diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2007-10-18 12:05:57 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-18 23:37:23 +0200 |
commit | 49ffcf8f99e8d33ec8afb450956804af518fd788 (patch) | |
tree | f55aac9ddebb4f798ba8ff8152c73a73a3dc93a2 /kernel/sysctl_check.c | |
parent | sysctl: Error on bad sysctl tables (diff) | |
download | linux-49ffcf8f99e8d33ec8afb450956804af518fd788.tar.xz linux-49ffcf8f99e8d33ec8afb450956804af518fd788.zip |
sysctl: update sysctl_check_table
Well it turns out after I dug into the problems a little more I was returning
a few false positives so this patch updates my logic to remove them.
- Don't complain about 0 ctl_names in sysctl_check_binary_path
It is valid for someone to remove the sysctl binary interface
and still keep the same sysctl proc interface.
- Count ctl_names and procnames as matching if they both don't
exist.
- Only warn about missing min&max when the generic functions care.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to '')
-rw-r--r-- | kernel/sysctl_check.c | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/kernel/sysctl_check.c b/kernel/sysctl_check.c index 8bce52cc06d4..6aa4dee79431 100644 --- a/kernel/sysctl_check.c +++ b/kernel/sysctl_check.c @@ -565,6 +565,7 @@ static struct trans_ctl_table trans_net_ipv6_table[] = { { NET_IPV6_IP6FRAG_TIME, "ip6frag_time" }, { NET_IPV6_IP6FRAG_SECRET_INTERVAL, "ip6frag_secret_interval" }, { NET_IPV6_MLD_MAX_MSF, "mld_max_msf" }, + { 2088 /* IPQ_QMAX */, "ip6_queue_maxlen" }, {} }; @@ -723,6 +724,7 @@ static struct trans_ctl_table trans_net_table[] = { { NET_LLC, "llc", trans_net_llc_table }, { NET_NETFILTER, "netfilter", trans_net_netfilter_table }, { NET_DCCP, "dccp", trans_net_dccp_table }, + { 2089, "nf_conntrack_max" }, {} }; @@ -1421,12 +1423,14 @@ static int sysctl_check_dir(struct ctl_table *table) ref = sysctl_check_lookup(table); if (ref) { int match = 0; - if (table->procname && ref->procname && - (strcmp(table->procname, ref->procname) == 0)) + if ((!table->procname && !ref->procname) || + (table->procname && ref->procname && + (strcmp(table->procname, ref->procname) == 0))) match++; - if (table->ctl_name && ref->ctl_name && - (table->ctl_name == ref->ctl_name)) + if ((!table->ctl_name && !ref->ctl_name) || + (table->ctl_name && ref->ctl_name && + (table->ctl_name == ref->ctl_name))) match++; if (match != 2) { @@ -1463,8 +1467,8 @@ static void sysctl_check_bin_path(struct ctl_table *table, const char **fail) (strcmp(table->procname, ref->procname) != 0))) set_fail(fail, table, "procname does not match binary path procname"); - if (ref->ctl_name && - (!table->ctl_name || table->ctl_name != ref->ctl_name)) + if (ref->ctl_name && table->ctl_name && + (table->ctl_name != ref->ctl_name)) set_fail(fail, table, "ctl_name does not match binary path ctl_name"); } } @@ -1500,7 +1504,7 @@ int sysctl_check_table(struct ctl_table *table) if (table->extra2) set_fail(&fail, table, "Directory with extra2"); if (sysctl_check_dir(table)) - set_fail(&fail, table, "Inconsistent directory"); + set_fail(&fail, table, "Inconsistent directory names"); } else { if ((table->strategy == sysctl_data) || (table->strategy == sysctl_string) || @@ -1521,23 +1525,27 @@ int sysctl_check_table(struct ctl_table *table) if (!table->maxlen) set_fail(&fail, table, "No maxlen"); } - if ((table->strategy == sysctl_intvec) || - (table->proc_handler == proc_dointvec_minmax) || - (table->proc_handler == proc_doulongvec_minmax) || + if ((table->proc_handler == proc_doulongvec_minmax) || (table->proc_handler == proc_doulongvec_ms_jiffies_minmax)) { - if (!table->extra1) - set_fail(&fail, table, "No min"); - if (!table->extra2) - set_fail(&fail, table, "No max"); + if (table->maxlen > sizeof (unsigned long)) { + if (!table->extra1) + set_fail(&fail, table, "No min"); + if (!table->extra2) + set_fail(&fail, table, "No max"); + } } +#ifdef CONFIG_SYSCTL_SYSCALL if (table->ctl_name && !table->strategy) set_fail(&fail, table, "Missing strategy"); +#endif #if 0 if (!table->ctl_name && table->strategy) set_fail(&fail, table, "Strategy without ctl_name"); #endif +#ifdef CONFIG_PROC_FS if (table->procname && !table->proc_handler) set_fail(&fail, table, "No proc_handler"); +#endif #if 0 if (!table->procname && table->proc_handler) set_fail(&fail, table, "proc_handler without procname"); |