diff options
-rw-r--r-- | fs/ntfs/sysctl.c | 8 | ||||
-rw-r--r-- | include/linux/sysctl.h | 1 | ||||
-rw-r--r-- | net/decnet/dn_dev.c | 5 | ||||
-rw-r--r-- | net/ipv4/devinet.c | 5 | ||||
-rw-r--r-- | net/ipv6/addrconf.c | 5 | ||||
-rw-r--r-- | security/selinux/hooks.c | 39 |
6 files changed, 37 insertions, 26 deletions
diff --git a/fs/ntfs/sysctl.c b/fs/ntfs/sysctl.c index 1f1ee4c9eacc..4847fbfb0107 100644 --- a/fs/ntfs/sysctl.c +++ b/fs/ntfs/sysctl.c | |||
@@ -73,14 +73,6 @@ int ntfs_sysctl(int add) | |||
73 | sysctls_root_table = register_sysctl_table(sysctls_root); | 73 | sysctls_root_table = register_sysctl_table(sysctls_root); |
74 | if (!sysctls_root_table) | 74 | if (!sysctls_root_table) |
75 | return -ENOMEM; | 75 | return -ENOMEM; |
76 | #ifdef CONFIG_PROC_FS | ||
77 | /* | ||
78 | * If the proc filesystem is in use and we are a module, need | ||
79 | * to set the owner of our proc entry to our module. In the | ||
80 | * non-modular case, THIS_MODULE is NULL, so this is ok. | ||
81 | */ | ||
82 | ntfs_sysctls[0].de->owner = THIS_MODULE; | ||
83 | #endif | ||
84 | } else { | 76 | } else { |
85 | BUG_ON(!sysctls_root_table); | 77 | BUG_ON(!sysctls_root_table); |
86 | unregister_sysctl_table(sysctls_root_table); | 78 | unregister_sysctl_table(sysctls_root_table); |
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 1371d7b86810..2c5fb38d9392 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h | |||
@@ -1025,7 +1025,6 @@ struct ctl_table | |||
1025 | ctl_table *parent; /* Automatically set */ | 1025 | ctl_table *parent; /* Automatically set */ |
1026 | proc_handler *proc_handler; /* Callback for text formatting */ | 1026 | proc_handler *proc_handler; /* Callback for text formatting */ |
1027 | ctl_handler *strategy; /* Callback function for all r/w */ | 1027 | ctl_handler *strategy; /* Callback function for all r/w */ |
1028 | struct proc_dir_entry *de; /* /proc control block */ | ||
1029 | void *extra1; | 1028 | void *extra1; |
1030 | void *extra2; | 1029 | void *extra2; |
1031 | }; | 1030 | }; |
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c index 0977df42c205..060d725e2942 100644 --- a/net/decnet/dn_dev.c +++ b/net/decnet/dn_dev.c | |||
@@ -261,7 +261,6 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms * | |||
261 | for(i = 0; i < ARRAY_SIZE(t->dn_dev_vars) - 1; i++) { | 261 | for(i = 0; i < ARRAY_SIZE(t->dn_dev_vars) - 1; i++) { |
262 | long offset = (long)t->dn_dev_vars[i].data; | 262 | long offset = (long)t->dn_dev_vars[i].data; |
263 | t->dn_dev_vars[i].data = ((char *)parms) + offset; | 263 | t->dn_dev_vars[i].data = ((char *)parms) + offset; |
264 | t->dn_dev_vars[i].de = NULL; | ||
265 | } | 264 | } |
266 | 265 | ||
267 | if (dev) { | 266 | if (dev) { |
@@ -273,13 +272,9 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms * | |||
273 | } | 272 | } |
274 | 273 | ||
275 | t->dn_dev_dev[0].child = t->dn_dev_vars; | 274 | t->dn_dev_dev[0].child = t->dn_dev_vars; |
276 | t->dn_dev_dev[0].de = NULL; | ||
277 | t->dn_dev_conf_dir[0].child = t->dn_dev_dev; | 275 | t->dn_dev_conf_dir[0].child = t->dn_dev_dev; |
278 | t->dn_dev_conf_dir[0].de = NULL; | ||
279 | t->dn_dev_proto_dir[0].child = t->dn_dev_conf_dir; | 276 | t->dn_dev_proto_dir[0].child = t->dn_dev_conf_dir; |
280 | t->dn_dev_proto_dir[0].de = NULL; | ||
281 | t->dn_dev_root_dir[0].child = t->dn_dev_proto_dir; | 277 | t->dn_dev_root_dir[0].child = t->dn_dev_proto_dir; |
282 | t->dn_dev_root_dir[0].de = NULL; | ||
283 | t->dn_dev_vars[0].extra1 = (void *)dev; | 278 | t->dn_dev_vars[0].extra1 = (void *)dev; |
284 | 279 | ||
285 | t->sysctl_header = register_sysctl_table(t->dn_dev_root_dir); | 280 | t->sysctl_header = register_sysctl_table(t->dn_dev_root_dir); |
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index bf3eb2dc7662..8a0ec10a13a7 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c | |||
@@ -1576,7 +1576,6 @@ static void devinet_sysctl_register(struct in_device *in_dev, | |||
1576 | return; | 1576 | return; |
1577 | for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { | 1577 | for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { |
1578 | t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; | 1578 | t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; |
1579 | t->devinet_vars[i].de = NULL; | ||
1580 | } | 1579 | } |
1581 | 1580 | ||
1582 | if (dev) { | 1581 | if (dev) { |
@@ -1598,13 +1597,9 @@ static void devinet_sysctl_register(struct in_device *in_dev, | |||
1598 | 1597 | ||
1599 | t->devinet_dev[0].procname = dev_name; | 1598 | t->devinet_dev[0].procname = dev_name; |
1600 | t->devinet_dev[0].child = t->devinet_vars; | 1599 | t->devinet_dev[0].child = t->devinet_vars; |
1601 | t->devinet_dev[0].de = NULL; | ||
1602 | t->devinet_conf_dir[0].child = t->devinet_dev; | 1600 | t->devinet_conf_dir[0].child = t->devinet_dev; |
1603 | t->devinet_conf_dir[0].de = NULL; | ||
1604 | t->devinet_proto_dir[0].child = t->devinet_conf_dir; | 1601 | t->devinet_proto_dir[0].child = t->devinet_conf_dir; |
1605 | t->devinet_proto_dir[0].de = NULL; | ||
1606 | t->devinet_root_dir[0].child = t->devinet_proto_dir; | 1602 | t->devinet_root_dir[0].child = t->devinet_proto_dir; |
1607 | t->devinet_root_dir[0].de = NULL; | ||
1608 | 1603 | ||
1609 | t->sysctl_header = register_sysctl_table(t->devinet_root_dir); | 1604 | t->sysctl_header = register_sysctl_table(t->devinet_root_dir); |
1610 | if (!t->sysctl_header) | 1605 | if (!t->sysctl_header) |
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 34d80b4aaa04..569a37d698f7 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c | |||
@@ -3998,7 +3998,6 @@ static void addrconf_sysctl_register(struct inet6_dev *idev, struct ipv6_devconf | |||
3998 | return; | 3998 | return; |
3999 | for (i=0; t->addrconf_vars[i].data; i++) { | 3999 | for (i=0; t->addrconf_vars[i].data; i++) { |
4000 | t->addrconf_vars[i].data += (char*)p - (char*)&ipv6_devconf; | 4000 | t->addrconf_vars[i].data += (char*)p - (char*)&ipv6_devconf; |
4001 | t->addrconf_vars[i].de = NULL; | ||
4002 | t->addrconf_vars[i].extra1 = idev; /* embedded; no ref */ | 4001 | t->addrconf_vars[i].extra1 = idev; /* embedded; no ref */ |
4003 | } | 4002 | } |
4004 | if (dev) { | 4003 | if (dev) { |
@@ -4021,13 +4020,9 @@ static void addrconf_sysctl_register(struct inet6_dev *idev, struct ipv6_devconf | |||
4021 | t->addrconf_dev[0].procname = dev_name; | 4020 | t->addrconf_dev[0].procname = dev_name; |
4022 | 4021 | ||
4023 | t->addrconf_dev[0].child = t->addrconf_vars; | 4022 | t->addrconf_dev[0].child = t->addrconf_vars; |
4024 | t->addrconf_dev[0].de = NULL; | ||
4025 | t->addrconf_conf_dir[0].child = t->addrconf_dev; | 4023 | t->addrconf_conf_dir[0].child = t->addrconf_dev; |
4026 | t->addrconf_conf_dir[0].de = NULL; | ||
4027 | t->addrconf_proto_dir[0].child = t->addrconf_conf_dir; | 4024 | t->addrconf_proto_dir[0].child = t->addrconf_conf_dir; |
4028 | t->addrconf_proto_dir[0].de = NULL; | ||
4029 | t->addrconf_root_dir[0].child = t->addrconf_proto_dir; | 4025 | t->addrconf_root_dir[0].child = t->addrconf_proto_dir; |
4030 | t->addrconf_root_dir[0].de = NULL; | ||
4031 | 4026 | ||
4032 | t->sysctl_header = register_sysctl_table(t->addrconf_root_dir); | 4027 | t->sysctl_header = register_sysctl_table(t->addrconf_root_dir); |
4033 | if (t->sysctl_header == NULL) | 4028 | if (t->sysctl_header == NULL) |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 35eb8de892fc..118ddfb614ee 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -1423,6 +1423,41 @@ static int selinux_capable(struct task_struct *tsk, int cap) | |||
1423 | return task_has_capability(tsk,cap); | 1423 | return task_has_capability(tsk,cap); |
1424 | } | 1424 | } |
1425 | 1425 | ||
1426 | static int selinux_sysctl_get_sid(ctl_table *table, u16 tclass, u32 *sid) | ||
1427 | { | ||
1428 | int buflen, rc; | ||
1429 | char *buffer, *path, *end; | ||
1430 | |||
1431 | rc = -ENOMEM; | ||
1432 | buffer = (char*)__get_free_page(GFP_KERNEL); | ||
1433 | if (!buffer) | ||
1434 | goto out; | ||
1435 | |||
1436 | buflen = PAGE_SIZE; | ||
1437 | end = buffer+buflen; | ||
1438 | *--end = '\0'; | ||
1439 | buflen--; | ||
1440 | path = end-1; | ||
1441 | *path = '/'; | ||
1442 | while (table) { | ||
1443 | const char *name = table->procname; | ||
1444 | size_t namelen = strlen(name); | ||
1445 | buflen -= namelen + 1; | ||
1446 | if (buflen < 0) | ||
1447 | goto out_free; | ||
1448 | end -= namelen; | ||
1449 | memcpy(end, name, namelen); | ||
1450 | *--end = '/'; | ||
1451 | path = end; | ||
1452 | table = table->parent; | ||
1453 | } | ||
1454 | rc = security_genfs_sid("proc", path, tclass, sid); | ||
1455 | out_free: | ||
1456 | free_page((unsigned long)buffer); | ||
1457 | out: | ||
1458 | return rc; | ||
1459 | } | ||
1460 | |||
1426 | static int selinux_sysctl(ctl_table *table, int op) | 1461 | static int selinux_sysctl(ctl_table *table, int op) |
1427 | { | 1462 | { |
1428 | int error = 0; | 1463 | int error = 0; |
@@ -1437,8 +1472,8 @@ static int selinux_sysctl(ctl_table *table, int op) | |||
1437 | 1472 | ||
1438 | tsec = current->security; | 1473 | tsec = current->security; |
1439 | 1474 | ||
1440 | rc = selinux_proc_get_sid(table->de, (op == 001) ? | 1475 | rc = selinux_sysctl_get_sid(table, (op == 0001) ? |
1441 | SECCLASS_DIR : SECCLASS_FILE, &tsid); | 1476 | SECCLASS_DIR : SECCLASS_FILE, &tsid); |
1442 | if (rc) { | 1477 | if (rc) { |
1443 | /* Default to the well-defined sysctl SID. */ | 1478 | /* Default to the well-defined sysctl SID. */ |
1444 | tsid = SECINITSID_SYSCTL; | 1479 | tsid = SECINITSID_SYSCTL; |