6 files changed, 37 insertions, 26 deletions

diff --git a/fs/ntfs/sysctl.c b/fs/ntfs/sysctl.c
index 1f1ee4c9eacc..4847fbfb0107 100644
--- a/fs/ntfs/sysctl.c
+++ b/fs/ntfs/sysctl.c
@@ -73,14 +73,6 @@ int ntfs_sysctl(int add)
                 sysctls_root_table = register_sysctl_table(sysctls_root);
                 if (!sysctls_root_table)
                         return -ENOMEM;
-#ifdef CONFIG_PROC_FS
-                /*
-                 * If the proc filesystem is in use and we are a module, need
-                 * to set the owner of our proc entry to our module. In the
-                 * non-modular case, THIS_MODULE is NULL, so this is ok.
-                 */
-                ntfs_sysctls[0].de->owner = THIS_MODULE;
-#endif
         } else {
                 BUG_ON(!sysctls_root_table);
                 unregister_sysctl_table(sysctls_root_table);
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 1371d7b86810..2c5fb38d9392 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -1025,7 +1025,6 @@ struct ctl_table
         ctl_table *parent;              /* Automatically set */
         proc_handler *proc_handler;     /* Callback for text formatting */
         ctl_handler *strategy;          /* Callback function for all r/w */
-        struct proc_dir_entry *de;      /* /proc control block */
         void *extra1;
         void *extra2;
 };
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index 0977df42c205..060d725e2942 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -261,7 +261,6 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
         for(i = 0; i < ARRAY_SIZE(t->dn_dev_vars) - 1; i++) {
                 long offset = (long)t->dn_dev_vars[i].data;
                 t->dn_dev_vars[i].data = ((char *)parms) + offset;
-                t->dn_dev_vars[i].de = NULL;
         }
 
         if (dev) {
@@ -273,13 +272,9 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
         }
 
         t->dn_dev_dev[0].child = t->dn_dev_vars;
-        t->dn_dev_dev[0].de = NULL;
         t->dn_dev_conf_dir[0].child = t->dn_dev_dev;
-        t->dn_dev_conf_dir[0].de = NULL;
         t->dn_dev_proto_dir[0].child = t->dn_dev_conf_dir;
-        t->dn_dev_proto_dir[0].de = NULL;
         t->dn_dev_root_dir[0].child = t->dn_dev_proto_dir;
-        t->dn_dev_root_dir[0].de = NULL;
         t->dn_dev_vars[0].extra1 = (void *)dev;
 
         t->sysctl_header = register_sysctl_table(t->dn_dev_root_dir);
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index bf3eb2dc7662..8a0ec10a13a7 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -1576,7 +1576,6 @@ static void devinet_sysctl_register(struct in_device *in_dev,
                 return;
         for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
                 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
-                t->devinet_vars[i].de = NULL;
         }
 
         if (dev) {
@@ -1598,13 +1597,9 @@ static void devinet_sysctl_register(struct in_device *in_dev,
 
         t->devinet_dev[0].procname    = dev_name;
         t->devinet_dev[0].child       = t->devinet_vars;
-        t->devinet_dev[0].de          = NULL;
         t->devinet_conf_dir[0].child  = t->devinet_dev;
-        t->devinet_conf_dir[0].de     = NULL;
         t->devinet_proto_dir[0].child = t->devinet_conf_dir;
-        t->devinet_proto_dir[0].de    = NULL;
         t->devinet_root_dir[0].child  = t->devinet_proto_dir;
-        t->devinet_root_dir[0].de     = NULL;
 
         t->sysctl_header = register_sysctl_table(t->devinet_root_dir);
         if (!t->sysctl_header)
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 34d80b4aaa04..569a37d698f7 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -3998,7 +3998,6 @@ static void addrconf_sysctl_register(struct inet6_dev *idev, struct ipv6_devconf
                 return;
         for (i=0; t->addrconf_vars[i].data; i++) {
                 t->addrconf_vars[i].data += (char*)p - (char*)&ipv6_devconf;
-                t->addrconf_vars[i].de = NULL;
                 t->addrconf_vars[i].extra1 = idev; /* embedded; no ref */
         }
         if (dev) {
@@ -4021,13 +4020,9 @@ static void addrconf_sysctl_register(struct inet6_dev *idev, struct ipv6_devconf
         t->addrconf_dev[0].procname = dev_name;
 
         t->addrconf_dev[0].child = t->addrconf_vars;
-        t->addrconf_dev[0].de = NULL;
         t->addrconf_conf_dir[0].child = t->addrconf_dev;
-        t->addrconf_conf_dir[0].de = NULL;
         t->addrconf_proto_dir[0].child = t->addrconf_conf_dir;
-        t->addrconf_proto_dir[0].de = NULL;
         t->addrconf_root_dir[0].child = t->addrconf_proto_dir;
-        t->addrconf_root_dir[0].de = NULL;
 
         t->sysctl_header = register_sysctl_table(t->addrconf_root_dir);
         if (t->sysctl_header == NULL)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 35eb8de892fc..118ddfb614ee 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1423,6 +1423,41 @@ static int selinux_capable(struct task_struct *tsk, int cap)
         return task_has_capability(tsk,cap);
 }
 
+static int selinux_sysctl_get_sid(ctl_table *table, u16 tclass, u32 *sid)
+{
+        int buflen, rc;
+        char *buffer, *path, *end;
+
+        rc = -ENOMEM;
+        buffer = (char*)__get_free_page(GFP_KERNEL);
+        if (!buffer)
+                goto out;
+
+        buflen = PAGE_SIZE;
+        end = buffer+buflen;
+        *--end = '\0';
+        buflen--;
+        path = end-1;
+        *path = '/';
+        while (table) {
+                const char *name = table->procname;
+                size_t namelen = strlen(name);
+                buflen -= namelen + 1;
+                if (buflen < 0)
+                        goto out_free;
+                end -= namelen;
+                memcpy(end, name, namelen);
+                *--end = '/';
+                path = end;
+                table = table->parent;
+        }
+        rc = security_genfs_sid("proc", path, tclass, sid);
+out_free:
+        free_page((unsigned long)buffer);
+out:
+        return rc;
+}
+
 static int selinux_sysctl(ctl_table *table, int op)
 {
         int error = 0;
@@ -1437,8 +1472,8 @@ static int selinux_sysctl(ctl_table *table, int op)
 
         tsec = current->security;
 
-        rc = selinux_proc_get_sid(table->de, (op == 001) ?
-                                  SECCLASS_DIR : SECCLASS_FILE, &tsid);
+        rc = selinux_sysctl_get_sid(table, (op == 0001) ?
+                                    SECCLASS_DIR : SECCLASS_FILE, &tsid);
         if (rc) {
                 /* Default to the well-defined sysctl SID. */
                 tsid = SECINITSID_SYSCTL;