[PATCH 01/10] sysctl: Stop implicitly passing current into sysctl_table_root.lookup
Serge E. Hallyn
serge at hallyn.com
Wed Jul 20 05:06:44 UTC 2016
Quoting Eric W. Biederman (ebiederm at xmission.com):
> Passing nsproxy into sysctl_table_root.lookup was a premature
> optimization in attempt to avoid depending on current. The
> directory /proc/self/sys has not appeared and if and when
> it does this code will need to be reviewed closely and reworked
> anyway. So remove the premature optimization.
>
> Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
Acked-by: Serge Hallyn <serge at hallyn.com>
> ---
> fs/proc/proc_sysctl.c | 14 +++++++-------
> include/linux/sysctl.h | 3 +--
> net/sysctl_net.c | 4 ++--
> 3 files changed, 10 insertions(+), 11 deletions(-)
>
> diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
> index 5e57c3e46e1d..534630687489 100644
> --- a/fs/proc/proc_sysctl.c
> +++ b/fs/proc/proc_sysctl.c
> @@ -72,7 +72,7 @@ static DEFINE_SPINLOCK(sysctl_lock);
>
> static void drop_sysctl_table(struct ctl_table_header *header);
> static int sysctl_follow_link(struct ctl_table_header **phead,
> - struct ctl_table **pentry, struct nsproxy *namespaces);
> + struct ctl_table **pentry);
> static int insert_links(struct ctl_table_header *head);
> static void put_links(struct ctl_table_header *header);
>
> @@ -319,11 +319,11 @@ static void sysctl_head_finish(struct ctl_table_header *head)
> }
>
> static struct ctl_table_set *
> -lookup_header_set(struct ctl_table_root *root, struct nsproxy *namespaces)
> +lookup_header_set(struct ctl_table_root *root)
> {
> struct ctl_table_set *set = &root->default_set;
> if (root->lookup)
> - set = root->lookup(root, namespaces);
> + set = root->lookup(root);
> return set;
> }
>
> @@ -491,7 +491,7 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry,
> goto out;
>
> if (S_ISLNK(p->mode)) {
> - ret = sysctl_follow_link(&h, &p, current->nsproxy);
> + ret = sysctl_follow_link(&h, &p);
> err = ERR_PTR(ret);
> if (ret)
> goto out;
> @@ -659,7 +659,7 @@ static bool proc_sys_link_fill_cache(struct file *file,
>
> if (S_ISLNK(table->mode)) {
> /* It is not an error if we can not follow the link ignore it */
> - int err = sysctl_follow_link(&head, &table, current->nsproxy);
> + int err = sysctl_follow_link(&head, &table);
> if (err)
> goto out;
> }
> @@ -976,7 +976,7 @@ static struct ctl_dir *xlate_dir(struct ctl_table_set *set, struct ctl_dir *dir)
> }
>
> static int sysctl_follow_link(struct ctl_table_header **phead,
> - struct ctl_table **pentry, struct nsproxy *namespaces)
> + struct ctl_table **pentry)
> {
> struct ctl_table_header *head;
> struct ctl_table_root *root;
> @@ -988,7 +988,7 @@ static int sysctl_follow_link(struct ctl_table_header **phead,
> ret = 0;
> spin_lock(&sysctl_lock);
> root = (*pentry)->data;
> - set = lookup_header_set(root, namespaces);
> + set = lookup_header_set(root);
> dir = xlate_dir(set, (*phead)->parent);
> if (IS_ERR(dir))
> ret = PTR_ERR(dir);
> diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
> index fa7bc29925c9..6385b331f2b9 100644
> --- a/include/linux/sysctl.h
> +++ b/include/linux/sysctl.h
> @@ -154,8 +154,7 @@ struct ctl_table_set {
>
> struct ctl_table_root {
> struct ctl_table_set default_set;
> - struct ctl_table_set *(*lookup)(struct ctl_table_root *root,
> - struct nsproxy *namespaces);
> + struct ctl_table_set *(*lookup)(struct ctl_table_root *root);
> int (*permissions)(struct ctl_table_header *head, struct ctl_table *table);
> };
>
> diff --git a/net/sysctl_net.c b/net/sysctl_net.c
> index ed98c1fc3de1..2951f229a855 100644
> --- a/net/sysctl_net.c
> +++ b/net/sysctl_net.c
> @@ -27,9 +27,9 @@
> #endif
>
> static struct ctl_table_set *
> -net_ctl_header_lookup(struct ctl_table_root *root, struct nsproxy *namespaces)
> +net_ctl_header_lookup(struct ctl_table_root *root)
> {
> - return &namespaces->net_ns->sysctls;
> + return ¤t->nsproxy->net_ns->sysctls;
> }
>
> static int is_seen(struct ctl_table_set *set)
> --
> 2.8.3
More information about the Containers
mailing list