On 5/21/26 3:33 PM, Kees Cook wrote: > Hi, > > I tried to trim the CC list here, but it's still pretty huge... > > We've had a long-standing issue with "write to a string pointer" callbacks > that don't bounds check the destination (and for which the bounds is > also not part of the callback prototype, even if it is "known" to be > PAGE_SIZE, which sysfs_emit() depends on). Both moduleparams and sysfs > use this pattern. As a first step, and to test the migration method, > migrate moduleparams first. > > There are 2 "mechanical" treewide patches that are handled by Coccinelle: > - treewide: Convert struct kernel_param_ops initializers to > DEFINE_KERNEL_PARAM_OPS > - treewide: Convert custom kernel_param_ops .get callbacks to seq_buf via > cocci > > The last treewide patch is manual, and may need to be broken up into > per-subsystem patches, though I'd prefer to avoid this, as it would > extend the migration from 1 relase to at least 2 releases. (1 to > release the migration infrastructure, then 1 release to collect all the > subsystem changes, and possibly 1 more release to remove the migration > infrastructure.) > > Thoughts, questions?
This looks reasonable to me. I added a few minor comments on the patches but they already look solid. -- Thanks, Petr
