Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
sysctl: Move tainted ctl_table into kernel/panic.c
Move the ctl_table with the "tainted" proc_name into kernel/panic.c.
With it moves the proc_tainted helper function.
This is part of a greater effort to move ctl tables into their
respective subsystems which will reduce the merge conflicts in
kernel/sysctl.c.
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Reviewed-by: Kees Cook <kees@kernel.org>
Signed-off-by: Joel Granados <joel.granados@kernel.org>
+50
-49
+50
kernel/panic.c
+50
kernel/panic.c
···
84
84
EXPORT_SYMBOL(panic_notifier_list);
85
85
86
86
#ifdef CONFIG_SYSCTL
87
+
88
+
/*
89
+
* Taint values can only be increased
90
+
* This means we can safely use a temporary.
91
+
*/
92
+
static int proc_taint(const struct ctl_table *table, int write,
93
+
void *buffer, size_t *lenp, loff_t *ppos)
94
+
{
95
+
struct ctl_table t;
96
+
unsigned long tmptaint = get_taint();
97
+
int err;
98
+
99
+
if (write && !capable(CAP_SYS_ADMIN))
100
+
return -EPERM;
101
+
102
+
t = *table;
103
+
t.data = &tmptaint;
104
+
err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
105
+
if (err < 0)
106
+
return err;
107
+
108
+
if (write) {
109
+
int i;
110
+
111
+
/*
112
+
* If we are relying on panic_on_taint not producing
113
+
* false positives due to userspace input, bail out
114
+
* before setting the requested taint flags.
115
+
*/
116
+
if (panic_on_taint_nousertaint && (tmptaint & panic_on_taint))
117
+
return -EINVAL;
118
+
119
+
/*
120
+
* Poor man's atomic or. Not worth adding a primitive
121
+
* to everyone's atomic.h for this
122
+
*/
123
+
for (i = 0; i < TAINT_FLAGS_COUNT; i++)
124
+
if ((1UL << i) & tmptaint)
125
+
add_taint(i, LOCKDEP_STILL_OK);
126
+
}
127
+
128
+
return err;
129
+
}
130
+
87
131
static const struct ctl_table kern_panic_table[] = {
88
132
#ifdef CONFIG_SMP
89
133
{
···
140
96
.extra2 = SYSCTL_ONE,
141
97
},
142
98
#endif
99
+
{
100
+
.procname = "tainted",
101
+
.maxlen = sizeof(long),
102
+
.mode = 0644,
103
+
.proc_handler = proc_taint,
104
+
},
143
105
{
144
106
.procname = "panic",
145
107
.data = &panic_timeout,
-49
kernel/sysctl.c
-49
kernel/sysctl.c
···
731
731
do_proc_douintvec_conv, NULL);
732
732
}
733
733
734
-
/*
735
-
* Taint values can only be increased
736
-
* This means we can safely use a temporary.
737
-
*/
738
-
static int proc_taint(const struct ctl_table *table, int write,
739
-
void *buffer, size_t *lenp, loff_t *ppos)
740
-
{
741
-
struct ctl_table t;
742
-
unsigned long tmptaint = get_taint();
743
-
int err;
744
-
745
-
if (write && !capable(CAP_SYS_ADMIN))
746
-
return -EPERM;
747
-
748
-
t = *table;
749
-
t.data = &tmptaint;
750
-
err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
751
-
if (err < 0)
752
-
return err;
753
-
754
-
if (write) {
755
-
int i;
756
-
757
-
/*
758
-
* If we are relying on panic_on_taint not producing
759
-
* false positives due to userspace input, bail out
760
-
* before setting the requested taint flags.
761
-
*/
762
-
if (panic_on_taint_nousertaint && (tmptaint & panic_on_taint))
763
-
return -EINVAL;
764
-
765
-
/*
766
-
* Poor man's atomic or. Not worth adding a primitive
767
-
* to everyone's atomic.h for this
768
-
*/
769
-
for (i = 0; i < TAINT_FLAGS_COUNT; i++)
770
-
if ((1UL << i) & tmptaint)
771
-
add_taint(i, LOCKDEP_STILL_OK);
772
-
}
773
-
774
-
return err;
775
-
}
776
-
777
734
/**
778
735
* struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure
779
736
* @min: pointer to minimum allowable value
···
1514
1557
1515
1558
static const struct ctl_table kern_table[] = {
1516
1559
#ifdef CONFIG_PROC_SYSCTL
1517
-
{
1518
-
.procname = "tainted",
1519
-
.maxlen = sizeof(long),
1520
-
.mode = 0644,
1521
-
.proc_handler = proc_taint,
1522
-
},
1523
1560
{
1524
1561
.procname = "sysctl_writes_strict",
1525
1562
.data = &sysctl_writes_strict,