Commit 13bcc6a2 authored by Eric W. Biederman's avatar Eric W. Biederman

sysctl: Stop implicitly passing current into sysctl_table_root.lookup

Passing nsproxy into sysctl_table_root.lookup was a premature
optimization in attempt to avoid depending on current.  The
directory /proc/self/sys has not appeared and if and when
it does this code will need to be reviewed closely and reworked
anyway.  So remove the premature optimization.
Acked-by: default avatarKees Cook <keescook@chromium.org>
Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
parent 29b4817d
...@@ -72,7 +72,7 @@ static DEFINE_SPINLOCK(sysctl_lock); ...@@ -72,7 +72,7 @@ static DEFINE_SPINLOCK(sysctl_lock);
static void drop_sysctl_table(struct ctl_table_header *header); static void drop_sysctl_table(struct ctl_table_header *header);
static int sysctl_follow_link(struct ctl_table_header **phead, static int sysctl_follow_link(struct ctl_table_header **phead,
struct ctl_table **pentry, struct nsproxy *namespaces); struct ctl_table **pentry);
static int insert_links(struct ctl_table_header *head); static int insert_links(struct ctl_table_header *head);
static void put_links(struct ctl_table_header *header); static void put_links(struct ctl_table_header *header);
...@@ -319,11 +319,11 @@ static void sysctl_head_finish(struct ctl_table_header *head) ...@@ -319,11 +319,11 @@ static void sysctl_head_finish(struct ctl_table_header *head)
} }
static struct ctl_table_set * static struct ctl_table_set *
lookup_header_set(struct ctl_table_root *root, struct nsproxy *namespaces) lookup_header_set(struct ctl_table_root *root)
{ {
struct ctl_table_set *set = &root->default_set; struct ctl_table_set *set = &root->default_set;
if (root->lookup) if (root->lookup)
set = root->lookup(root, namespaces); set = root->lookup(root);
return set; return set;
} }
...@@ -491,7 +491,7 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry, ...@@ -491,7 +491,7 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry,
goto out; goto out;
if (S_ISLNK(p->mode)) { if (S_ISLNK(p->mode)) {
ret = sysctl_follow_link(&h, &p, current->nsproxy); ret = sysctl_follow_link(&h, &p);
err = ERR_PTR(ret); err = ERR_PTR(ret);
if (ret) if (ret)
goto out; goto out;
...@@ -659,7 +659,7 @@ static bool proc_sys_link_fill_cache(struct file *file, ...@@ -659,7 +659,7 @@ static bool proc_sys_link_fill_cache(struct file *file,
if (S_ISLNK(table->mode)) { if (S_ISLNK(table->mode)) {
/* It is not an error if we can not follow the link ignore it */ /* It is not an error if we can not follow the link ignore it */
int err = sysctl_follow_link(&head, &table, current->nsproxy); int err = sysctl_follow_link(&head, &table);
if (err) if (err)
goto out; goto out;
} }
...@@ -976,7 +976,7 @@ static struct ctl_dir *xlate_dir(struct ctl_table_set *set, struct ctl_dir *dir) ...@@ -976,7 +976,7 @@ static struct ctl_dir *xlate_dir(struct ctl_table_set *set, struct ctl_dir *dir)
} }
static int sysctl_follow_link(struct ctl_table_header **phead, static int sysctl_follow_link(struct ctl_table_header **phead,
struct ctl_table **pentry, struct nsproxy *namespaces) struct ctl_table **pentry)
{ {
struct ctl_table_header *head; struct ctl_table_header *head;
struct ctl_table_root *root; struct ctl_table_root *root;
...@@ -988,7 +988,7 @@ static int sysctl_follow_link(struct ctl_table_header **phead, ...@@ -988,7 +988,7 @@ static int sysctl_follow_link(struct ctl_table_header **phead,
ret = 0; ret = 0;
spin_lock(&sysctl_lock); spin_lock(&sysctl_lock);
root = (*pentry)->data; root = (*pentry)->data;
set = lookup_header_set(root, namespaces); set = lookup_header_set(root);
dir = xlate_dir(set, (*phead)->parent); dir = xlate_dir(set, (*phead)->parent);
if (IS_ERR(dir)) if (IS_ERR(dir))
ret = PTR_ERR(dir); ret = PTR_ERR(dir);
......
...@@ -155,8 +155,7 @@ struct ctl_table_set { ...@@ -155,8 +155,7 @@ struct ctl_table_set {
struct ctl_table_root { struct ctl_table_root {
struct ctl_table_set default_set; struct ctl_table_set default_set;
struct ctl_table_set *(*lookup)(struct ctl_table_root *root, struct ctl_table_set *(*lookup)(struct ctl_table_root *root);
struct nsproxy *namespaces);
int (*permissions)(struct ctl_table_header *head, struct ctl_table *table); int (*permissions)(struct ctl_table_header *head, struct ctl_table *table);
}; };
......
...@@ -27,9 +27,9 @@ ...@@ -27,9 +27,9 @@
#endif #endif
static struct ctl_table_set * static struct ctl_table_set *
net_ctl_header_lookup(struct ctl_table_root *root, struct nsproxy *namespaces) net_ctl_header_lookup(struct ctl_table_root *root)
{ {
return &namespaces->net_ns->sysctls; return &current->nsproxy->net_ns->sysctls;
} }
static int is_seen(struct ctl_table_set *set) static int is_seen(struct ctl_table_set *set)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment