xattr: make the xattr array itself const

As it is currently declared, the xattr_handler structs are const but the
array containing their pointers is not. This patch makes it so that fs
modules can place them in .rodata, which makes it harder for
accidental/malicious modifications at runtime.

Signed-off-by: Wedson Almeida Filho <walmeida@microsoft.com>
Link: https://lore.kernel.org/r/20230930050033.41174-2-wedsonaf@gmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/xattr.c b/fs/xattr.c
index efd4736bc94b09ba4363dd8b691e09deabf4acef..09d9276034335f8658bcf421bf7fa0283c8c549f 100644 (file)
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -56,7 +56,7 @@ strcmp_prefix(const char *a, const char *a_prefix)
 static const struct xattr_handler *
 xattr_resolve_name(struct inode *inode, const char **name)
 {
-       const struct xattr_handler **handlers = inode->i_sb->s_xattr;
+       const struct xattr_handler * const *handlers = inode->i_sb->s_xattr;
        const struct xattr_handler *handler;
 
        if (!(inode->i_opflags & IOP_XATTR)) {
@@ -162,7 +162,7 @@ xattr_permission(struct mnt_idmap *idmap, struct inode *inode,
 int
 xattr_supports_user_prefix(struct inode *inode)
 {
-       const struct xattr_handler **handlers = inode->i_sb->s_xattr;
+       const struct xattr_handler * const *handlers = inode->i_sb->s_xattr;
        const struct xattr_handler *handler;
 
        if (!(inode->i_opflags & IOP_XATTR)) {
@@ -999,7 +999,7 @@ int xattr_list_one(char **buffer, ssize_t *remaining_size, const char *name)
 ssize_t
 generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
 {
-       const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
+       const struct xattr_handler *handler, * const *handlers = dentry->d_sb->s_xattr;
        ssize_t remaining_size = buffer_size;
        int err = 0;
 

diff --git a/include/linux/fs.h b/include/linux/fs.h
index 4aeb3fa1192771cdd8e1e1ebdf18f9b08c983166..bba22e25664d2a52b4a189d2baf76bae7fef3811 100644 (file)
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1206,7 +1206,7 @@ struct super_block {
 #ifdef CONFIG_SECURITY
        void                    *s_security;
 #endif
-       const struct xattr_handler **s_xattr;
+       const struct xattr_handler * const *s_xattr;
 #ifdef CONFIG_FS_ENCRYPTION
        const struct fscrypt_operations *s_cop;
        struct fscrypt_keyring  *s_master_keys; /* master crypto keys in use */