aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-01-21 16:34:05 -0500
committerEric W. Biederman <ebiederm@xmission.com>2012-01-24 19:40:27 -0500
commit7c60c48f58a78195acc1f71c9a9d01958c02ab89 (patch)
tree7d1a66abc2510aa474105a747fdcd08b033f2b36 /lib
parentf728019bb72e655680c02ad1829323054a8e875f (diff)
sysctl: Improve the sysctl sanity checks
- Stop validating subdirectories now that we only register leaf tables - Cleanup and improve the duplicate filename check. * Run the duplicate filename check under the sysctl_lock to guarantee we never add duplicate names. * Reduce the duplicate filename check to nearly O(M*N) where M is the number of entries in tthe table we are registering and N is the number of entries in the directory before we got there. - Move the duplicate filename check into it's own function and call it directtly from __register_sysctl_table - Kill the config option as the sanity checks are now cheap enough the config option is unnecessary. The original reason for the config option was because we had a huge table used to verify the proc filename to binary sysctl mapping. That table has now evolved into the binary_sysctl translation layer and is no longer part of the sysctl_check code. - Tighten up the permission checks. Guarnateeing that files only have read or write permissions. - Removed redudant check for parents having a procname as now everything has a procname. - Generalize the backtrace logic so that we print a backtrace from any failure of __register_sysctl_table that was not caused by a memmory allocation failure. The backtrace allows us to track down who erroneously registered a sysctl table. Bechmark before (CONFIG_SYSCTL_CHECK=y): make-dummies 0 999 -> 12s rmmod dummy -> 0.08s Bechmark before (CONFIG_SYSCTL_CHECK=n): make-dummies 0 999 -> 0.7s rmmod dummy -> 0.06s make-dummies 0 99999 -> 1m13s rmmod dummy -> 0.38s Benchmark after: make-dummies 0 999 -> 0.65s rmmod dummy -> 0.055s make-dummies 0 9999 -> 1m10s rmmod dummy -> 0.39s The sysctl sanity checks now impose no measurable cost. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'lib')
-rw-r--r--lib/Kconfig.debug8
1 files changed, 0 insertions, 8 deletions
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 8745ac7d1f75..943a6182cdf2 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1113,14 +1113,6 @@ config LATENCYTOP
1113 Enable this option if you want to use the LatencyTOP tool 1113 Enable this option if you want to use the LatencyTOP tool
1114 to find out which userspace is blocking on what kernel operations. 1114 to find out which userspace is blocking on what kernel operations.
1115 1115
1116config SYSCTL_SYSCALL_CHECK
1117 bool "Sysctl checks"
1118 depends on SYSCTL
1119 ---help---
1120 sys_sysctl uses binary paths that have been found challenging
1121 to properly maintain and use. This enables checks that help
1122 you to keep things correct.
1123
1124source mm/Kconfig.debug 1116source mm/Kconfig.debug
1125source kernel/trace/Kconfig 1117source kernel/trace/Kconfig
1126 1118