diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2007-10-18 06:05:57 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-18 17:37:23 -0400 |
| commit | 49ffcf8f99e8d33ec8afb450956804af518fd788 (patch) | |
| tree | f55aac9ddebb4f798ba8ff8152c73a73a3dc93a2 | |
| parent | fc6cd25b738c2369d7ed3a6ef2ca248b51fcd2d4 (diff) | |
sysctl: update sysctl_check_table
Well it turns out after I dug into the problems a little more I was returning
a few false positives so this patch updates my logic to remove them.
- Don't complain about 0 ctl_names in sysctl_check_binary_path
It is valid for someone to remove the sysctl binary interface
and still keep the same sysctl proc interface.
- Count ctl_names and procnames as matching if they both don't
exist.
- Only warn about missing min&max when the generic functions care.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| -rw-r--r-- | kernel/sysctl_check.c | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/kernel/sysctl_check.c b/kernel/sysctl_check.c index 8bce52cc06d4..6aa4dee79431 100644 --- a/kernel/sysctl_check.c +++ b/kernel/sysctl_check.c | |||
| @@ -565,6 +565,7 @@ static struct trans_ctl_table trans_net_ipv6_table[] = { | |||
| 565 | { NET_IPV6_IP6FRAG_TIME, "ip6frag_time" }, | 565 | { NET_IPV6_IP6FRAG_TIME, "ip6frag_time" }, |
| 566 | { NET_IPV6_IP6FRAG_SECRET_INTERVAL, "ip6frag_secret_interval" }, | 566 | { NET_IPV6_IP6FRAG_SECRET_INTERVAL, "ip6frag_secret_interval" }, |
| 567 | { NET_IPV6_MLD_MAX_MSF, "mld_max_msf" }, | 567 | { NET_IPV6_MLD_MAX_MSF, "mld_max_msf" }, |
| 568 | { 2088 /* IPQ_QMAX */, "ip6_queue_maxlen" }, | ||
| 568 | {} | 569 | {} |
| 569 | }; | 570 | }; |
| 570 | 571 | ||
| @@ -723,6 +724,7 @@ static struct trans_ctl_table trans_net_table[] = { | |||
| 723 | { NET_LLC, "llc", trans_net_llc_table }, | 724 | { NET_LLC, "llc", trans_net_llc_table }, |
| 724 | { NET_NETFILTER, "netfilter", trans_net_netfilter_table }, | 725 | { NET_NETFILTER, "netfilter", trans_net_netfilter_table }, |
| 725 | { NET_DCCP, "dccp", trans_net_dccp_table }, | 726 | { NET_DCCP, "dccp", trans_net_dccp_table }, |
| 727 | { 2089, "nf_conntrack_max" }, | ||
| 726 | {} | 728 | {} |
| 727 | }; | 729 | }; |
| 728 | 730 | ||
| @@ -1421,12 +1423,14 @@ static int sysctl_check_dir(struct ctl_table *table) | |||
| 1421 | ref = sysctl_check_lookup(table); | 1423 | ref = sysctl_check_lookup(table); |
| 1422 | if (ref) { | 1424 | if (ref) { |
| 1423 | int match = 0; | 1425 | int match = 0; |
| 1424 | if (table->procname && ref->procname && | 1426 | if ((!table->procname && !ref->procname) || |
| 1425 | (strcmp(table->procname, ref->procname) == 0)) | 1427 | (table->procname && ref->procname && |
| 1428 | (strcmp(table->procname, ref->procname) == 0))) | ||
| 1426 | match++; | 1429 | match++; |
| 1427 | 1430 | ||
| 1428 | if (table->ctl_name && ref->ctl_name && | 1431 | if ((!table->ctl_name && !ref->ctl_name) || |
| 1429 | (table->ctl_name == ref->ctl_name)) | 1432 | (table->ctl_name && ref->ctl_name && |
| 1433 | (table->ctl_name == ref->ctl_name))) | ||
| 1430 | match++; | 1434 | match++; |
| 1431 | 1435 | ||
| 1432 | if (match != 2) { | 1436 | if (match != 2) { |
| @@ -1463,8 +1467,8 @@ static void sysctl_check_bin_path(struct ctl_table *table, const char **fail) | |||
| 1463 | (strcmp(table->procname, ref->procname) != 0))) | 1467 | (strcmp(table->procname, ref->procname) != 0))) |
| 1464 | set_fail(fail, table, "procname does not match binary path procname"); | 1468 | set_fail(fail, table, "procname does not match binary path procname"); |
| 1465 | 1469 | ||
| 1466 | if (ref->ctl_name && | 1470 | if (ref->ctl_name && table->ctl_name && |
| 1467 | (!table->ctl_name || table->ctl_name != ref->ctl_name)) | 1471 | (table->ctl_name != ref->ctl_name)) |
| 1468 | set_fail(fail, table, "ctl_name does not match binary path ctl_name"); | 1472 | set_fail(fail, table, "ctl_name does not match binary path ctl_name"); |
| 1469 | } | 1473 | } |
| 1470 | } | 1474 | } |
| @@ -1500,7 +1504,7 @@ int sysctl_check_table(struct ctl_table *table) | |||
| 1500 | if (table->extra2) | 1504 | if (table->extra2) |
| 1501 | set_fail(&fail, table, "Directory with extra2"); | 1505 | set_fail(&fail, table, "Directory with extra2"); |
| 1502 | if (sysctl_check_dir(table)) | 1506 | if (sysctl_check_dir(table)) |
| 1503 | set_fail(&fail, table, "Inconsistent directory"); | 1507 | set_fail(&fail, table, "Inconsistent directory names"); |
| 1504 | } else { | 1508 | } else { |
| 1505 | if ((table->strategy == sysctl_data) || | 1509 | if ((table->strategy == sysctl_data) || |
| 1506 | (table->strategy == sysctl_string) || | 1510 | (table->strategy == sysctl_string) || |
| @@ -1521,23 +1525,27 @@ int sysctl_check_table(struct ctl_table *table) | |||
| 1521 | if (!table->maxlen) | 1525 | if (!table->maxlen) |
| 1522 | set_fail(&fail, table, "No maxlen"); | 1526 | set_fail(&fail, table, "No maxlen"); |
| 1523 | } | 1527 | } |
| 1524 | if ((table->strategy == sysctl_intvec) || | 1528 | if ((table->proc_handler == proc_doulongvec_minmax) || |
| 1525 | (table->proc_handler == proc_dointvec_minmax) || | ||
| 1526 | (table->proc_handler == proc_doulongvec_minmax) || | ||
| 1527 | (table->proc_handler == proc_doulongvec_ms_jiffies_minmax)) { | 1529 | (table->proc_handler == proc_doulongvec_ms_jiffies_minmax)) { |
| 1528 | if (!table->extra1) | 1530 | if (table->maxlen > sizeof (unsigned long)) { |
| 1529 | set_fail(&fail, table, "No min"); | 1531 | if (!table->extra1) |
| 1530 | if (!table->extra2) | 1532 | set_fail(&fail, table, "No min"); |
| 1531 | set_fail(&fail, table, "No max"); | 1533 | if (!table->extra2) |
| 1534 | set_fail(&fail, table, "No max"); | ||
| 1535 | } | ||
| 1532 | } | 1536 | } |
| 1537 | #ifdef CONFIG_SYSCTL_SYSCALL | ||
| 1533 | if (table->ctl_name && !table->strategy) | 1538 | if (table->ctl_name && !table->strategy) |
| 1534 | set_fail(&fail, table, "Missing strategy"); | 1539 | set_fail(&fail, table, "Missing strategy"); |
| 1540 | #endif | ||
| 1535 | #if 0 | 1541 | #if 0 |
| 1536 | if (!table->ctl_name && table->strategy) | 1542 | if (!table->ctl_name && table->strategy) |
| 1537 | set_fail(&fail, table, "Strategy without ctl_name"); | 1543 | set_fail(&fail, table, "Strategy without ctl_name"); |
| 1538 | #endif | 1544 | #endif |
| 1545 | #ifdef CONFIG_PROC_FS | ||
| 1539 | if (table->procname && !table->proc_handler) | 1546 | if (table->procname && !table->proc_handler) |
| 1540 | set_fail(&fail, table, "No proc_handler"); | 1547 | set_fail(&fail, table, "No proc_handler"); |
| 1548 | #endif | ||
| 1541 | #if 0 | 1549 | #if 0 |
| 1542 | if (!table->procname && table->proc_handler) | 1550 | if (!table->procname && table->proc_handler) |
| 1543 | set_fail(&fail, table, "proc_handler without procname"); | 1551 | set_fail(&fail, table, "proc_handler without procname"); |