stackleak: Use a copy of the ctl_table argument

Sysctl handlers are not supposed to modify the ctl_table passed to them.
Adapt the logic to work with a temporary variable, similar to how it is
done in other parts of the kernel.

This is also a prerequisite to enforce the immutability of the argument
through the callbacks.

Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Reviewed-by: Tycho Andersen <tycho@tycho.pizza>
Link: https://lore.kernel.org/r/20240503-sysctl-const-stackleak-v1-1-603fecb19170@weissschuh.net
Signed-off-by: Kees Cook <keescook@chromium.org>

diff --git a/kernel/stackleak.c b/kernel/stackleak.c
index 34c9d81eea9409410fb289f19108bb7fb8488810..59cdfaf5118e8c22a207f87b00bec20a881b2391 100644 (file)
--- a/kernel/stackleak.c
+++ b/kernel/stackleak.c
@@ -27,10 +27,10 @@ static int stack_erasing_sysctl(struct ctl_table *table, int write,
        int ret = 0;
        int state = !static_branch_unlikely(&stack_erasing_bypass);
        int prev_state = state;
+       struct ctl_table table_copy = *table;
 
-       table->data = &state;
-       table->maxlen = sizeof(int);
-       ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
+       table_copy.data = &state;
+       ret = proc_dointvec_minmax(&table_copy, write, buffer, lenp, ppos);
        state = !!state;
        if (ret || !write || state == prev_state)
                return ret;