aboutsummaryrefslogtreecommitdiffstats
path: root/fs/proc/generic.c
diff options
context:
space:
mode:
authorPavel Emelyanov <xemul@openvz.org>2008-03-07 14:08:40 -0500
committerDavid S. Miller <davem@davemloft.net>2008-03-07 14:08:40 -0500
commite9720acd728a46cb40daa52c99a979f7c4ff195c (patch)
tree01380f601384cf93f30dedb64afe80359fecb807 /fs/proc/generic.c
parent1ff82fe0024e8070c38346b8abc1ff09612dea4c (diff)
[NET]: Make /proc/net a symlink on /proc/self/net (v3)
Current /proc/net is done with so called "shadows", but current implementation is broken and has little chances to get fixed. The problem is that dentries subtree of /proc/net directory has fancy revalidation rules to make processes living in different net namespaces see different entries in /proc/net subtree, but currently, tasks see in the /proc/net subdir the contents of any other namespace, depending on who opened the file first. The proposed fix is to turn /proc/net into a symlink, which points to /proc/self/net, which in turn shows what previously was in /proc/net - the network-related info, from the net namespace the appropriate task lives in. # ls -l /proc/net lrwxrwxrwx 1 root root 8 Mar 5 15:17 /proc/net -> self/net In other words - this behaves like /proc/mounts, but unlike "mounts", "net" is not a file, but a directory. Changes from v2: * Fixed discrepancy of /proc/net nlink count and selinux labeling screwup pointed out by Stephen. To get the correct nlink count the ->getattr callback for /proc/net is overridden to read one from the net->proc_net entry. To make selinux still work the net->proc_net entry is initialized properly, i.e. with the "net" name and the proc_net parent. Selinux fixes are Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Changes from v1: * Fixed a task_struct leak in get_proc_task_net, pointed out by Paul. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'fs/proc/generic.c')
-rw-r--r--fs/proc/generic.c26
1 files changed, 17 insertions, 9 deletions
diff --git a/fs/proc/generic.c b/fs/proc/generic.c
index 68971e66cd41..a36ad3c75cf4 100644
--- a/fs/proc/generic.c
+++ b/fs/proc/generic.c
@@ -377,15 +377,14 @@ static struct dentry_operations proc_dentry_operations =
377 * Don't create negative dentries here, return -ENOENT by hand 377 * Don't create negative dentries here, return -ENOENT by hand
378 * instead. 378 * instead.
379 */ 379 */
380struct dentry *proc_lookup(struct inode * dir, struct dentry *dentry, struct nameidata *nd) 380struct dentry *proc_lookup_de(struct proc_dir_entry *de, struct inode *dir,
381 struct dentry *dentry)
381{ 382{
382 struct inode *inode = NULL; 383 struct inode *inode = NULL;
383 struct proc_dir_entry * de;
384 int error = -ENOENT; 384 int error = -ENOENT;
385 385
386 lock_kernel(); 386 lock_kernel();
387 spin_lock(&proc_subdir_lock); 387 spin_lock(&proc_subdir_lock);
388 de = PDE(dir);
389 if (de) { 388 if (de) {
390 for (de = de->subdir; de ; de = de->next) { 389 for (de = de->subdir; de ; de = de->next) {
391 if (de->namelen != dentry->d_name.len) 390 if (de->namelen != dentry->d_name.len)
@@ -393,8 +392,6 @@ struct dentry *proc_lookup(struct inode * dir, struct dentry *dentry, struct nam
393 if (!memcmp(dentry->d_name.name, de->name, de->namelen)) { 392 if (!memcmp(dentry->d_name.name, de->name, de->namelen)) {
394 unsigned int ino; 393 unsigned int ino;
395 394
396 if (de->shadow_proc)
397 de = de->shadow_proc(current, de);
398 ino = de->low_ino; 395 ino = de->low_ino;
399 de_get(de); 396 de_get(de);
400 spin_unlock(&proc_subdir_lock); 397 spin_unlock(&proc_subdir_lock);
@@ -417,6 +414,12 @@ out_unlock:
417 return ERR_PTR(error); 414 return ERR_PTR(error);
418} 415}
419 416
417struct dentry *proc_lookup(struct inode *dir, struct dentry *dentry,
418 struct nameidata *nd)
419{
420 return proc_lookup_de(PDE(dir), dir, dentry);
421}
422
420/* 423/*
421 * This returns non-zero if at EOF, so that the /proc 424 * This returns non-zero if at EOF, so that the /proc
422 * root directory can use this and check if it should 425 * root directory can use this and check if it should
@@ -426,10 +429,9 @@ out_unlock:
426 * value of the readdir() call, as long as it's non-negative 429 * value of the readdir() call, as long as it's non-negative
427 * for success.. 430 * for success..
428 */ 431 */
429int proc_readdir(struct file * filp, 432int proc_readdir_de(struct proc_dir_entry *de, struct file *filp, void *dirent,
430 void * dirent, filldir_t filldir) 433 filldir_t filldir)
431{ 434{
432 struct proc_dir_entry * de;
433 unsigned int ino; 435 unsigned int ino;
434 int i; 436 int i;
435 struct inode *inode = filp->f_path.dentry->d_inode; 437 struct inode *inode = filp->f_path.dentry->d_inode;
@@ -438,7 +440,6 @@ int proc_readdir(struct file * filp,
438 lock_kernel(); 440 lock_kernel();
439 441
440 ino = inode->i_ino; 442 ino = inode->i_ino;
441 de = PDE(inode);
442 if (!de) { 443 if (!de) {
443 ret = -EINVAL; 444 ret = -EINVAL;
444 goto out; 445 goto out;
@@ -499,6 +500,13 @@ out: unlock_kernel();
499 return ret; 500 return ret;
500} 501}
501 502
503int proc_readdir(struct file *filp, void *dirent, filldir_t filldir)
504{
505 struct inode *inode = filp->f_path.dentry->d_inode;
506
507 return proc_readdir_de(PDE(inode), filp, dirent, filldir);
508}
509
502/* 510/*
503 * These are the generic /proc directory operations. They 511 * These are the generic /proc directory operations. They
504 * use the in-memory "struct proc_dir_entry" tree to parse 512 * use the in-memory "struct proc_dir_entry" tree to parse
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-19 14:09:06 -0500