diff options
| author | Denis V. Lunev <den@openvz.org> | 2008-03-27 19:55:53 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-03-27 19:55:53 -0400 |
| commit | 8eeee8b152ae6bbe181518efaf62ba8e9c613693 (patch) | |
| tree | b5900762ddf2a5d03ed31da629b726c6fd6a710f | |
| parent | 920fc941a9617f95ccb283037fe6f8a38d95bb69 (diff) | |
[NETFILTER]: Replate direct proc_fops assignment with proc_create call.
This elliminates infamous race during module loading when one could lookup
proc entry without proc_fops assigned.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/ipv4/netfilter/ip_queue.c | 8 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_CLUSTERIP.c | 5 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_recent.c | 3 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c | 7 | ||||
| -rw-r--r-- | net/ipv6/netfilter/ip6_queue.c | 8 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_standalone.c | 9 | ||||
| -rw-r--r-- | net/netfilter/nf_log.c | 8 | ||||
| -rw-r--r-- | net/netfilter/nf_queue.c | 7 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_log.c | 9 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_queue.c | 9 | ||||
| -rw-r--r-- | net/netfilter/xt_hashlimit.c | 16 |
11 files changed, 30 insertions, 59 deletions
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index fe05da41d6ba..4dc162894cb2 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c | |||
| @@ -588,11 +588,9 @@ static int __init ip_queue_init(void) | |||
| 588 | } | 588 | } |
| 589 | 589 | ||
| 590 | #ifdef CONFIG_PROC_FS | 590 | #ifdef CONFIG_PROC_FS |
| 591 | proc = create_proc_entry(IPQ_PROC_FS_NAME, 0, init_net.proc_net); | 591 | proc = proc_create(IPQ_PROC_FS_NAME, 0, init_net.proc_net, |
| 592 | if (proc) { | 592 | &ip_queue_proc_fops); |
| 593 | proc->owner = THIS_MODULE; | 593 | if (!proc) { |
| 594 | proc->proc_fops = &ip_queue_proc_fops; | ||
| 595 | } else { | ||
| 596 | printk(KERN_ERR "ip_queue: failed to create proc entry\n"); | 594 | printk(KERN_ERR "ip_queue: failed to create proc entry\n"); |
| 597 | goto cleanup_ipqnl; | 595 | goto cleanup_ipqnl; |
| 598 | } | 596 | } |
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index c6cf84c77611..52926c8e3cc1 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
| @@ -167,14 +167,13 @@ clusterip_config_init(struct ipt_clusterip_tgt_info *i, __be32 ip, | |||
| 167 | 167 | ||
| 168 | /* create proc dir entry */ | 168 | /* create proc dir entry */ |
| 169 | sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(ip)); | 169 | sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(ip)); |
| 170 | c->pde = create_proc_entry(buffer, S_IWUSR|S_IRUSR, | 170 | c->pde = proc_create(buffer, S_IWUSR|S_IRUSR, |
| 171 | clusterip_procdir); | 171 | clusterip_procdir, &clusterip_proc_fops); |
| 172 | if (!c->pde) { | 172 | if (!c->pde) { |
| 173 | kfree(c); | 173 | kfree(c); |
| 174 | return NULL; | 174 | return NULL; |
| 175 | } | 175 | } |
| 176 | } | 176 | } |
| 177 | c->pde->proc_fops = &clusterip_proc_fops; | ||
| 178 | c->pde->data = c; | 177 | c->pde->data = c; |
| 179 | #endif | 178 | #endif |
| 180 | 179 | ||
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 8e8f0425a8ed..50e06690eb5b 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c | |||
| @@ -276,12 +276,11 @@ recent_mt_check(const char *tablename, const void *ip, | |||
| 276 | for (i = 0; i < ip_list_hash_size; i++) | 276 | for (i = 0; i < ip_list_hash_size; i++) |
| 277 | INIT_LIST_HEAD(&t->iphash[i]); | 277 | INIT_LIST_HEAD(&t->iphash[i]); |
| 278 | #ifdef CONFIG_PROC_FS | 278 | #ifdef CONFIG_PROC_FS |
| 279 | t->proc = create_proc_entry(t->name, ip_list_perms, proc_dir); | 279 | t->proc = proc_create(t->name, ip_list_perms, proc_dir, &recent_fops); |
| 280 | if (t->proc == NULL) { | 280 | if (t->proc == NULL) { |
| 281 | kfree(t); | 281 | kfree(t); |
| 282 | goto out; | 282 | goto out; |
| 283 | } | 283 | } |
| 284 | t->proc->proc_fops = &recent_fops; | ||
| 285 | t->proc->uid = ip_list_uid; | 284 | t->proc->uid = ip_list_uid; |
| 286 | t->proc->gid = ip_list_gid; | 285 | t->proc->gid = ip_list_gid; |
| 287 | t->proc->data = t; | 286 | t->proc->data = t; |
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c index 089252e82c01..f500b0fdaef4 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c | |||
| @@ -395,13 +395,10 @@ int __init nf_conntrack_ipv4_compat_init(void) | |||
| 395 | if (!proc_exp) | 395 | if (!proc_exp) |
| 396 | goto err2; | 396 | goto err2; |
| 397 | 397 | ||
| 398 | proc_stat = create_proc_entry("ip_conntrack", S_IRUGO, init_net.proc_net_stat); | 398 | proc_stat = proc_create("ip_conntrack", S_IRUGO, |
| 399 | init_net.proc_net_stat, &ct_cpu_seq_fops); | ||
| 399 | if (!proc_stat) | 400 | if (!proc_stat) |
| 400 | goto err3; | 401 | goto err3; |
| 401 | |||
| 402 | proc_stat->proc_fops = &ct_cpu_seq_fops; | ||
| 403 | proc_stat->owner = THIS_MODULE; | ||
| 404 | |||
| 405 | return 0; | 402 | return 0; |
| 406 | 403 | ||
| 407 | err3: | 404 | err3: |
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c index cc2f9afcf808..8d366f7f2a9a 100644 --- a/net/ipv6/netfilter/ip6_queue.c +++ b/net/ipv6/netfilter/ip6_queue.c | |||
| @@ -591,11 +591,9 @@ static int __init ip6_queue_init(void) | |||
| 591 | } | 591 | } |
| 592 | 592 | ||
| 593 | #ifdef CONFIG_PROC_FS | 593 | #ifdef CONFIG_PROC_FS |
| 594 | proc = create_proc_entry(IPQ_PROC_FS_NAME, 0, init_net.proc_net); | 594 | proc = proc_create(IPQ_PROC_FS_NAME, 0, init_net.proc_net, |
| 595 | if (proc) { | 595 | &ip6_queue_proc_fops); |
| 596 | proc->owner = THIS_MODULE; | 596 | if (!proc) { |
| 597 | proc->proc_fops = &ip6_queue_proc_fops; | ||
| 598 | } else { | ||
| 599 | printk(KERN_ERR "ip6_queue: failed to create proc entry\n"); | 597 | printk(KERN_ERR "ip6_queue: failed to create proc entry\n"); |
| 600 | goto cleanup_ipqnl; | 598 | goto cleanup_ipqnl; |
| 601 | } | 599 | } |
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index e88e96af613d..8599068050ec 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c | |||
| @@ -395,7 +395,7 @@ EXPORT_SYMBOL_GPL(nf_ct_log_invalid); | |||
| 395 | static int __init nf_conntrack_standalone_init(void) | 395 | static int __init nf_conntrack_standalone_init(void) |
| 396 | { | 396 | { |
| 397 | #ifdef CONFIG_PROC_FS | 397 | #ifdef CONFIG_PROC_FS |
| 398 | struct proc_dir_entry *proc, *proc_stat; | 398 | struct proc_dir_entry *proc; |
| 399 | #endif | 399 | #endif |
| 400 | int ret = 0; | 400 | int ret = 0; |
| 401 | 401 | ||
| @@ -407,12 +407,9 @@ static int __init nf_conntrack_standalone_init(void) | |||
| 407 | proc = proc_net_fops_create(&init_net, "nf_conntrack", 0440, &ct_file_ops); | 407 | proc = proc_net_fops_create(&init_net, "nf_conntrack", 0440, &ct_file_ops); |
| 408 | if (!proc) goto cleanup_init; | 408 | if (!proc) goto cleanup_init; |
| 409 | 409 | ||
| 410 | proc_stat = create_proc_entry("nf_conntrack", S_IRUGO, init_net.proc_net_stat); | 410 | if (!proc_create("nf_conntrack", S_IRUGO, |
| 411 | if (!proc_stat) | 411 | init_net.proc_net_stat, &ct_cpu_seq_fops)) |
| 412 | goto cleanup_proc; | 412 | goto cleanup_proc; |
| 413 | |||
| 414 | proc_stat->proc_fops = &ct_cpu_seq_fops; | ||
| 415 | proc_stat->owner = THIS_MODULE; | ||
| 416 | #endif | 413 | #endif |
| 417 | #ifdef CONFIG_SYSCTL | 414 | #ifdef CONFIG_SYSCTL |
| 418 | nf_ct_sysctl_header = register_sysctl_paths(nf_ct_path, | 415 | nf_ct_sysctl_header = register_sysctl_paths(nf_ct_path, |
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index cec9976aecbf..bc11d7092032 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c | |||
| @@ -168,13 +168,9 @@ static const struct file_operations nflog_file_ops = { | |||
| 168 | int __init netfilter_log_init(void) | 168 | int __init netfilter_log_init(void) |
| 169 | { | 169 | { |
| 170 | #ifdef CONFIG_PROC_FS | 170 | #ifdef CONFIG_PROC_FS |
| 171 | struct proc_dir_entry *pde; | 171 | if (!proc_create("nf_log", S_IRUGO, |
| 172 | 172 | proc_net_netfilter, &nflog_file_ops)) | |
| 173 | pde = create_proc_entry("nf_log", S_IRUGO, proc_net_netfilter); | ||
| 174 | if (!pde) | ||
| 175 | return -1; | 173 | return -1; |
| 176 | |||
| 177 | pde->proc_fops = &nflog_file_ops; | ||
| 178 | #endif | 174 | #endif |
| 179 | return 0; | 175 | return 0; |
| 180 | } | 176 | } |
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c index ddc80ea114cd..bbd26893c0c4 100644 --- a/net/netfilter/nf_queue.c +++ b/net/netfilter/nf_queue.c | |||
| @@ -348,12 +348,9 @@ static const struct file_operations nfqueue_file_ops = { | |||
| 348 | int __init netfilter_queue_init(void) | 348 | int __init netfilter_queue_init(void) |
| 349 | { | 349 | { |
| 350 | #ifdef CONFIG_PROC_FS | 350 | #ifdef CONFIG_PROC_FS |
| 351 | struct proc_dir_entry *pde; | 351 | if (!proc_create("nf_queue", S_IRUGO, |
| 352 | 352 | proc_net_netfilter, &nfqueue_file_ops)) | |
| 353 | pde = create_proc_entry("nf_queue", S_IRUGO, proc_net_netfilter); | ||
| 354 | if (!pde) | ||
| 355 | return -1; | 353 | return -1; |
| 356 | pde->proc_fops = &nfqueue_file_ops; | ||
| 357 | #endif | 354 | #endif |
| 358 | return 0; | 355 | return 0; |
| 359 | } | 356 | } |
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index bf3f19b21fe4..b8173af8c24a 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
| @@ -923,9 +923,6 @@ static const struct file_operations nful_file_ops = { | |||
| 923 | static int __init nfnetlink_log_init(void) | 923 | static int __init nfnetlink_log_init(void) |
| 924 | { | 924 | { |
| 925 | int i, status = -ENOMEM; | 925 | int i, status = -ENOMEM; |
| 926 | #ifdef CONFIG_PROC_FS | ||
| 927 | struct proc_dir_entry *proc_nful; | ||
| 928 | #endif | ||
| 929 | 926 | ||
| 930 | for (i = 0; i < INSTANCE_BUCKETS; i++) | 927 | for (i = 0; i < INSTANCE_BUCKETS; i++) |
| 931 | INIT_HLIST_HEAD(&instance_table[i]); | 928 | INIT_HLIST_HEAD(&instance_table[i]); |
| @@ -943,11 +940,9 @@ static int __init nfnetlink_log_init(void) | |||
| 943 | } | 940 | } |
| 944 | 941 | ||
| 945 | #ifdef CONFIG_PROC_FS | 942 | #ifdef CONFIG_PROC_FS |
| 946 | proc_nful = create_proc_entry("nfnetlink_log", 0440, | 943 | if (!proc_create("nfnetlink_log", 0440, |
| 947 | proc_net_netfilter); | 944 | proc_net_netfilter, &nful_file_ops)) |
| 948 | if (!proc_nful) | ||
| 949 | goto cleanup_subsys; | 945 | goto cleanup_subsys; |
| 950 | proc_nful->proc_fops = &nful_file_ops; | ||
| 951 | #endif | 946 | #endif |
| 952 | return status; | 947 | return status; |
| 953 | 948 | ||
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 012cb6910820..10522c04ed24 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c | |||
| @@ -896,9 +896,6 @@ static const struct file_operations nfqnl_file_ops = { | |||
| 896 | static int __init nfnetlink_queue_init(void) | 896 | static int __init nfnetlink_queue_init(void) |
| 897 | { | 897 | { |
| 898 | int i, status = -ENOMEM; | 898 | int i, status = -ENOMEM; |
| 899 | #ifdef CONFIG_PROC_FS | ||
| 900 | struct proc_dir_entry *proc_nfqueue; | ||
| 901 | #endif | ||
| 902 | 899 | ||
| 903 | for (i = 0; i < INSTANCE_BUCKETS; i++) | 900 | for (i = 0; i < INSTANCE_BUCKETS; i++) |
| 904 | INIT_HLIST_HEAD(&instance_table[i]); | 901 | INIT_HLIST_HEAD(&instance_table[i]); |
| @@ -911,11 +908,9 @@ static int __init nfnetlink_queue_init(void) | |||
| 911 | } | 908 | } |
| 912 | 909 | ||
| 913 | #ifdef CONFIG_PROC_FS | 910 | #ifdef CONFIG_PROC_FS |
| 914 | proc_nfqueue = create_proc_entry("nfnetlink_queue", 0440, | 911 | if (!proc_create("nfnetlink_queue", 0440, |
| 915 | proc_net_netfilter); | 912 | proc_net_netfilter, &nfqnl_file_ops)) |
| 916 | if (!proc_nfqueue) | ||
| 917 | goto cleanup_subsys; | 913 | goto cleanup_subsys; |
| 918 | proc_nfqueue->proc_fops = &nfqnl_file_ops; | ||
| 919 | #endif | 914 | #endif |
| 920 | 915 | ||
| 921 | register_netdevice_notifier(&nfqnl_dev_notifier); | 916 | register_netdevice_notifier(&nfqnl_dev_notifier); |
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 5418ce59ac3a..dc29007c52cd 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
| @@ -237,14 +237,14 @@ static int htable_create_v0(struct xt_hashlimit_info *minfo, int family) | |||
| 237 | hinfo->family = family; | 237 | hinfo->family = family; |
| 238 | hinfo->rnd_initialized = 0; | 238 | hinfo->rnd_initialized = 0; |
| 239 | spin_lock_init(&hinfo->lock); | 239 | spin_lock_init(&hinfo->lock); |
| 240 | hinfo->pde = create_proc_entry(minfo->name, 0, | 240 | hinfo->pde = proc_create(minfo->name, 0, |
| 241 | family == AF_INET ? hashlimit_procdir4 : | 241 | family == AF_INET ? hashlimit_procdir4 : |
| 242 | hashlimit_procdir6); | 242 | hashlimit_procdir6, |
| 243 | &dl_file_ops); | ||
| 243 | if (!hinfo->pde) { | 244 | if (!hinfo->pde) { |
| 244 | vfree(hinfo); | 245 | vfree(hinfo); |
| 245 | return -1; | 246 | return -1; |
| 246 | } | 247 | } |
| 247 | hinfo->pde->proc_fops = &dl_file_ops; | ||
| 248 | hinfo->pde->data = hinfo; | 248 | hinfo->pde->data = hinfo; |
| 249 | 249 | ||
| 250 | setup_timer(&hinfo->timer, htable_gc, (unsigned long )hinfo); | 250 | setup_timer(&hinfo->timer, htable_gc, (unsigned long )hinfo); |
| @@ -301,14 +301,14 @@ static int htable_create(struct xt_hashlimit_mtinfo1 *minfo, | |||
| 301 | hinfo->rnd_initialized = 0; | 301 | hinfo->rnd_initialized = 0; |
| 302 | spin_lock_init(&hinfo->lock); | 302 | spin_lock_init(&hinfo->lock); |
| 303 | 303 | ||
| 304 | hinfo->pde = create_proc_entry(minfo->name, 0, | 304 | hinfo->pde = proc_create(minfo->name, 0, |
| 305 | family == AF_INET ? hashlimit_procdir4 : | 305 | family == AF_INET ? hashlimit_procdir4 : |
| 306 | hashlimit_procdir6); | 306 | hashlimit_procdir6, |
| 307 | &dl_file_ops); | ||
| 307 | if (hinfo->pde == NULL) { | 308 | if (hinfo->pde == NULL) { |
| 308 | vfree(hinfo); | 309 | vfree(hinfo); |
| 309 | return -1; | 310 | return -1; |
| 310 | } | 311 | } |
| 311 | hinfo->pde->proc_fops = &dl_file_ops; | ||
| 312 | hinfo->pde->data = hinfo; | 312 | hinfo->pde->data = hinfo; |
| 313 | 313 | ||
| 314 | setup_timer(&hinfo->timer, htable_gc, (unsigned long)hinfo); | 314 | setup_timer(&hinfo->timer, htable_gc, (unsigned long)hinfo); |