diff options
Diffstat (limited to 'kernel/sysctl.c')
-rw-r--r-- | kernel/sysctl.c | 168 |
1 files changed, 152 insertions, 16 deletions
diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 35a50db9b6ce..fe4713347275 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c | |||
@@ -160,12 +160,13 @@ static struct ctl_table root_table[]; | |||
160 | static struct ctl_table_root sysctl_table_root; | 160 | static struct ctl_table_root sysctl_table_root; |
161 | static struct ctl_table_header root_table_header = { | 161 | static struct ctl_table_header root_table_header = { |
162 | .ctl_table = root_table, | 162 | .ctl_table = root_table, |
163 | .ctl_entry = LIST_HEAD_INIT(sysctl_table_root.header_list), | 163 | .ctl_entry = LIST_HEAD_INIT(sysctl_table_root.default_set.list), |
164 | .root = &sysctl_table_root, | 164 | .root = &sysctl_table_root, |
165 | .set = &sysctl_table_root.default_set, | ||
165 | }; | 166 | }; |
166 | static struct ctl_table_root sysctl_table_root = { | 167 | static struct ctl_table_root sysctl_table_root = { |
167 | .root_list = LIST_HEAD_INIT(sysctl_table_root.root_list), | 168 | .root_list = LIST_HEAD_INIT(sysctl_table_root.root_list), |
168 | .header_list = LIST_HEAD_INIT(root_table_header.ctl_entry), | 169 | .default_set.list = LIST_HEAD_INIT(root_table_header.ctl_entry), |
169 | }; | 170 | }; |
170 | 171 | ||
171 | static struct ctl_table kern_table[]; | 172 | static struct ctl_table kern_table[]; |
@@ -1386,6 +1387,9 @@ static void start_unregistering(struct ctl_table_header *p) | |||
1386 | spin_unlock(&sysctl_lock); | 1387 | spin_unlock(&sysctl_lock); |
1387 | wait_for_completion(&wait); | 1388 | wait_for_completion(&wait); |
1388 | spin_lock(&sysctl_lock); | 1389 | spin_lock(&sysctl_lock); |
1390 | } else { | ||
1391 | /* anything non-NULL; we'll never dereference it */ | ||
1392 | p->unregistering = ERR_PTR(-EINVAL); | ||
1389 | } | 1393 | } |
1390 | /* | 1394 | /* |
1391 | * do not remove from the list until nobody holds it; walking the | 1395 | * do not remove from the list until nobody holds it; walking the |
@@ -1394,6 +1398,32 @@ static void start_unregistering(struct ctl_table_header *p) | |||
1394 | list_del_init(&p->ctl_entry); | 1398 | list_del_init(&p->ctl_entry); |
1395 | } | 1399 | } |
1396 | 1400 | ||
1401 | void sysctl_head_get(struct ctl_table_header *head) | ||
1402 | { | ||
1403 | spin_lock(&sysctl_lock); | ||
1404 | head->count++; | ||
1405 | spin_unlock(&sysctl_lock); | ||
1406 | } | ||
1407 | |||
1408 | void sysctl_head_put(struct ctl_table_header *head) | ||
1409 | { | ||
1410 | spin_lock(&sysctl_lock); | ||
1411 | if (!--head->count) | ||
1412 | kfree(head); | ||
1413 | spin_unlock(&sysctl_lock); | ||
1414 | } | ||
1415 | |||
1416 | struct ctl_table_header *sysctl_head_grab(struct ctl_table_header *head) | ||
1417 | { | ||
1418 | if (!head) | ||
1419 | BUG(); | ||
1420 | spin_lock(&sysctl_lock); | ||
1421 | if (!use_table(head)) | ||
1422 | head = ERR_PTR(-ENOENT); | ||
1423 | spin_unlock(&sysctl_lock); | ||
1424 | return head; | ||
1425 | } | ||
1426 | |||
1397 | void sysctl_head_finish(struct ctl_table_header *head) | 1427 | void sysctl_head_finish(struct ctl_table_header *head) |
1398 | { | 1428 | { |
1399 | if (!head) | 1429 | if (!head) |
@@ -1403,14 +1433,20 @@ void sysctl_head_finish(struct ctl_table_header *head) | |||
1403 | spin_unlock(&sysctl_lock); | 1433 | spin_unlock(&sysctl_lock); |
1404 | } | 1434 | } |
1405 | 1435 | ||
1436 | static struct ctl_table_set * | ||
1437 | lookup_header_set(struct ctl_table_root *root, struct nsproxy *namespaces) | ||
1438 | { | ||
1439 | struct ctl_table_set *set = &root->default_set; | ||
1440 | if (root->lookup) | ||
1441 | set = root->lookup(root, namespaces); | ||
1442 | return set; | ||
1443 | } | ||
1444 | |||
1406 | static struct list_head * | 1445 | static struct list_head * |
1407 | lookup_header_list(struct ctl_table_root *root, struct nsproxy *namespaces) | 1446 | lookup_header_list(struct ctl_table_root *root, struct nsproxy *namespaces) |
1408 | { | 1447 | { |
1409 | struct list_head *header_list; | 1448 | struct ctl_table_set *set = lookup_header_set(root, namespaces); |
1410 | header_list = &root->header_list; | 1449 | return &set->list; |
1411 | if (root->lookup) | ||
1412 | header_list = root->lookup(root, namespaces); | ||
1413 | return header_list; | ||
1414 | } | 1450 | } |
1415 | 1451 | ||
1416 | struct ctl_table_header *__sysctl_head_next(struct nsproxy *namespaces, | 1452 | struct ctl_table_header *__sysctl_head_next(struct nsproxy *namespaces, |
@@ -1480,9 +1516,9 @@ static int do_sysctl_strategy(struct ctl_table_root *root, | |||
1480 | int op = 0, rc; | 1516 | int op = 0, rc; |
1481 | 1517 | ||
1482 | if (oldval) | 1518 | if (oldval) |
1483 | op |= 004; | 1519 | op |= MAY_READ; |
1484 | if (newval) | 1520 | if (newval) |
1485 | op |= 002; | 1521 | op |= MAY_WRITE; |
1486 | if (sysctl_perm(root, table, op)) | 1522 | if (sysctl_perm(root, table, op)) |
1487 | return -EPERM; | 1523 | return -EPERM; |
1488 | 1524 | ||
@@ -1524,7 +1560,7 @@ repeat: | |||
1524 | if (n == table->ctl_name) { | 1560 | if (n == table->ctl_name) { |
1525 | int error; | 1561 | int error; |
1526 | if (table->child) { | 1562 | if (table->child) { |
1527 | if (sysctl_perm(root, table, 001)) | 1563 | if (sysctl_perm(root, table, MAY_EXEC)) |
1528 | return -EPERM; | 1564 | return -EPERM; |
1529 | name++; | 1565 | name++; |
1530 | nlen--; | 1566 | nlen--; |
@@ -1599,7 +1635,7 @@ static int test_perm(int mode, int op) | |||
1599 | mode >>= 6; | 1635 | mode >>= 6; |
1600 | else if (in_egroup_p(0)) | 1636 | else if (in_egroup_p(0)) |
1601 | mode >>= 3; | 1637 | mode >>= 3; |
1602 | if ((mode & op & 0007) == op) | 1638 | if ((op & ~mode & (MAY_READ|MAY_WRITE|MAY_EXEC)) == 0) |
1603 | return 0; | 1639 | return 0; |
1604 | return -EACCES; | 1640 | return -EACCES; |
1605 | } | 1641 | } |
@@ -1609,7 +1645,7 @@ int sysctl_perm(struct ctl_table_root *root, struct ctl_table *table, int op) | |||
1609 | int error; | 1645 | int error; |
1610 | int mode; | 1646 | int mode; |
1611 | 1647 | ||
1612 | error = security_sysctl(table, op); | 1648 | error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC)); |
1613 | if (error) | 1649 | if (error) |
1614 | return error; | 1650 | return error; |
1615 | 1651 | ||
@@ -1644,6 +1680,54 @@ static __init int sysctl_init(void) | |||
1644 | 1680 | ||
1645 | core_initcall(sysctl_init); | 1681 | core_initcall(sysctl_init); |
1646 | 1682 | ||
1683 | static struct ctl_table *is_branch_in(struct ctl_table *branch, | ||
1684 | struct ctl_table *table) | ||
1685 | { | ||
1686 | struct ctl_table *p; | ||
1687 | const char *s = branch->procname; | ||
1688 | |||
1689 | /* branch should have named subdirectory as its first element */ | ||
1690 | if (!s || !branch->child) | ||
1691 | return NULL; | ||
1692 | |||
1693 | /* ... and nothing else */ | ||
1694 | if (branch[1].procname || branch[1].ctl_name) | ||
1695 | return NULL; | ||
1696 | |||
1697 | /* table should contain subdirectory with the same name */ | ||
1698 | for (p = table; p->procname || p->ctl_name; p++) { | ||
1699 | if (!p->child) | ||
1700 | continue; | ||
1701 | if (p->procname && strcmp(p->procname, s) == 0) | ||
1702 | return p; | ||
1703 | } | ||
1704 | return NULL; | ||
1705 | } | ||
1706 | |||
1707 | /* see if attaching q to p would be an improvement */ | ||
1708 | static void try_attach(struct ctl_table_header *p, struct ctl_table_header *q) | ||
1709 | { | ||
1710 | struct ctl_table *to = p->ctl_table, *by = q->ctl_table; | ||
1711 | struct ctl_table *next; | ||
1712 | int is_better = 0; | ||
1713 | int not_in_parent = !p->attached_by; | ||
1714 | |||
1715 | while ((next = is_branch_in(by, to)) != NULL) { | ||
1716 | if (by == q->attached_by) | ||
1717 | is_better = 1; | ||
1718 | if (to == p->attached_by) | ||
1719 | not_in_parent = 1; | ||
1720 | by = by->child; | ||
1721 | to = next->child; | ||
1722 | } | ||
1723 | |||
1724 | if (is_better && not_in_parent) { | ||
1725 | q->attached_by = by; | ||
1726 | q->attached_to = to; | ||
1727 | q->parent = p; | ||
1728 | } | ||
1729 | } | ||
1730 | |||
1647 | /** | 1731 | /** |
1648 | * __register_sysctl_paths - register a sysctl hierarchy | 1732 | * __register_sysctl_paths - register a sysctl hierarchy |
1649 | * @root: List of sysctl headers to register on | 1733 | * @root: List of sysctl headers to register on |
@@ -1720,10 +1804,10 @@ struct ctl_table_header *__register_sysctl_paths( | |||
1720 | struct nsproxy *namespaces, | 1804 | struct nsproxy *namespaces, |
1721 | const struct ctl_path *path, struct ctl_table *table) | 1805 | const struct ctl_path *path, struct ctl_table *table) |
1722 | { | 1806 | { |
1723 | struct list_head *header_list; | ||
1724 | struct ctl_table_header *header; | 1807 | struct ctl_table_header *header; |
1725 | struct ctl_table *new, **prevp; | 1808 | struct ctl_table *new, **prevp; |
1726 | unsigned int n, npath; | 1809 | unsigned int n, npath; |
1810 | struct ctl_table_set *set; | ||
1727 | 1811 | ||
1728 | /* Count the path components */ | 1812 | /* Count the path components */ |
1729 | for (npath = 0; path[npath].ctl_name || path[npath].procname; ++npath) | 1813 | for (npath = 0; path[npath].ctl_name || path[npath].procname; ++npath) |
@@ -1765,6 +1849,7 @@ struct ctl_table_header *__register_sysctl_paths( | |||
1765 | header->unregistering = NULL; | 1849 | header->unregistering = NULL; |
1766 | header->root = root; | 1850 | header->root = root; |
1767 | sysctl_set_parent(NULL, header->ctl_table); | 1851 | sysctl_set_parent(NULL, header->ctl_table); |
1852 | header->count = 1; | ||
1768 | #ifdef CONFIG_SYSCTL_SYSCALL_CHECK | 1853 | #ifdef CONFIG_SYSCTL_SYSCALL_CHECK |
1769 | if (sysctl_check_table(namespaces, header->ctl_table)) { | 1854 | if (sysctl_check_table(namespaces, header->ctl_table)) { |
1770 | kfree(header); | 1855 | kfree(header); |
@@ -1772,8 +1857,20 @@ struct ctl_table_header *__register_sysctl_paths( | |||
1772 | } | 1857 | } |
1773 | #endif | 1858 | #endif |
1774 | spin_lock(&sysctl_lock); | 1859 | spin_lock(&sysctl_lock); |
1775 | header_list = lookup_header_list(root, namespaces); | 1860 | header->set = lookup_header_set(root, namespaces); |
1776 | list_add_tail(&header->ctl_entry, header_list); | 1861 | header->attached_by = header->ctl_table; |
1862 | header->attached_to = root_table; | ||
1863 | header->parent = &root_table_header; | ||
1864 | for (set = header->set; set; set = set->parent) { | ||
1865 | struct ctl_table_header *p; | ||
1866 | list_for_each_entry(p, &set->list, ctl_entry) { | ||
1867 | if (p->unregistering) | ||
1868 | continue; | ||
1869 | try_attach(p, header); | ||
1870 | } | ||
1871 | } | ||
1872 | header->parent->count++; | ||
1873 | list_add_tail(&header->ctl_entry, &header->set->list); | ||
1777 | spin_unlock(&sysctl_lock); | 1874 | spin_unlock(&sysctl_lock); |
1778 | 1875 | ||
1779 | return header; | 1876 | return header; |
@@ -1828,8 +1925,37 @@ void unregister_sysctl_table(struct ctl_table_header * header) | |||
1828 | 1925 | ||
1829 | spin_lock(&sysctl_lock); | 1926 | spin_lock(&sysctl_lock); |
1830 | start_unregistering(header); | 1927 | start_unregistering(header); |
1928 | if (!--header->parent->count) { | ||
1929 | WARN_ON(1); | ||
1930 | kfree(header->parent); | ||
1931 | } | ||
1932 | if (!--header->count) | ||
1933 | kfree(header); | ||
1831 | spin_unlock(&sysctl_lock); | 1934 | spin_unlock(&sysctl_lock); |
1832 | kfree(header); | 1935 | } |
1936 | |||
1937 | int sysctl_is_seen(struct ctl_table_header *p) | ||
1938 | { | ||
1939 | struct ctl_table_set *set = p->set; | ||
1940 | int res; | ||
1941 | spin_lock(&sysctl_lock); | ||
1942 | if (p->unregistering) | ||
1943 | res = 0; | ||
1944 | else if (!set->is_seen) | ||
1945 | res = 1; | ||
1946 | else | ||
1947 | res = set->is_seen(set); | ||
1948 | spin_unlock(&sysctl_lock); | ||
1949 | return res; | ||
1950 | } | ||
1951 | |||
1952 | void setup_sysctl_set(struct ctl_table_set *p, | ||
1953 | struct ctl_table_set *parent, | ||
1954 | int (*is_seen)(struct ctl_table_set *)) | ||
1955 | { | ||
1956 | INIT_LIST_HEAD(&p->list); | ||
1957 | p->parent = parent ? parent : &sysctl_table_root.default_set; | ||
1958 | p->is_seen = is_seen; | ||
1833 | } | 1959 | } |
1834 | 1960 | ||
1835 | #else /* !CONFIG_SYSCTL */ | 1961 | #else /* !CONFIG_SYSCTL */ |
@@ -1848,6 +1974,16 @@ void unregister_sysctl_table(struct ctl_table_header * table) | |||
1848 | { | 1974 | { |
1849 | } | 1975 | } |
1850 | 1976 | ||
1977 | void setup_sysctl_set(struct ctl_table_set *p, | ||
1978 | struct ctl_table_set *parent, | ||
1979 | int (*is_seen)(struct ctl_table_set *)) | ||
1980 | { | ||
1981 | } | ||
1982 | |||
1983 | void sysctl_head_put(struct ctl_table_header *head) | ||
1984 | { | ||
1985 | } | ||
1986 | |||
1851 | #endif /* CONFIG_SYSCTL */ | 1987 | #endif /* CONFIG_SYSCTL */ |
1852 | 1988 | ||
1853 | /* | 1989 | /* |