diff options
author | Denis V. Lunev <den@openvz.org> | 2008-03-27 19:55:53 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-03-27 19:55:53 -0400 |
commit | 8eeee8b152ae6bbe181518efaf62ba8e9c613693 (patch) | |
tree | b5900762ddf2a5d03ed31da629b726c6fd6a710f /net | |
parent | 920fc941a9617f95ccb283037fe6f8a38d95bb69 (diff) |
[NETFILTER]: Replate direct proc_fops assignment with proc_create call.
This elliminates infamous race during module loading when one could lookup
proc entry without proc_fops assigned.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/ip_queue.c | 8 | ||||
-rw-r--r-- | net/ipv4/netfilter/ipt_CLUSTERIP.c | 5 | ||||
-rw-r--r-- | net/ipv4/netfilter/ipt_recent.c | 3 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c | 7 | ||||
-rw-r--r-- | net/ipv6/netfilter/ip6_queue.c | 8 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_standalone.c | 9 | ||||
-rw-r--r-- | net/netfilter/nf_log.c | 8 | ||||
-rw-r--r-- | net/netfilter/nf_queue.c | 7 | ||||
-rw-r--r-- | net/netfilter/nfnetlink_log.c | 9 | ||||
-rw-r--r-- | net/netfilter/nfnetlink_queue.c | 9 | ||||
-rw-r--r-- | net/netfilter/xt_hashlimit.c | 16 |
11 files changed, 30 insertions, 59 deletions
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index fe05da41d6ba..4dc162894cb2 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c | |||
@@ -588,11 +588,9 @@ static int __init ip_queue_init(void) | |||
588 | } | 588 | } |
589 | 589 | ||
590 | #ifdef CONFIG_PROC_FS | 590 | #ifdef CONFIG_PROC_FS |
591 | proc = create_proc_entry(IPQ_PROC_FS_NAME, 0, init_net.proc_net); | 591 | proc = proc_create(IPQ_PROC_FS_NAME, 0, init_net.proc_net, |
592 | if (proc) { | 592 | &ip_queue_proc_fops); |
593 | proc->owner = THIS_MODULE; | 593 | if (!proc) { |
594 | proc->proc_fops = &ip_queue_proc_fops; | ||
595 | } else { | ||
596 | printk(KERN_ERR "ip_queue: failed to create proc entry\n"); | 594 | printk(KERN_ERR "ip_queue: failed to create proc entry\n"); |
597 | goto cleanup_ipqnl; | 595 | goto cleanup_ipqnl; |
598 | } | 596 | } |
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index c6cf84c77611..52926c8e3cc1 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
@@ -167,14 +167,13 @@ clusterip_config_init(struct ipt_clusterip_tgt_info *i, __be32 ip, | |||
167 | 167 | ||
168 | /* create proc dir entry */ | 168 | /* create proc dir entry */ |
169 | sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(ip)); | 169 | sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(ip)); |
170 | c->pde = create_proc_entry(buffer, S_IWUSR|S_IRUSR, | 170 | c->pde = proc_create(buffer, S_IWUSR|S_IRUSR, |
171 | clusterip_procdir); | 171 | clusterip_procdir, &clusterip_proc_fops); |
172 | if (!c->pde) { | 172 | if (!c->pde) { |
173 | kfree(c); | 173 | kfree(c); |
174 | return NULL; | 174 | return NULL; |
175 | } | 175 | } |
176 | } | 176 | } |
177 | c->pde->proc_fops = &clusterip_proc_fops; | ||
178 | c->pde->data = c; | 177 | c->pde->data = c; |
179 | #endif | 178 | #endif |
180 | 179 | ||
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 8e8f0425a8ed..50e06690eb5b 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c | |||
@@ -276,12 +276,11 @@ recent_mt_check(const char *tablename, const void *ip, | |||
276 | for (i = 0; i < ip_list_hash_size; i++) | 276 | for (i = 0; i < ip_list_hash_size; i++) |
277 | INIT_LIST_HEAD(&t->iphash[i]); | 277 | INIT_LIST_HEAD(&t->iphash[i]); |
278 | #ifdef CONFIG_PROC_FS | 278 | #ifdef CONFIG_PROC_FS |
279 | t->proc = create_proc_entry(t->name, ip_list_perms, proc_dir); | 279 | t->proc = proc_create(t->name, ip_list_perms, proc_dir, &recent_fops); |
280 | if (t->proc == NULL) { | 280 | if (t->proc == NULL) { |
281 | kfree(t); | 281 | kfree(t); |
282 | goto out; | 282 | goto out; |
283 | } | 283 | } |
284 | t->proc->proc_fops = &recent_fops; | ||
285 | t->proc->uid = ip_list_uid; | 284 | t->proc->uid = ip_list_uid; |
286 | t->proc->gid = ip_list_gid; | 285 | t->proc->gid = ip_list_gid; |
287 | t->proc->data = t; | 286 | t->proc->data = t; |
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c index 089252e82c01..f500b0fdaef4 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c | |||
@@ -395,13 +395,10 @@ int __init nf_conntrack_ipv4_compat_init(void) | |||
395 | if (!proc_exp) | 395 | if (!proc_exp) |
396 | goto err2; | 396 | goto err2; |
397 | 397 | ||
398 | proc_stat = create_proc_entry("ip_conntrack", S_IRUGO, init_net.proc_net_stat); | 398 | proc_stat = proc_create("ip_conntrack", S_IRUGO, |
399 | init_net.proc_net_stat, &ct_cpu_seq_fops); | ||
399 | if (!proc_stat) | 400 | if (!proc_stat) |
400 | goto err3; | 401 | goto err3; |
401 | |||
402 | proc_stat->proc_fops = &ct_cpu_seq_fops; | ||
403 | proc_stat->owner = THIS_MODULE; | ||
404 | |||
405 | return 0; | 402 | return 0; |
406 | 403 | ||
407 | err3: | 404 | err3: |
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c index cc2f9afcf808..8d366f7f2a9a 100644 --- a/net/ipv6/netfilter/ip6_queue.c +++ b/net/ipv6/netfilter/ip6_queue.c | |||
@@ -591,11 +591,9 @@ static int __init ip6_queue_init(void) | |||
591 | } | 591 | } |
592 | 592 | ||
593 | #ifdef CONFIG_PROC_FS | 593 | #ifdef CONFIG_PROC_FS |
594 | proc = create_proc_entry(IPQ_PROC_FS_NAME, 0, init_net.proc_net); | 594 | proc = proc_create(IPQ_PROC_FS_NAME, 0, init_net.proc_net, |
595 | if (proc) { | 595 | &ip6_queue_proc_fops); |
596 | proc->owner = THIS_MODULE; | 596 | if (!proc) { |
597 | proc->proc_fops = &ip6_queue_proc_fops; | ||
598 | } else { | ||
599 | printk(KERN_ERR "ip6_queue: failed to create proc entry\n"); | 597 | printk(KERN_ERR "ip6_queue: failed to create proc entry\n"); |
600 | goto cleanup_ipqnl; | 598 | goto cleanup_ipqnl; |
601 | } | 599 | } |
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index e88e96af613d..8599068050ec 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c | |||
@@ -395,7 +395,7 @@ EXPORT_SYMBOL_GPL(nf_ct_log_invalid); | |||
395 | static int __init nf_conntrack_standalone_init(void) | 395 | static int __init nf_conntrack_standalone_init(void) |
396 | { | 396 | { |
397 | #ifdef CONFIG_PROC_FS | 397 | #ifdef CONFIG_PROC_FS |
398 | struct proc_dir_entry *proc, *proc_stat; | 398 | struct proc_dir_entry *proc; |
399 | #endif | 399 | #endif |
400 | int ret = 0; | 400 | int ret = 0; |
401 | 401 | ||
@@ -407,12 +407,9 @@ static int __init nf_conntrack_standalone_init(void) | |||
407 | proc = proc_net_fops_create(&init_net, "nf_conntrack", 0440, &ct_file_ops); | 407 | proc = proc_net_fops_create(&init_net, "nf_conntrack", 0440, &ct_file_ops); |
408 | if (!proc) goto cleanup_init; | 408 | if (!proc) goto cleanup_init; |
409 | 409 | ||
410 | proc_stat = create_proc_entry("nf_conntrack", S_IRUGO, init_net.proc_net_stat); | 410 | if (!proc_create("nf_conntrack", S_IRUGO, |
411 | if (!proc_stat) | 411 | init_net.proc_net_stat, &ct_cpu_seq_fops)) |
412 | goto cleanup_proc; | 412 | goto cleanup_proc; |
413 | |||
414 | proc_stat->proc_fops = &ct_cpu_seq_fops; | ||
415 | proc_stat->owner = THIS_MODULE; | ||
416 | #endif | 413 | #endif |
417 | #ifdef CONFIG_SYSCTL | 414 | #ifdef CONFIG_SYSCTL |
418 | nf_ct_sysctl_header = register_sysctl_paths(nf_ct_path, | 415 | nf_ct_sysctl_header = register_sysctl_paths(nf_ct_path, |
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index cec9976aecbf..bc11d7092032 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c | |||
@@ -168,13 +168,9 @@ static const struct file_operations nflog_file_ops = { | |||
168 | int __init netfilter_log_init(void) | 168 | int __init netfilter_log_init(void) |
169 | { | 169 | { |
170 | #ifdef CONFIG_PROC_FS | 170 | #ifdef CONFIG_PROC_FS |
171 | struct proc_dir_entry *pde; | 171 | if (!proc_create("nf_log", S_IRUGO, |
172 | 172 | proc_net_netfilter, &nflog_file_ops)) | |
173 | pde = create_proc_entry("nf_log", S_IRUGO, proc_net_netfilter); | ||
174 | if (!pde) | ||
175 | return -1; | 173 | return -1; |
176 | |||
177 | pde->proc_fops = &nflog_file_ops; | ||
178 | #endif | 174 | #endif |
179 | return 0; | 175 | return 0; |
180 | } | 176 | } |
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c index ddc80ea114cd..bbd26893c0c4 100644 --- a/net/netfilter/nf_queue.c +++ b/net/netfilter/nf_queue.c | |||
@@ -348,12 +348,9 @@ static const struct file_operations nfqueue_file_ops = { | |||
348 | int __init netfilter_queue_init(void) | 348 | int __init netfilter_queue_init(void) |
349 | { | 349 | { |
350 | #ifdef CONFIG_PROC_FS | 350 | #ifdef CONFIG_PROC_FS |
351 | struct proc_dir_entry *pde; | 351 | if (!proc_create("nf_queue", S_IRUGO, |
352 | 352 | proc_net_netfilter, &nfqueue_file_ops)) | |
353 | pde = create_proc_entry("nf_queue", S_IRUGO, proc_net_netfilter); | ||
354 | if (!pde) | ||
355 | return -1; | 353 | return -1; |
356 | pde->proc_fops = &nfqueue_file_ops; | ||
357 | #endif | 354 | #endif |
358 | return 0; | 355 | return 0; |
359 | } | 356 | } |
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index bf3f19b21fe4..b8173af8c24a 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
@@ -923,9 +923,6 @@ static const struct file_operations nful_file_ops = { | |||
923 | static int __init nfnetlink_log_init(void) | 923 | static int __init nfnetlink_log_init(void) |
924 | { | 924 | { |
925 | int i, status = -ENOMEM; | 925 | int i, status = -ENOMEM; |
926 | #ifdef CONFIG_PROC_FS | ||
927 | struct proc_dir_entry *proc_nful; | ||
928 | #endif | ||
929 | 926 | ||
930 | for (i = 0; i < INSTANCE_BUCKETS; i++) | 927 | for (i = 0; i < INSTANCE_BUCKETS; i++) |
931 | INIT_HLIST_HEAD(&instance_table[i]); | 928 | INIT_HLIST_HEAD(&instance_table[i]); |
@@ -943,11 +940,9 @@ static int __init nfnetlink_log_init(void) | |||
943 | } | 940 | } |
944 | 941 | ||
945 | #ifdef CONFIG_PROC_FS | 942 | #ifdef CONFIG_PROC_FS |
946 | proc_nful = create_proc_entry("nfnetlink_log", 0440, | 943 | if (!proc_create("nfnetlink_log", 0440, |
947 | proc_net_netfilter); | 944 | proc_net_netfilter, &nful_file_ops)) |
948 | if (!proc_nful) | ||
949 | goto cleanup_subsys; | 945 | goto cleanup_subsys; |
950 | proc_nful->proc_fops = &nful_file_ops; | ||
951 | #endif | 946 | #endif |
952 | return status; | 947 | return status; |
953 | 948 | ||
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 012cb6910820..10522c04ed24 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c | |||
@@ -896,9 +896,6 @@ static const struct file_operations nfqnl_file_ops = { | |||
896 | static int __init nfnetlink_queue_init(void) | 896 | static int __init nfnetlink_queue_init(void) |
897 | { | 897 | { |
898 | int i, status = -ENOMEM; | 898 | int i, status = -ENOMEM; |
899 | #ifdef CONFIG_PROC_FS | ||
900 | struct proc_dir_entry *proc_nfqueue; | ||
901 | #endif | ||
902 | 899 | ||
903 | for (i = 0; i < INSTANCE_BUCKETS; i++) | 900 | for (i = 0; i < INSTANCE_BUCKETS; i++) |
904 | INIT_HLIST_HEAD(&instance_table[i]); | 901 | INIT_HLIST_HEAD(&instance_table[i]); |
@@ -911,11 +908,9 @@ static int __init nfnetlink_queue_init(void) | |||
911 | } | 908 | } |
912 | 909 | ||
913 | #ifdef CONFIG_PROC_FS | 910 | #ifdef CONFIG_PROC_FS |
914 | proc_nfqueue = create_proc_entry("nfnetlink_queue", 0440, | 911 | if (!proc_create("nfnetlink_queue", 0440, |
915 | proc_net_netfilter); | 912 | proc_net_netfilter, &nfqnl_file_ops)) |
916 | if (!proc_nfqueue) | ||
917 | goto cleanup_subsys; | 913 | goto cleanup_subsys; |
918 | proc_nfqueue->proc_fops = &nfqnl_file_ops; | ||
919 | #endif | 914 | #endif |
920 | 915 | ||
921 | register_netdevice_notifier(&nfqnl_dev_notifier); | 916 | register_netdevice_notifier(&nfqnl_dev_notifier); |
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 5418ce59ac3a..dc29007c52cd 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
@@ -237,14 +237,14 @@ static int htable_create_v0(struct xt_hashlimit_info *minfo, int family) | |||
237 | hinfo->family = family; | 237 | hinfo->family = family; |
238 | hinfo->rnd_initialized = 0; | 238 | hinfo->rnd_initialized = 0; |
239 | spin_lock_init(&hinfo->lock); | 239 | spin_lock_init(&hinfo->lock); |
240 | hinfo->pde = create_proc_entry(minfo->name, 0, | 240 | hinfo->pde = proc_create(minfo->name, 0, |
241 | family == AF_INET ? hashlimit_procdir4 : | 241 | family == AF_INET ? hashlimit_procdir4 : |
242 | hashlimit_procdir6); | 242 | hashlimit_procdir6, |
243 | &dl_file_ops); | ||
243 | if (!hinfo->pde) { | 244 | if (!hinfo->pde) { |
244 | vfree(hinfo); | 245 | vfree(hinfo); |
245 | return -1; | 246 | return -1; |
246 | } | 247 | } |
247 | hinfo->pde->proc_fops = &dl_file_ops; | ||
248 | hinfo->pde->data = hinfo; | 248 | hinfo->pde->data = hinfo; |
249 | 249 | ||
250 | setup_timer(&hinfo->timer, htable_gc, (unsigned long )hinfo); | 250 | setup_timer(&hinfo->timer, htable_gc, (unsigned long )hinfo); |
@@ -301,14 +301,14 @@ static int htable_create(struct xt_hashlimit_mtinfo1 *minfo, | |||
301 | hinfo->rnd_initialized = 0; | 301 | hinfo->rnd_initialized = 0; |
302 | spin_lock_init(&hinfo->lock); | 302 | spin_lock_init(&hinfo->lock); |
303 | 303 | ||
304 | hinfo->pde = create_proc_entry(minfo->name, 0, | 304 | hinfo->pde = proc_create(minfo->name, 0, |
305 | family == AF_INET ? hashlimit_procdir4 : | 305 | family == AF_INET ? hashlimit_procdir4 : |
306 | hashlimit_procdir6); | 306 | hashlimit_procdir6, |
307 | &dl_file_ops); | ||
307 | if (hinfo->pde == NULL) { | 308 | if (hinfo->pde == NULL) { |
308 | vfree(hinfo); | 309 | vfree(hinfo); |
309 | return -1; | 310 | return -1; |
310 | } | 311 | } |
311 | hinfo->pde->proc_fops = &dl_file_ops; | ||
312 | hinfo->pde->data = hinfo; | 312 | hinfo->pde->data = hinfo; |
313 | 313 | ||
314 | setup_timer(&hinfo->timer, htable_gc, (unsigned long)hinfo); | 314 | setup_timer(&hinfo->timer, htable_gc, (unsigned long)hinfo); |