summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/ntfs/sysctl.c8
-rw-r--r--include/linux/sysctl.h1
-rw-r--r--net/decnet/dn_dev.c5
-rw-r--r--net/ipv4/devinet.c5
-rw-r--r--net/ipv6/addrconf.c5
-rw-r--r--security/selinux/hooks.c39
6 files changed, 37 insertions, 26 deletions
diff --git a/fs/ntfs/sysctl.c b/fs/ntfs/sysctl.c
index 1f1ee4c9..4847fbf 100644
--- a/fs/ntfs/sysctl.c
+++ b/fs/ntfs/sysctl.c
@@ -73,14 +73,6 @@ int ntfs_sysctl(int add)
sysctls_root_table = register_sysctl_table(sysctls_root);
if (!sysctls_root_table)
return -ENOMEM;
-#ifdef CONFIG_PROC_FS
- /*
- * If the proc filesystem is in use and we are a module, need
- * to set the owner of our proc entry to our module. In the
- * non-modular case, THIS_MODULE is NULL, so this is ok.
- */
- ntfs_sysctls[0].de->owner = THIS_MODULE;
-#endif
} else {
BUG_ON(!sysctls_root_table);
unregister_sysctl_table(sysctls_root_table);
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 1371d7b..2c5fb38 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -1025,7 +1025,6 @@ struct ctl_table
ctl_table *parent; /* Automatically set */
proc_handler *proc_handler; /* Callback for text formatting */
ctl_handler *strategy; /* Callback function for all r/w */
- struct proc_dir_entry *de; /* /proc control block */
void *extra1;
void *extra2;
};
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index 0977df4..060d725 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -261,7 +261,6 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
for(i = 0; i < ARRAY_SIZE(t->dn_dev_vars) - 1; i++) {
long offset = (long)t->dn_dev_vars[i].data;
t->dn_dev_vars[i].data = ((char *)parms) + offset;
- t->dn_dev_vars[i].de = NULL;
}
if (dev) {
@@ -273,13 +272,9 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
}
t->dn_dev_dev[0].child = t->dn_dev_vars;
- t->dn_dev_dev[0].de = NULL;
t->dn_dev_conf_dir[0].child = t->dn_dev_dev;
- t->dn_dev_conf_dir[0].de = NULL;
t->dn_dev_proto_dir[0].child = t->dn_dev_conf_dir;
- t->dn_dev_proto_dir[0].de = NULL;
t->dn_dev_root_dir[0].child = t->dn_dev_proto_dir;
- t->dn_dev_root_dir[0].de = NULL;
t->dn_dev_vars[0].extra1 = (void *)dev;
t->sysctl_header = register_sysctl_table(t->dn_dev_root_dir);
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index bf3eb2d..8a0ec10 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -1576,7 +1576,6 @@ static void devinet_sysctl_register(struct in_device *in_dev,
return;
for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
- t->devinet_vars[i].de = NULL;
}
if (dev) {
@@ -1598,13 +1597,9 @@ static void devinet_sysctl_register(struct in_device *in_dev,
t->devinet_dev[0].procname = dev_name;
t->devinet_dev[0].child = t->devinet_vars;
- t->devinet_dev[0].de = NULL;
t->devinet_conf_dir[0].child = t->devinet_dev;
- t->devinet_conf_dir[0].de = NULL;
t->devinet_proto_dir[0].child = t->devinet_conf_dir;
- t->devinet_proto_dir[0].de = NULL;
t->devinet_root_dir[0].child = t->devinet_proto_dir;
- t->devinet_root_dir[0].de = NULL;
t->sysctl_header = register_sysctl_table(t->devinet_root_dir);
if (!t->sysctl_header)
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 34d80b4..569a37d 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -3998,7 +3998,6 @@ static void addrconf_sysctl_register(struct inet6_dev *idev, struct ipv6_devconf
return;
for (i=0; t->addrconf_vars[i].data; i++) {
t->addrconf_vars[i].data += (char*)p - (char*)&ipv6_devconf;
- t->addrconf_vars[i].de = NULL;
t->addrconf_vars[i].extra1 = idev; /* embedded; no ref */
}
if (dev) {
@@ -4021,13 +4020,9 @@ static void addrconf_sysctl_register(struct inet6_dev *idev, struct ipv6_devconf
t->addrconf_dev[0].procname = dev_name;
t->addrconf_dev[0].child = t->addrconf_vars;
- t->addrconf_dev[0].de = NULL;
t->addrconf_conf_dir[0].child = t->addrconf_dev;
- t->addrconf_conf_dir[0].de = NULL;
t->addrconf_proto_dir[0].child = t->addrconf_conf_dir;
- t->addrconf_proto_dir[0].de = NULL;
t->addrconf_root_dir[0].child = t->addrconf_proto_dir;
- t->addrconf_root_dir[0].de = NULL;
t->sysctl_header = register_sysctl_table(t->addrconf_root_dir);
if (t->sysctl_header == NULL)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 35eb8de..118ddfb 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1423,6 +1423,41 @@ static int selinux_capable(struct task_struct *tsk, int cap)
return task_has_capability(tsk,cap);
}
+static int selinux_sysctl_get_sid(ctl_table *table, u16 tclass, u32 *sid)
+{
+ int buflen, rc;
+ char *buffer, *path, *end;
+
+ rc = -ENOMEM;
+ buffer = (char*)__get_free_page(GFP_KERNEL);
+ if (!buffer)
+ goto out;
+
+ buflen = PAGE_SIZE;
+ end = buffer+buflen;
+ *--end = '\0';
+ buflen--;
+ path = end-1;
+ *path = '/';
+ while (table) {
+ const char *name = table->procname;
+ size_t namelen = strlen(name);
+ buflen -= namelen + 1;
+ if (buflen < 0)
+ goto out_free;
+ end -= namelen;
+ memcpy(end, name, namelen);
+ *--end = '/';
+ path = end;
+ table = table->parent;
+ }
+ rc = security_genfs_sid("proc", path, tclass, sid);
+out_free:
+ free_page((unsigned long)buffer);
+out:
+ return rc;
+}
+
static int selinux_sysctl(ctl_table *table, int op)
{
int error = 0;
@@ -1437,8 +1472,8 @@ static int selinux_sysctl(ctl_table *table, int op)
tsec = current->security;
- rc = selinux_proc_get_sid(table->de, (op == 001) ?
- SECCLASS_DIR : SECCLASS_FILE, &tsid);
+ rc = selinux_sysctl_get_sid(table, (op == 0001) ?
+ SECCLASS_DIR : SECCLASS_FILE, &tsid);
if (rc) {
/* Default to the well-defined sysctl SID. */
tsid = SECINITSID_SYSCTL;
OpenPOWER on IntegriCloud