sysctl: Infrastructure for per namespace sysctls

This patch implements the basic infrastructure for per namespace sysctls. A list of lists of sysctl headers is added, allowing each namespace to have it's own list of sysctl headers. Each list of sysctl headers has a lookup function to find the first sysctl header in the list, allowing the lists to have a per namespace instance. register_sysct_root is added to tell sysctl.c about additional lists of sysctl_headers. As all of the users are expected to be in kernel no unregister function is provided. sysctl_head_next is updated to walk through the list of lists. __register_sysctl_paths is added to add a new sysctl table on a non-default sysctl list. The only intrusive part of this patch is propagating the information to decided which list of sysctls to use for sysctl_check_table. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Serge Hallyn <serue@us.ibm.com> Cc: Daniel Lezcano <dlezcano@fr.ibm.com> Cc: Cedric Le Goater <clg@fr.ibm.com> Cc: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Eric W. Biederman <ebiederm@xmission.com> 2007-11-30 07:54:00 -0500
committer: David S. Miller <davem@davemloft.net> 2008-01-28 17:55:17 -0500
commit: e51b6ba077791f2f8c876022b37419be7a2ceec3 (patch)
tree: 9d8ca18f3239eff84cad5b79b715c332970fa89d /kernel/sysctl.c
parent: 23eb06de7d2d333a0f7ebba2da663e00c9c9483e (diff)
1 files changed, 82 insertions, 11 deletions
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 89b7d95ecf51..45e76f209dcb 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -157,8 +157,16 @@ static int proc_dointvec_taint(struct ctl_table *table, int write, struct file *
 #endif
 static struct ctl_table root_table[];
-static struct ctl_table_header root_table_header =
+static struct ctl_table_root sysctl_table_root;
-        { root_table, LIST_HEAD_INIT(root_table_header.ctl_entry) };
+static struct ctl_table_header root_table_header = {
+        .ctl_table = root_table,
+        .ctl_entry = LIST_HEAD_INIT(sysctl_table_root.header_list),
+        .root = &sysctl_table_root,
+};
+static struct ctl_table_root sysctl_table_root = {
+        .root_list = LIST_HEAD_INIT(sysctl_table_root.root_list),
+        .header_list = LIST_HEAD_INIT(root_table_header.ctl_entry),
+};
 static struct ctl_table kern_table[];
 static struct ctl_table vm_table[];
@@ -1371,12 +1379,27 @@ void sysctl_head_finish(struct ctl_table_header *head)
        spin_unlock(&sysctl_lock);
 }
-struct ctl_table_header *sysctl_head_next(struct ctl_table_header *prev)
+static struct list_head *
+lookup_header_list(struct ctl_table_root *root, struct nsproxy *namespaces)
 {
+        struct list_head *header_list;
+        header_list = &root->header_list;
+        if (root->lookup)
+                header_list = root->lookup(root, namespaces);
+        return header_list;
+}
+struct ctl_table_header *__sysctl_head_next(struct nsproxy *namespaces,
+                                            struct ctl_table_header *prev)
+{
+        struct ctl_table_root *root;
+        struct list_head *header_list;
        struct ctl_table_header *head;
        struct list_head *tmp;
        spin_lock(&sysctl_lock);
        if (prev) {
+                head = prev;
                tmp = &prev->ctl_entry;
                unuse_table(prev);
                goto next;
@@ -1390,14 +1413,38 @@ struct ctl_table_header *sysctl_head_next(struct ctl_table_header *prev)
                spin_unlock(&sysctl_lock);
                return head;
        next:
+                root = head->root;
                tmp = tmp->next;
-                if (tmp == &root_table_header.ctl_entry)
+                header_list = lookup_header_list(root, namespaces);
-                        break;
+                if (tmp != header_list)
+                        continue;
+                do {
+                        root = list_entry(root->root_list.next,
+                                        struct ctl_table_root, root_list);
+                        if (root == &sysctl_table_root)
+                                goto out;
+                        header_list = lookup_header_list(root, namespaces);
+                } while (list_empty(header_list));
+                tmp = header_list->next;
        }
+out:
        spin_unlock(&sysctl_lock);
        return NULL;
 }
+struct ctl_table_header *sysctl_head_next(struct ctl_table_header *prev)
+{
+        return __sysctl_head_next(current->nsproxy, prev);
+}
+void register_sysctl_root(struct ctl_table_root *root)
+{
+        spin_lock(&sysctl_lock);
+        list_add_tail(&root->root_list, &sysctl_table_root.root_list);
+        spin_unlock(&sysctl_lock);
+}
 #ifdef CONFIG_SYSCTL_SYSCALL
 int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
               void __user *newval, size_t newlen)
@@ -1554,14 +1601,16 @@ static __init int sysctl_init(void)
 {
        int err;
        sysctl_set_parent(NULL, root_table);
-        err = sysctl_check_table(root_table);
+        err = sysctl_check_table(current->nsproxy, root_table);
        return 0;
 }
 core_initcall(sysctl_init);
 /**
- * register_sysctl_paths - register a sysctl hierarchy
+ * __register_sysctl_paths - register a sysctl hierarchy
+ * @root: List of sysctl headers to register on
+ * @namespaces: Data to compute which lists of sysctl entries are visible
 * @path: The path to the directory the sysctl table is in.
 * @table: the top-level table structure
 *
@@ -1629,9 +1678,12 @@ core_initcall(sysctl_init);
 * This routine returns %NULL on a failure to register, and a pointer
 * to the table header on success.
 */
-struct ctl_table_header *register_sysctl_paths(const struct ctl_path *path,
+struct ctl_table_header *__register_sysctl_paths(
-                                                struct ctl_table *table)
+        struct ctl_table_root *root,
+        struct nsproxy *namespaces,
+        const struct ctl_path *path, struct ctl_table *table)
 {
+        struct list_head *header_list;
        struct ctl_table_header *header;
        struct ctl_table *new, **prevp;
        unsigned int n, npath;
@@ -1674,19 +1726,38 @@ struct ctl_table_header *register_sysctl_paths(const struct ctl_path *path,
        INIT_LIST_HEAD(&header->ctl_entry);
        header->used = 0;
        header->unregistering = NULL;
+        header->root = root;
        sysctl_set_parent(NULL, header->ctl_table);
-        if (sysctl_check_table(header->ctl_table)) {
+        if (sysctl_check_table(namespaces, header->ctl_table)) {
                kfree(header);
                return NULL;
        }
        spin_lock(&sysctl_lock);
-        list_add_tail(&header->ctl_entry, &root_table_header.ctl_entry);
+        header_list = lookup_header_list(root, namespaces);
+        list_add_tail(&header->ctl_entry, header_list);
        spin_unlock(&sysctl_lock);
        return header;
 }
 /**
+ * register_sysctl_table_path - register a sysctl table hierarchy
+ * @path: The path to the directory the sysctl table is in.
+ * @table: the top-level table structure
+ *
+ * Register a sysctl table hierarchy. @table should be a filled in ctl_table
+ * array. A completely 0 filled entry terminates the table.
+ *
+ * See __register_sysctl_paths for more details.
+ */
+struct ctl_table_header *register_sysctl_paths(const struct ctl_path *path,
+                                                struct ctl_table *table)
+{
+        return __register_sysctl_paths(&sysctl_table_root, current->nsproxy,
+                                        path, table);
+}
+/**
 * register_sysctl_table - register a sysctl table hierarchy
 * @table: the top-level table structure
 *
author	Eric W. Biederman <ebiederm@xmission.com>	2007-11-30 07:54:00 -0500
committer	David S. Miller <davem@davemloft.net>	2008-01-28 17:55:17 -0500
commit	e51b6ba077791f2f8c876022b37419be7a2ceec3 (patch)
tree	9d8ca18f3239eff84cad5b79b715c332970fa89d /kernel/sysctl.c
parent	23eb06de7d2d333a0f7ebba2da663e00c9c9483e (diff)