GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-06-25 16:11:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

sysctl: Stop implicitly passing current into sysctl_table_root.lookup

Browse source 
Passing nsproxy into sysctl_table_root.lookup was a premature
optimization in attempt to avoid depending on current.  The
directory /proc/self/sys has not appeared and if and when
it does this code will need to be reviewed closely and reworked
anyway.  So remove the premature optimization.

Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
This commit is contained in:
Eric W. Biederman 2016-07-16 15:22:55 -05:00
parent 29b4817d40
commit 13bcc6a285
3 changed files with 10 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

14
fs/proc/proc_sysctl.c
View file

@ -72,7 +72,7 @@ static DEFINE_SPINLOCK(sysctl_lock);
static void drop_sysctl_table(struct ctl_table_header *header); static void drop_sysctl_table(struct ctl_table_header *header);
static int sysctl_follow_link(struct ctl_table_header **phead, static int sysctl_follow_link(struct ctl_table_header **phead,
struct ctl_table **pentry, struct nsproxy *namespaces); struct ctl_table **pentry);
static int insert_links(struct ctl_table_header *head); static int insert_links(struct ctl_table_header *head);
static void put_links(struct ctl_table_header *header); static void put_links(struct ctl_table_header *header);
@ -319,11 +319,11 @@ static void sysctl_head_finish(struct ctl_table_header *head)
} }
static struct ctl_table_set * static struct ctl_table_set *
lookup_header_set(struct ctl_table_root *root, struct nsproxy *namespaces) lookup_header_set(struct ctl_table_root *root)
{ {
struct ctl_table_set *set = &root->default_set; struct ctl_table_set *set = &root->default_set;
if (root->lookup) if (root->lookup)
set = root->lookup(root, namespaces); set = root->lookup(root);
return set; return set;
} }
@ -491,7 +491,7 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry,
goto out; goto out;
if (S_ISLNK(p->mode)) { if (S_ISLNK(p->mode)) {
ret = sysctl_follow_link(&h, &p, current->nsproxy); ret = sysctl_follow_link(&h, &p);
err = ERR_PTR(ret); err = ERR_PTR(ret);
if (ret) if (ret)
goto out; goto out;
@ -659,7 +659,7 @@ static bool proc_sys_link_fill_cache(struct file *file,
if (S_ISLNK(table->mode)) { if (S_ISLNK(table->mode)) {
/* It is not an error if we can not follow the link ignore it */ /* It is not an error if we can not follow the link ignore it */
int err = sysctl_follow_link(&head, &table, current->nsproxy); int err = sysctl_follow_link(&head, &table);
if (err) if (err)
goto out; goto out;
} }
@ -976,7 +976,7 @@ static struct ctl_dir *xlate_dir(struct ctl_table_set *set, struct ctl_dir *dir)
} }
static int sysctl_follow_link(struct ctl_table_header **phead, static int sysctl_follow_link(struct ctl_table_header **phead,
struct ctl_table **pentry, struct nsproxy *namespaces) struct ctl_table **pentry)
{ {
struct ctl_table_header *head; struct ctl_table_header *head;
struct ctl_table_root *root; struct ctl_table_root *root;
@ -988,7 +988,7 @@ static int sysctl_follow_link(struct ctl_table_header **phead,
ret = 0; ret = 0;
spin_lock(&sysctl_lock); spin_lock(&sysctl_lock);
root = (*pentry)->data; root = (*pentry)->data;
set = lookup_header_set(root, namespaces); set = lookup_header_set(root);
dir = xlate_dir(set, (*phead)->parent); dir = xlate_dir(set, (*phead)->parent);
if (IS_ERR(dir)) if (IS_ERR(dir))
ret = PTR_ERR(dir); ret = PTR_ERR(dir);

3
include/linux/sysctl.h
View file

@ -155,8 +155,7 @@ struct ctl_table_set {
struct ctl_table_root { struct ctl_table_root {
struct ctl_table_set default_set; struct ctl_table_set default_set;
struct ctl_table_set *(*lookup)(struct ctl_table_root *root, struct ctl_table_set *(*lookup)(struct ctl_table_root *root);
struct nsproxy *namespaces);
int (*permissions)(struct ctl_table_header *head, struct ctl_table *table); int (*permissions)(struct ctl_table_header *head, struct ctl_table *table);
}; };

4
net/sysctl_net.c
View file

@ -27,9 +27,9 @@
#endif #endif
static struct ctl_table_set * static struct ctl_table_set *
net_ctl_header_lookup(struct ctl_table_root *root, struct nsproxy *namespaces) net_ctl_header_lookup(struct ctl_table_root *root)
{ {
return &namespaces->net_ns->sysctls; return &current->nsproxy->net_ns->sysctls;
} }
static int is_seen(struct ctl_table_set *set) static int is_seen(struct ctl_table_set *set)