300 Subject: [PATCH 05/30] btrfs: move btrfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to btrfs_xattr_handlers at runtime. Cc: Chris Mason Cc: Josef Bacik Cc: David Sterba Cc: linux-btrfs@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-6-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/btrfs/xattr.c | 2 +- fs/btrfs/xattr.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c index 96828a13dd43..a9f8b173a99f 100644 --- a/fs/btrfs/xattr.c +++ b/fs/btrfs/xattr.c @@ -442,7 +442,7 @@ static const struct xattr_handler btrfs_btrfs_xattr_handler = { .set = btrfs_xattr_handler_set_prop, }; -const struct xattr_handler *btrfs_xattr_handlers[] = { +const struct xattr_handler * const btrfs_xattr_handlers[] = { &btrfs_security_xattr_handler, &btrfs_trusted_xattr_handler, &btrfs_user_xattr_handler, diff --git a/fs/btrfs/xattr.h b/fs/btrfs/xattr.h index 1cd3fc0a8f17..118118ca3e1d 100644 --- a/fs/btrfs/xattr.h +++ b/fs/btrfs/xattr.h @@ -8,7 +8,7 @@ #include -extern const struct xattr_handler *btrfs_xattr_handlers[]; +extern const struct xattr_handler * const btrfs_xattr_handlers[]; int btrfs_getxattr(struct inode *inode, const char *name, void *buffer, size_t size); From 10f9fbe9f25a81fb103a98fb2ee5f77afbfdfacc Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:10 -0300 Subject: [PATCH 06/30] ceph: move ceph_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to ceph_xattr_handlers at runtime. Cc: Xiubo Li Cc: Ilya Dryomov Cc: Jeff Layton Cc: ceph-devel@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-7-wedsonaf@gmail.com Acked-by: Ilya Dryomov Signed-off-by: Christian Brauner --- fs/ceph/super.h | 2 +- fs/ceph/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ceph/super.h b/fs/ceph/super.h index 51c7f2b14f6f..98844fc8a2f7 100644 --- a/fs/ceph/super.h +++ b/fs/ceph/super.h @@ -1119,7 +1119,7 @@ ssize_t __ceph_getxattr(struct inode *, const char *, void *, size_t); extern ssize_t ceph_listxattr(struct dentry *, char *, size_t); extern struct ceph_buffer *__ceph_build_xattrs_blob(struct ceph_inode_info *ci); extern void __ceph_destroy_xattrs(struct ceph_inode_info *ci); -extern const struct xattr_handler *ceph_xattr_handlers[]; +extern const struct xattr_handler * const ceph_xattr_handlers[]; struct ceph_acl_sec_ctx { #ifdef CONFIG_CEPH_FS_POSIX_ACL diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c index 0deae4a0f5f1..097ce7f74073 100644 --- a/fs/ceph/xattr.c +++ b/fs/ceph/xattr.c @@ -1446,7 +1446,7 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx) * List of handlers for synthetic system.* attributes. Other * attributes are handled directly. */ -const struct xattr_handler *ceph_xattr_handlers[] = { +const struct xattr_handler * const ceph_xattr_handlers[] = { &ceph_other_xattr_handler, NULL, }; From f354ed9810661334fe53196e83b08d8e8680f72f Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:11 -0300 Subject: [PATCH 07/30] ecryptfs: move ecryptfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to ecryptfs_xattr_handlers at runtime. Cc: Tyler Hicks Cc: ecryptfs@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-8-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/ecryptfs/ecryptfs_kernel.h | 2 +- fs/ecryptfs/inode.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index f2ed0c0266cb..c586c5db18b5 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h @@ -702,6 +702,6 @@ int ecryptfs_set_f_namelen(long *namelen, long lower_namelen, int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, loff_t offset); -extern const struct xattr_handler *ecryptfs_xattr_handlers[]; +extern const struct xattr_handler * const ecryptfs_xattr_handlers[]; #endif /* #ifndef ECRYPTFS_KERNEL_H */ diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 992d9c7e64ae..a25dd3d20008 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -1210,7 +1210,7 @@ static const struct xattr_handler ecryptfs_xattr_handler = { .set = ecryptfs_xattr_set, }; -const struct xattr_handler *ecryptfs_xattr_handlers[] = { +const struct xattr_handler * const ecryptfs_xattr_handlers[] = { &ecryptfs_xattr_handler, NULL }; From 3591f40e223c66d4a3f152390b6db56421011854 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:12 -0300 Subject: [PATCH 08/30] erofs: move erofs_xattr_handlers and xattr_handler_map to .rodata This makes it harder for accidental or malicious changes to erofs_xattr_handlers or xattr_handler_map at runtime. Cc: Gao Xiang Cc: Chao Yu Cc: Yue Hu Cc: Jeffle Xu Cc: linux-erofs@lists.ozlabs.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-9-wedsonaf@gmail.com Acked-by: Gao Xiang Signed-off-by: Christian Brauner --- fs/erofs/xattr.c | 2 +- fs/erofs/xattr.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/erofs/xattr.c b/fs/erofs/xattr.c index 09d341675e89..b58316b49a43 100644 --- a/fs/erofs/xattr.c +++ b/fs/erofs/xattr.c @@ -168,7 +168,7 @@ const struct xattr_handler __maybe_unused erofs_xattr_security_handler = { }; #endif -const struct xattr_handler *erofs_xattr_handlers[] = { +const struct xattr_handler * const erofs_xattr_handlers[] = { &erofs_xattr_user_handler, &erofs_xattr_trusted_handler, #ifdef CONFIG_EROFS_FS_SECURITY diff --git a/fs/erofs/xattr.h b/fs/erofs/xattr.h index f16283cb8c93..b246cd0e135e 100644 --- a/fs/erofs/xattr.h +++ b/fs/erofs/xattr.h @@ -23,7 +23,7 @@ static inline const char *erofs_xattr_prefix(unsigned int idx, { const struct xattr_handler *handler = NULL; - static const struct xattr_handler *xattr_handler_map[] = { + static const struct xattr_handler * const xattr_handler_map[] = { [EROFS_XATTR_INDEX_USER] = &erofs_xattr_user_handler, #ifdef CONFIG_EROFS_FS_POSIX_ACL [EROFS_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access, @@ -44,7 +44,7 @@ static inline const char *erofs_xattr_prefix(unsigned int idx, return xattr_prefix(handler); } -extern const struct xattr_handler *erofs_xattr_handlers[]; +extern const struct xattr_handler * const erofs_xattr_handlers[]; int erofs_xattr_prefixes_init(struct super_block *sb); void erofs_xattr_prefixes_cleanup(struct super_block *sb); From ce78a1ec1c3b58992112c80ccb0831b91b7b313a Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:13 -0300 Subject: [PATCH 09/30] ext2: move ext2_xattr_handlers and ext2_xattr_handler_map to .rodata This makes it harder for accidental or malicious changes to ext2_xattr_handlers or ext2_xattr_handler_map at runtime. Cc: Jan Kara Cc: linux-ext4@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-10-wedsonaf@gmail.com Acked-by: Jan Kara Signed-off-by: Christian Brauner --- fs/ext2/xattr.c | 4 ++-- fs/ext2/xattr.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c index 20f741184673..e849241ebb8f 100644 --- a/fs/ext2/xattr.c +++ b/fs/ext2/xattr.c @@ -98,7 +98,7 @@ static struct buffer_head *ext2_xattr_cache_find(struct inode *, static void ext2_xattr_rehash(struct ext2_xattr_header *, struct ext2_xattr_entry *); -static const struct xattr_handler *ext2_xattr_handler_map[] = { +static const struct xattr_handler * const ext2_xattr_handler_map[] = { [EXT2_XATTR_INDEX_USER] = &ext2_xattr_user_handler, #ifdef CONFIG_EXT2_FS_POSIX_ACL [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access, @@ -110,7 +110,7 @@ static const struct xattr_handler *ext2_xattr_handler_map[] = { #endif }; -const struct xattr_handler *ext2_xattr_handlers[] = { +const struct xattr_handler * const ext2_xattr_handlers[] = { &ext2_xattr_user_handler, &ext2_xattr_trusted_handler, #ifdef CONFIG_EXT2_FS_SECURITY diff --git a/fs/ext2/xattr.h b/fs/ext2/xattr.h index 7925f596e8e2..6a4966949047 100644 --- a/fs/ext2/xattr.h +++ b/fs/ext2/xattr.h @@ -72,7 +72,7 @@ extern void ext2_xattr_delete_inode(struct inode *); extern struct mb_cache *ext2_xattr_create_cache(void); extern void ext2_xattr_destroy_cache(struct mb_cache *cache); -extern const struct xattr_handler *ext2_xattr_handlers[]; +extern const struct xattr_handler * const ext2_xattr_handlers[]; # else /* CONFIG_EXT2_FS_XATTR */ From a1c0752c33d25db28a9846ce82866a7f486f83e0 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:14 -0300 Subject: [PATCH 10/30] f2fs: move f2fs_xattr_handlers and f2fs_xattr_handler_map to .rodata This makes it harder for accidental or malicious changes to f2fs_xattr_handlers or f2fs_xattr_handler_map at runtime. Cc: Jaegeuk Kim Cc: Chao Yu Cc: linux-f2fs-devel@lists.sourceforge.net Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-11-wedsonaf@gmail.com Reviewed-by: Chao Yu Signed-off-by: Christian Brauner --- fs/f2fs/xattr.c | 4 ++-- fs/f2fs/xattr.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c index a657284faee3..4314456854f6 100644 --- a/fs/f2fs/xattr.c +++ b/fs/f2fs/xattr.c @@ -189,7 +189,7 @@ const struct xattr_handler f2fs_xattr_security_handler = { .set = f2fs_xattr_generic_set, }; -static const struct xattr_handler *f2fs_xattr_handler_map[] = { +static const struct xattr_handler * const f2fs_xattr_handler_map[] = { [F2FS_XATTR_INDEX_USER] = &f2fs_xattr_user_handler, #ifdef CONFIG_F2FS_FS_POSIX_ACL [F2FS_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access, @@ -202,7 +202,7 @@ static const struct xattr_handler *f2fs_xattr_handler_map[] = { [F2FS_XATTR_INDEX_ADVISE] = &f2fs_xattr_advise_handler, }; -const struct xattr_handler *f2fs_xattr_handlers[] = { +const struct xattr_handler * const f2fs_xattr_handlers[] = { &f2fs_xattr_user_handler, &f2fs_xattr_trusted_handler, #ifdef CONFIG_F2FS_FS_SECURITY diff --git a/fs/f2fs/xattr.h b/fs/f2fs/xattr.h index b1811c392e6f..a005ffdcf717 100644 --- a/fs/f2fs/xattr.h +++ b/fs/f2fs/xattr.h @@ -125,7 +125,7 @@ extern const struct xattr_handler f2fs_xattr_trusted_handler; extern const struct xattr_handler f2fs_xattr_advise_handler; extern const struct xattr_handler f2fs_xattr_security_handler; -extern const struct xattr_handler *f2fs_xattr_handlers[]; +extern const struct xattr_handler * const f2fs_xattr_handlers[]; extern int f2fs_setxattr(struct inode *, int, const char *, const void *, size_t, struct page *, int); From 34271edb18787d0b7d0f14c505468378de7efb4d Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:15 -0300 Subject: [PATCH 11/30] fuse: move fuse_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to fuse_xattr_handlers at runtime. Cc: Miklos Szeredi Cc: linux-fsdevel@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-12-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/fuse/fuse_i.h | 2 +- fs/fuse/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index bf0b85d0b95c..6e6e721f421b 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -1284,7 +1284,7 @@ ssize_t fuse_getxattr(struct inode *inode, const char *name, void *value, size_t size); ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size); int fuse_removexattr(struct inode *inode, const char *name); -extern const struct xattr_handler *fuse_xattr_handlers[]; +extern const struct xattr_handler * const fuse_xattr_handlers[]; struct posix_acl; struct posix_acl *fuse_get_inode_acl(struct inode *inode, int type, bool rcu); diff --git a/fs/fuse/xattr.c b/fs/fuse/xattr.c index 49c01559580f..5b423fdbb13f 100644 --- a/fs/fuse/xattr.c +++ b/fs/fuse/xattr.c @@ -209,7 +209,7 @@ static const struct xattr_handler fuse_xattr_handler = { .set = fuse_xattr_set, }; -const struct xattr_handler *fuse_xattr_handlers[] = { +const struct xattr_handler * const fuse_xattr_handlers[] = { &fuse_xattr_handler, NULL }; From 89491fafa81c7c4e6aeb8f1a21903bc65b77515e Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:16 -0300 Subject: [PATCH 12/30] gfs2: move gfs2_xattr_handlers_max to .rodata This makes it harder for accidental or malicious changes to gfs2_xattr_handlers_max at runtime. Cc: Bob Peterson Cc: Andreas Gruenbacher Cc: cluster-devel@redhat.com Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-13-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/gfs2/super.h | 4 ++-- fs/gfs2/xattr.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fs/gfs2/super.h b/fs/gfs2/super.h index ab9c83106932..b4ddf6244586 100644 --- a/fs/gfs2/super.h +++ b/fs/gfs2/super.h @@ -60,8 +60,8 @@ extern const struct export_operations gfs2_export_ops; extern const struct super_operations gfs2_super_ops; extern const struct dentry_operations gfs2_dops; -extern const struct xattr_handler *gfs2_xattr_handlers_max[]; -extern const struct xattr_handler **gfs2_xattr_handlers_min; +extern const struct xattr_handler * const gfs2_xattr_handlers_max[]; +extern const struct xattr_handler * const *gfs2_xattr_handlers_min; #endif /* __SUPER_DOT_H__ */ diff --git a/fs/gfs2/xattr.c b/fs/gfs2/xattr.c index 4fea70c0fe3d..79d5c5559512 100644 --- a/fs/gfs2/xattr.c +++ b/fs/gfs2/xattr.c @@ -1494,7 +1494,7 @@ static const struct xattr_handler gfs2_xattr_trusted_handler = { .set = gfs2_xattr_set, }; -const struct xattr_handler *gfs2_xattr_handlers_max[] = { +const struct xattr_handler * const gfs2_xattr_handlers_max[] = { /* GFS2_FS_FORMAT_MAX */ &gfs2_xattr_trusted_handler, @@ -1504,4 +1504,4 @@ const struct xattr_handler *gfs2_xattr_handlers_max[] = { NULL, }; -const struct xattr_handler **gfs2_xattr_handlers_min = gfs2_xattr_handlers_max + 1; +const struct xattr_handler * const *gfs2_xattr_handlers_min = gfs2_xattr_handlers_max + 1; From e27a45b6507083f50781a2c94c5f6618a3b916d5 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:17 -0300 Subject: [PATCH 13/30] hfs: move hfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to hfs_xattr_handlers at runtime. Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-14-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/hfs/attr.c | 2 +- fs/hfs/hfs_fs.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/hfs/attr.c b/fs/hfs/attr.c index 6341bb248247..f8395cdd1adf 100644 --- a/fs/hfs/attr.c +++ b/fs/hfs/attr.c @@ -146,7 +146,7 @@ static const struct xattr_handler hfs_type_handler = { .set = hfs_xattr_set, }; -const struct xattr_handler *hfs_xattr_handlers[] = { +const struct xattr_handler * const hfs_xattr_handlers[] = { &hfs_creator_handler, &hfs_type_handler, NULL diff --git a/fs/hfs/hfs_fs.h b/fs/hfs/hfs_fs.h index 49d02524e667..b5a6ad5df357 100644 --- a/fs/hfs/hfs_fs.h +++ b/fs/hfs/hfs_fs.h @@ -215,7 +215,7 @@ extern void hfs_evict_inode(struct inode *); extern void hfs_delete_inode(struct inode *); /* attr.c */ -extern const struct xattr_handler *hfs_xattr_handlers[]; +extern const struct xattr_handler * const hfs_xattr_handlers[]; /* mdb.c */ extern int hfs_mdb_get(struct super_block *); From 2c323f2c565078557d09768a4ee654ea3f139285 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:18 -0300 Subject: [PATCH 14/30] hfsplus: move hfsplus_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to hfsplus_xattr_handlers at runtime. Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-15-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/hfsplus/xattr.c | 2 +- fs/hfsplus/xattr.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c index 58021e73c00b..9c9ff6b8c6f7 100644 --- a/fs/hfsplus/xattr.c +++ b/fs/hfsplus/xattr.c @@ -13,7 +13,7 @@ static int hfsplus_removexattr(struct inode *inode, const char *name); -const struct xattr_handler *hfsplus_xattr_handlers[] = { +const struct xattr_handler * const hfsplus_xattr_handlers[] = { &hfsplus_xattr_osx_handler, &hfsplus_xattr_user_handler, &hfsplus_xattr_trusted_handler, diff --git a/fs/hfsplus/xattr.h b/fs/hfsplus/xattr.h index d14e362b3eba..15cc55e41410 100644 --- a/fs/hfsplus/xattr.h +++ b/fs/hfsplus/xattr.h @@ -17,7 +17,7 @@ extern const struct xattr_handler hfsplus_xattr_user_handler; extern const struct xattr_handler hfsplus_xattr_trusted_handler; extern const struct xattr_handler hfsplus_xattr_security_handler; -extern const struct xattr_handler *hfsplus_xattr_handlers[]; +extern const struct xattr_handler * const hfsplus_xattr_handlers[]; int __hfsplus_setxattr(struct inode *inode, const char *name, const void *value, size_t size, int flags); From 13a75c3abcbed217e2edaf8c760e603b3f994a04 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:19 -0300 Subject: [PATCH 15/30] jffs2: move jffs2_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to jffs2_xattr_handlers at runtime. Cc: David Woodhouse Cc: Richard Weinberger Cc: linux-mtd@lists.infradead.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-16-wedsonaf@gmail.com Reviewed-by: Zhihao Cheng Signed-off-by: Christian Brauner --- fs/jffs2/xattr.c | 2 +- fs/jffs2/xattr.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/jffs2/xattr.c b/fs/jffs2/xattr.c index 3b6bdc9a49e1..00224f3a8d6e 100644 --- a/fs/jffs2/xattr.c +++ b/fs/jffs2/xattr.c @@ -920,7 +920,7 @@ struct jffs2_xattr_datum *jffs2_setup_xattr_datum(struct jffs2_sb_info *c, * do_jffs2_setxattr(inode, xprefix, xname, buffer, size, flags) * is an implementation of setxattr handler on jffs2. * -------------------------------------------------- */ -const struct xattr_handler *jffs2_xattr_handlers[] = { +const struct xattr_handler * const jffs2_xattr_handlers[] = { &jffs2_user_xattr_handler, #ifdef CONFIG_JFFS2_FS_SECURITY &jffs2_security_xattr_handler, diff --git a/fs/jffs2/xattr.h b/fs/jffs2/xattr.h index 1b5030a3349d..7e7de093ec0a 100644 --- a/fs/jffs2/xattr.h +++ b/fs/jffs2/xattr.h @@ -94,7 +94,7 @@ extern int do_jffs2_getxattr(struct inode *inode, int xprefix, const char *xname extern int do_jffs2_setxattr(struct inode *inode, int xprefix, const char *xname, const char *buffer, size_t size, int flags); -extern const struct xattr_handler *jffs2_xattr_handlers[]; +extern const struct xattr_handler * const jffs2_xattr_handlers[]; extern const struct xattr_handler jffs2_user_xattr_handler; extern const struct xattr_handler jffs2_trusted_xattr_handler; From ea780283e2c04517ff2e9cdebd0257108aa7f72d Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:20 -0300 Subject: [PATCH 16/30] jfs: move jfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to jfs_xattr_handlers at runtime. Cc: Dave Kleikamp Cc: jfs-discussion@lists.sourceforge.net Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-17-wedsonaf@gmail.com Reviewed-by: Dave Kleikamp Signed-off-by: Christian Brauner --- fs/jfs/jfs_xattr.h | 2 +- fs/jfs/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h index 0d33816d251d..ec67d8554d2c 100644 --- a/fs/jfs/jfs_xattr.h +++ b/fs/jfs/jfs_xattr.h @@ -46,7 +46,7 @@ extern int __jfs_setxattr(tid_t, struct inode *, const char *, const void *, extern ssize_t __jfs_getxattr(struct inode *, const char *, void *, size_t); extern ssize_t jfs_listxattr(struct dentry *, char *, size_t); -extern const struct xattr_handler *jfs_xattr_handlers[]; +extern const struct xattr_handler * const jfs_xattr_handlers[]; #ifdef CONFIG_JFS_SECURITY extern int jfs_init_security(tid_t, struct inode *, struct inode *, diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c index 8577ad494e05..0fb7afac298e 100644 --- a/fs/jfs/xattr.c +++ b/fs/jfs/xattr.c @@ -985,7 +985,7 @@ static const struct xattr_handler jfs_trusted_xattr_handler = { .set = jfs_xattr_set, }; -const struct xattr_handler *jfs_xattr_handlers[] = { +const struct xattr_handler * const jfs_xattr_handlers[] = { &jfs_os2_xattr_handler, &jfs_user_xattr_handler, &jfs_security_xattr_handler, From ffb2e06508279ced466d60164105da3f5c1b14be Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:21 -0300 Subject: [PATCH 17/30] kernfs: move kernfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to kernfs_xattr_handlers at runtime. Cc: Greg Kroah-Hartman Cc: Tejun Heo Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-18-wedsonaf@gmail.com Acked-by: Greg Kroah-Hartman Signed-off-by: Christian Brauner --- fs/kernfs/inode.c | 2 +- fs/kernfs/kernfs-internal.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 922719a343a7..f258ce9c0d1b 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -445,7 +445,7 @@ static const struct xattr_handler kernfs_user_xattr_handler = { .set = kernfs_vfs_user_xattr_set, }; -const struct xattr_handler *kernfs_xattr_handlers[] = { +const struct xattr_handler * const kernfs_xattr_handlers[] = { &kernfs_trusted_xattr_handler, &kernfs_security_xattr_handler, &kernfs_user_xattr_handler, diff --git a/fs/kernfs/kernfs-internal.h b/fs/kernfs/kernfs-internal.h index a9b854cdfdb5..237f2764b941 100644 --- a/fs/kernfs/kernfs-internal.h +++ b/fs/kernfs/kernfs-internal.h @@ -127,7 +127,7 @@ extern struct kmem_cache *kernfs_node_cache, *kernfs_iattrs_cache; /* * inode.c */ -extern const struct xattr_handler *kernfs_xattr_handlers[]; +extern const struct xattr_handler * const kernfs_xattr_handlers[]; void kernfs_evict_inode(struct inode *inode); int kernfs_iop_permission(struct mnt_idmap *idmap, struct inode *inode, int mask); From f496647e3b09945f54bdbe78a998130cf736b4fc Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:22 -0300 Subject: [PATCH 18/30] nfs: move nfs4_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to nfs4_xattr_handlers at runtime. Cc: Trond Myklebust Cc: Anna Schumaker Cc: linux-nfs@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-19-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/nfs/nfs.h | 2 +- fs/nfs/nfs4_fs.h | 2 +- fs/nfs/nfs4proc.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/nfs/nfs.h b/fs/nfs/nfs.h index 5ba00610aede..0d3ce0460e35 100644 --- a/fs/nfs/nfs.h +++ b/fs/nfs/nfs.h @@ -18,7 +18,7 @@ struct nfs_subversion { const struct rpc_version *rpc_vers; /* NFS version information */ const struct nfs_rpc_ops *rpc_ops; /* NFS operations */ const struct super_operations *sops; /* NFS Super operations */ - const struct xattr_handler **xattr; /* NFS xattr handlers */ + const struct xattr_handler * const *xattr; /* NFS xattr handlers */ struct list_head list; /* List of NFS versions */ }; diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h index 47c5c1f86d66..827d00e2f094 100644 --- a/fs/nfs/nfs4_fs.h +++ b/fs/nfs/nfs4_fs.h @@ -315,7 +315,7 @@ extern struct rpc_clnt *nfs4_proc_lookup_mountpoint(struct inode *, struct nfs_fh *, struct nfs_fattr *); extern int nfs4_proc_secinfo(struct inode *, const struct qstr *, struct nfs4_secinfo_flavors *); -extern const struct xattr_handler *nfs4_xattr_handlers[]; +extern const struct xattr_handler * const nfs4_xattr_handlers[]; extern int nfs4_set_rw_stateid(nfs4_stateid *stateid, const struct nfs_open_context *ctx, const struct nfs_lock_context *l_ctx, diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 794343790ea8..134e16934251 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -10733,7 +10733,7 @@ static const struct xattr_handler nfs4_xattr_nfs4_user_handler = { }; #endif -const struct xattr_handler *nfs4_xattr_handlers[] = { +const struct xattr_handler * const nfs4_xattr_handlers[] = { &nfs4_xattr_nfs4_acl_handler, #if defined(CONFIG_NFS_V4_1) &nfs4_xattr_nfs4_dacl_handler, From 5bf1dd9441da8f02ce2082c246327f927836b8ff Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:23 -0300 Subject: [PATCH 19/30] ntfs3: move ntfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to ntfs_xattr_handlers at runtime. Cc: Konstantin Komarov Cc: ntfs3@lists.linux.dev Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-20-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/ntfs3/ntfs_fs.h | 2 +- fs/ntfs3/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ntfs3/ntfs_fs.h b/fs/ntfs3/ntfs_fs.h index 629403ede6e5..41c1538f8e51 100644 --- a/fs/ntfs3/ntfs_fs.h +++ b/fs/ntfs3/ntfs_fs.h @@ -872,7 +872,7 @@ int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode, int ntfs_acl_chmod(struct mnt_idmap *idmap, struct dentry *dentry); ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size); -extern const struct xattr_handler *ntfs_xattr_handlers[]; +extern const struct xattr_handler * const ntfs_xattr_handlers[]; int ntfs_save_wsl_perm(struct inode *inode, __le16 *ea_size); void ntfs_get_wsl_perm(struct inode *inode); diff --git a/fs/ntfs3/xattr.c b/fs/ntfs3/xattr.c index 29fd391899e5..ffe217160d49 100644 --- a/fs/ntfs3/xattr.c +++ b/fs/ntfs3/xattr.c @@ -1016,7 +1016,7 @@ static const struct xattr_handler ntfs_other_xattr_handler = { .list = ntfs_xattr_user_list, }; -const struct xattr_handler *ntfs_xattr_handlers[] = { +const struct xattr_handler * const ntfs_xattr_handlers[] = { &ntfs_other_xattr_handler, NULL, }; From 2cba9af99b3f88c8afe457770452d9907d7c5f8c Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:24 -0300 Subject: [PATCH 20/30] ocfs2: move ocfs2_xattr_handlers and ocfs2_xattr_handler_map to .rodata This makes it harder for accidental or malicious changes to ocfs2_xattr_handlers or ocfs2_xattr_handler_map at runtime. Cc: Mark Fasheh Cc: Joel Becker Cc: Joseph Qi Cc: ocfs2-devel@lists.linux.dev Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-21-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/ocfs2/xattr.c | 4 ++-- fs/ocfs2/xattr.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index 6510ad783c91..2e9628f698be 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c @@ -87,14 +87,14 @@ static struct ocfs2_xattr_def_value_root def_xv = { .xv.xr_list.l_count = cpu_to_le16(1), }; -const struct xattr_handler *ocfs2_xattr_handlers[] = { +const struct xattr_handler * const ocfs2_xattr_handlers[] = { &ocfs2_xattr_user_handler, &ocfs2_xattr_trusted_handler, &ocfs2_xattr_security_handler, NULL }; -static const struct xattr_handler *ocfs2_xattr_handler_map[OCFS2_XATTR_MAX] = { +static const struct xattr_handler * const ocfs2_xattr_handler_map[OCFS2_XATTR_MAX] = { [OCFS2_XATTR_INDEX_USER] = &ocfs2_xattr_user_handler, [OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access, [OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT] = &nop_posix_acl_default, diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h index 00308b57f64f..65e9aa743919 100644 --- a/fs/ocfs2/xattr.h +++ b/fs/ocfs2/xattr.h @@ -30,7 +30,7 @@ struct ocfs2_security_xattr_info { extern const struct xattr_handler ocfs2_xattr_user_handler; extern const struct xattr_handler ocfs2_xattr_trusted_handler; extern const struct xattr_handler ocfs2_xattr_security_handler; -extern const struct xattr_handler *ocfs2_xattr_handlers[]; +extern const struct xattr_handler * const ocfs2_xattr_handlers[]; ssize_t ocfs2_listxattr(struct dentry *, char *, size_t); int ocfs2_xattr_get_nolock(struct inode *, struct buffer_head *, int, From 2e9440ac07169790df74dcab412a945c2bfb78f2 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:25 -0300 Subject: [PATCH 21/30] orangefs: move orangefs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to orangefs_xattr_handlers at runtime. Cc: Mike Marshall Cc: Martin Brandenburg Cc: devel@lists.orangefs.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-22-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/orangefs/orangefs-kernel.h | 2 +- fs/orangefs/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/orangefs/orangefs-kernel.h b/fs/orangefs/orangefs-kernel.h index b711654ca18a..926d9c0a428a 100644 --- a/fs/orangefs/orangefs-kernel.h +++ b/fs/orangefs/orangefs-kernel.h @@ -103,7 +103,7 @@ enum orangefs_vfs_op_states { #define ORANGEFS_CACHE_CREATE_FLAGS 0 #endif -extern const struct xattr_handler *orangefs_xattr_handlers[]; +extern const struct xattr_handler * const orangefs_xattr_handlers[]; extern struct posix_acl *orangefs_get_acl(struct inode *inode, int type, bool rcu); extern int orangefs_set_acl(struct mnt_idmap *idmap, diff --git a/fs/orangefs/xattr.c b/fs/orangefs/xattr.c index 68b62689a63e..74ef75586f38 100644 --- a/fs/orangefs/xattr.c +++ b/fs/orangefs/xattr.c @@ -554,7 +554,7 @@ static const struct xattr_handler orangefs_xattr_default_handler = { .set = orangefs_xattr_set_default, }; -const struct xattr_handler *orangefs_xattr_handlers[] = { +const struct xattr_handler * const orangefs_xattr_handlers[] = { &orangefs_xattr_default_handler, NULL }; From 29a69055e2e11040437f89e0355979d3d6e77149 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:26 -0300 Subject: [PATCH 22/30] reiserfs: move reiserfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to reiserfs_xattr_handlers at runtime. Cc: reiserfs-devel@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-23-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/reiserfs/reiserfs.h | 2 +- fs/reiserfs/xattr.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/reiserfs/reiserfs.h b/fs/reiserfs/reiserfs.h index b81749492ef9..ed154bf26c53 100644 --- a/fs/reiserfs/reiserfs.h +++ b/fs/reiserfs/reiserfs.h @@ -1165,7 +1165,7 @@ static inline int bmap_would_wrap(unsigned bmap_nr) return bmap_nr > ((1LL << 16) - 1); } -extern const struct xattr_handler *reiserfs_xattr_handlers[]; +extern const struct xattr_handler * const reiserfs_xattr_handlers[]; /* * this says about version of key of all items (but stat data) the diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index 6000964c2b80..998035a6388e 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -780,7 +780,7 @@ static inline bool reiserfs_posix_acl_list(const char *name, } /* This is the implementation for the xattr plugin infrastructure */ -static inline bool reiserfs_xattr_list(const struct xattr_handler **handlers, +static inline bool reiserfs_xattr_list(const struct xattr_handler * const *handlers, const char *name, struct dentry *dentry) { if (handlers) { @@ -911,7 +911,7 @@ static int create_privroot(struct dentry *dentry) { return 0; } #endif /* Actual operations that are exported to VFS-land */ -const struct xattr_handler *reiserfs_xattr_handlers[] = { +const struct xattr_handler * const reiserfs_xattr_handlers[] = { #ifdef CONFIG_REISERFS_FS_XATTR &reiserfs_xattr_user_handler, &reiserfs_xattr_trusted_handler, From 149f455798a6fef6f5a88d43f930636b86dd9a74 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:27 -0300 Subject: [PATCH 23/30] smb: move cifs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to cifs_xattr_handlers at runtime. Cc: Steve French Cc: Paulo Alcantara Cc: Ronnie Sahlberg Cc: Shyam Prasad N Cc: Tom Talpey Cc: linux-cifs@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-24-wedsonaf@gmail.com Reviewed-by: Steve French Signed-off-by: Christian Brauner --- fs/smb/client/cifsfs.h | 2 +- fs/smb/client/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/smb/client/cifsfs.h b/fs/smb/client/cifsfs.h index 41daebd220ff..8ca3d7606bb4 100644 --- a/fs/smb/client/cifsfs.h +++ b/fs/smb/client/cifsfs.h @@ -127,7 +127,7 @@ extern int cifs_symlink(struct mnt_idmap *idmap, struct inode *inode, struct dentry *direntry, const char *symname); #ifdef CONFIG_CIFS_XATTR -extern const struct xattr_handler *cifs_xattr_handlers[]; +extern const struct xattr_handler * const cifs_xattr_handlers[]; extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); #else # define cifs_xattr_handlers NULL diff --git a/fs/smb/client/xattr.c b/fs/smb/client/xattr.c index 4ad5531686d8..ac199160bce6 100644 --- a/fs/smb/client/xattr.c +++ b/fs/smb/client/xattr.c @@ -478,7 +478,7 @@ static const struct xattr_handler smb3_ntsd_full_xattr_handler = { .set = cifs_xattr_set, }; -const struct xattr_handler *cifs_xattr_handlers[] = { +const struct xattr_handler * const cifs_xattr_handlers[] = { &cifs_user_xattr_handler, &cifs_os2_xattr_handler, &cifs_cifs_acl_xattr_handler, From c08a831c74f040ac332c31ad15254cc7462438bc Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:28 -0300 Subject: [PATCH 24/30] squashfs: move squashfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to squashfs_xattr_handlers at runtime. Cc: Phillip Lougher Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-25-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- fs/squashfs/squashfs.h | 2 +- fs/squashfs/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/squashfs/squashfs.h b/fs/squashfs/squashfs.h index a6164fdf9435..5a756e6790b5 100644 --- a/fs/squashfs/squashfs.h +++ b/fs/squashfs/squashfs.h @@ -111,4 +111,4 @@ extern const struct address_space_operations squashfs_symlink_aops; extern const struct inode_operations squashfs_symlink_inode_ops; /* xattr.c */ -extern const struct xattr_handler *squashfs_xattr_handlers[]; +extern const struct xattr_handler * const squashfs_xattr_handlers[]; diff --git a/fs/squashfs/xattr.c b/fs/squashfs/xattr.c index e1e3f3dd5a06..ce6608cabd49 100644 --- a/fs/squashfs/xattr.c +++ b/fs/squashfs/xattr.c @@ -262,7 +262,7 @@ static const struct xattr_handler *squashfs_xattr_handler(int type) } } -const struct xattr_handler *squashfs_xattr_handlers[] = { +const struct xattr_handler * const squashfs_xattr_handlers[] = { &squashfs_xattr_user_handler, &squashfs_xattr_trusted_handler, &squashfs_xattr_security_handler, From c25308c326dbc304e6f77df0f8f5989a7825203d Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:29 -0300 Subject: [PATCH 25/30] ubifs: move ubifs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to ubifs_xattr_handlers at runtime. Cc: Richard Weinberger Cc: linux-mtd@lists.infradead.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-26-wedsonaf@gmail.com Reviewed-by: Zhihao Cheng Signed-off-by: Christian Brauner --- fs/ubifs/ubifs.h | 2 +- fs/ubifs/xattr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index ebb3ad6b5e7e..62633816d7d0 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h @@ -2043,7 +2043,7 @@ ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf, size_t size); #ifdef CONFIG_UBIFS_FS_XATTR -extern const struct xattr_handler *ubifs_xattr_handlers[]; +extern const struct xattr_handler * const ubifs_xattr_handlers[]; ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size); void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum); int ubifs_purge_xattrs(struct inode *host); diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 406c82eab513..0847db521984 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -735,7 +735,7 @@ static const struct xattr_handler ubifs_security_xattr_handler = { }; #endif -const struct xattr_handler *ubifs_xattr_handlers[] = { +const struct xattr_handler * const ubifs_xattr_handlers[] = { &ubifs_user_xattr_handler, &ubifs_trusted_xattr_handler, #ifdef CONFIG_UBIFS_FS_SECURITY From 375aa21d36ee8ea19a370da9d38fedcb50ec34d3 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:30 -0300 Subject: [PATCH 26/30] xfs: move xfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to xfs_xattr_handlers at runtime. Cc: "Darrick J. Wong" Cc: linux-xfs@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-27-wedsonaf@gmail.com Reviewed-by: "Darrick J. Wong" Signed-off-by: Christian Brauner --- fs/xfs/xfs_xattr.c | 2 +- fs/xfs/xfs_xattr.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/xfs/xfs_xattr.c b/fs/xfs/xfs_xattr.c index 43e5c219aaed..77418bcd6f3a 100644 --- a/fs/xfs/xfs_xattr.c +++ b/fs/xfs/xfs_xattr.c @@ -175,7 +175,7 @@ static const struct xattr_handler xfs_xattr_security_handler = { .set = xfs_xattr_set, }; -const struct xattr_handler *xfs_xattr_handlers[] = { +const struct xattr_handler * const xfs_xattr_handlers[] = { &xfs_xattr_user_handler, &xfs_xattr_trusted_handler, &xfs_xattr_security_handler, diff --git a/fs/xfs/xfs_xattr.h b/fs/xfs/xfs_xattr.h index 2b09133b1b9b..cec766cad26c 100644 --- a/fs/xfs/xfs_xattr.h +++ b/fs/xfs/xfs_xattr.h @@ -8,6 +8,6 @@ int xfs_attr_change(struct xfs_da_args *args); -extern const struct xattr_handler *xfs_xattr_handlers[]; +extern const struct xattr_handler * const xfs_xattr_handlers[]; #endif /* __XFS_XATTR_H__ */ From 3d649a4a832ecfa48bf1f62972c1ddf0030785d3 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:31 -0300 Subject: [PATCH 27/30] overlayfs: move xattr tables to .rodata This makes it harder for accidental or malicious changes to ovl_trusted_xattr_handlers or ovl_user_xattr_handlers at runtime. Cc: Miklos Szeredi Cc: Amir Goldstein Cc: linux-unionfs@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-28-wedsonaf@gmail.com Acked-by: Amir Goldstein Signed-off-by: Christian Brauner --- fs/overlayfs/super.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index def266b5e2a3..7f67ebfbdae1 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c @@ -484,13 +484,13 @@ static const struct xattr_handler ovl_other_xattr_handler = { .set = ovl_other_xattr_set, }; -static const struct xattr_handler *ovl_trusted_xattr_handlers[] = { +static const struct xattr_handler * const ovl_trusted_xattr_handlers[] = { &ovl_own_trusted_xattr_handler, &ovl_other_xattr_handler, NULL }; -static const struct xattr_handler *ovl_user_xattr_handlers[] = { +static const struct xattr_handler * const ovl_user_xattr_handlers[] = { &ovl_own_user_xattr_handler, &ovl_other_xattr_handler, NULL From 2f5028604f08fa9fe40c07295843d6917d9d0a94 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:32 -0300 Subject: [PATCH 28/30] shmem: move shmem_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to shmem_xattr_handlers at runtime. Cc: Hugh Dickins Cc: Andrew Morton Cc: linux-mm@kvack.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-29-wedsonaf@gmail.com Signed-off-by: Christian Brauner --- mm/shmem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/shmem.c b/mm/shmem.c index 02e62fccc80d..fd44902730df 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -3714,7 +3714,7 @@ static const struct xattr_handler shmem_user_xattr_handler = { .set = shmem_xattr_handler_set, }; -static const struct xattr_handler *shmem_xattr_handlers[] = { +static const struct xattr_handler * const shmem_xattr_handlers[] = { &shmem_security_xattr_handler, &shmem_trusted_xattr_handler, &shmem_user_xattr_handler, From 295d3c441226d004d1ed59c4fcf62d5dba18d9e1 Mon Sep 17 00:00:00 2001 From: Wedson Almeida Filho Date: Sat, 30 Sep 2023 02:00:33 -0300 Subject: [PATCH 29/30] net: move sockfs_xattr_handlers to .rodata This makes it harder for accidental or malicious changes to sockfs_xattr_handlers at runtime. Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Richard Cochran Cc: netdev@vger.kernel.org Signed-off-by: Wedson Almeida Filho Link: https://lore.kernel.org/r/20230930050033.41174-30-wedsonaf@gmail.com Acked-by: Jakub Kicinski Signed-off-by: Christian Brauner --- include/linux/pseudo_fs.h | 2 +- net/socket.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/pseudo_fs.h b/include/linux/pseudo_fs.h index eceda1d1407a..730f77381d55 100644 --- a/include/linux/pseudo_fs.h +++ b/include/linux/pseudo_fs.h @@ -5,7 +5,7 @@ struct pseudo_fs_context { const struct super_operations *ops; - const struct xattr_handler **xattr; + const struct xattr_handler * const *xattr; const struct dentry_operations *dops; unsigned long magic; }; diff --git a/net/socket.c b/net/socket.c index c8b08b32f097..be301d523679 100644 --- a/net/socket.c +++ b/net/socket.c @@ -403,7 +403,7 @@ static const struct xattr_handler sockfs_security_xattr_handler = { .set = sockfs_security_xattr_set, }; -static const struct xattr_handler *sockfs_xattr_handlers[] = { +static const struct xattr_handler * const sockfs_xattr_handlers[] = { &sockfs_xattr_handler, &sockfs_security_xattr_handler, NULL From a640d888953cd18e8542283653c20160b601d69d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= Date: Thu, 12 Oct 2023 16:30:38 +0200 Subject: [PATCH 30/30] const_structs.checkpatch: add xattr_handler MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Now that the vfs can handle "const struct xattr_handler" make sure that new usages of the struct already enter the tree as const. Link: https://lore.kernel.org/lkml/20230930050033.41174-1-wedsonaf@gmail.com/ Signed-off-by: Thomas Weißschuh Link: https://lore.kernel.org/r/20231012-vfs-xattr_const-v1-1-6c21e82d4d5e@weissschuh.net Signed-off-by: Christian Brauner --- scripts/const_structs.checkpatch | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/const_structs.checkpatch b/scripts/const_structs.checkpatch index dc39d938ea77..188412aa2757 100644 --- a/scripts/const_structs.checkpatch +++ b/scripts/const_structs.checkpatch @@ -94,3 +94,4 @@ vm_operations_struct wacom_features watchdog_ops wd_ops +xattr_handler