1. 22 Mar, 2012 1 commit
    • Lucas De Marchi's avatar
      sysctl: protect poll() in entries that may go away · 4e474a00
      Lucas De Marchi authored
      Protect code accessing ctl_table by grabbing the header with grab_header()
      and after releasing with sysctl_head_finish().  This is needed if poll()
      is called in entries created by modules: currently only hostname and
      domainname support poll(), but this bug may be triggered when/if modules
      use it and if user called poll() in a file that doesn't support it.
      
      Dave Jones reported the following when using a syscall fuzzer while
      hibernating/resuming:
      
      RIP: 0010:[<ffffffff81233e3e>]  [<ffffffff81233e3e>] proc_sys_poll+0x4e/0x90
      RAX: 0000000000000145 RBX: ffff88020cab6940 RCX: 0000000000000000
      RDX: ffffffff81233df0 RSI: 6b6b6b6b6b6b6b6b RDI: ffff88020cab6940
      [ ... ]
      Code: 00 48 89 fb 48 89 f1 48 8b 40 30 4c 8b 60 e8 b8 45 01 00 00 49 83
      7c 24 28 00 74 2e 49 8b 74 24 30 48 85 f6 74 24 48 85 c9 75 32 <8b> 16
      b8 45 01 00 00 48 63 d2 49 39 d5 74 10 8b 06 48 98 48 89
      
      If an entry goes away while we are polling() it, ctl_table may not exist
      anymore.
      Reported-by: default avatarDave Jones <davej@redhat.com>
      Signed-off-by: default avatarLucas De Marchi <lucas.demarchi@profusion.mobi>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      4e474a00
  2. 02 Feb, 2012 4 commits
  3. 31 Jan, 2012 2 commits
  4. 25 Jan, 2012 29 commits
    • Eric W. Biederman's avatar
      sysctl: Add register_sysctl for normal sysctl users · fea478d4
      Eric W. Biederman authored
      The plan is to convert all callers of register_sysctl_table
      and register_sysctl_paths to register_sysctl.  The interface
      to register_sysctl is enough nicer this should make the callers
      a bit more readable.  Additionally after the conversion the
      230 lines of backwards compatibility can be removed.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      fea478d4
    • Eric W. Biederman's avatar
      sysctl: Index sysctl directories with rbtrees. · ac13ac6f
      Eric W. Biederman authored
      One of the most important jobs of sysctl is to export network stack
      tunables.  Several of those tunables are per network device.  In
      several instances people are running with 1000+ network devices in
      there network stacks, which makes the simple per directory linked list
      in sysctl a scaling bottleneck.   Replace O(N^2) sysctl insertion and
      lookup times with O(NlogN) by using an rbtree to index the sysctl
      directories.
      
      Benchmark before:
          make-dummies 0 999 -> 0.32s
          rmmod dummy        -> 0.12s
          make-dummies 0 9999 -> 1m17s
          rmmod dummy         -> 17s
      
      Benchmark after:
          make-dummies 0 999 -> 0.074s
          rmmod dummy        -> 0.070s
          make-dummies 0 9999 -> 3.4s
          rmmod dummy         -> 0.44s
      
      Benchmark after (without dev_snmp6):
          make-dummies 0 9999 -> 0.75s
          rmmod dummy         -> 0.44s
          make-dummies 0 99999 -> 11s
          rmmod dummy          -> 4.3s
      
      At 10,000 dummy devices the bottleneck becomes the time to add and
      remove the files under /proc/sys/net/dev_snmp6.  I have commented
      out the code that adds and removes files under /proc/sys/net/dev_snmp6
      and taken measurments of creating and destroying 100,000 dummies to
      verify the sysctl continues to scale.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      ac13ac6f
    • Eric W. Biederman's avatar
      sysctl: Make the header lists per directory. · 9e3d47df
      Eric W. Biederman authored
      Slightly enhance efficiency and clarity of the code by making the
      header list per directory instead of per set.
      
      Benchmark before:
          make-dummies 0 999 -> 0.63s
          rmmod dummy        -> 0.12s
          make-dummies 0 9999 -> 2m35s
          rmmod dummy         -> 18s
      
      Benchmark after:
          make-dummies 0 999 -> 0.32s
          rmmod dummy        -> 0.12s
          make-dummies 0 9999 -> 1m17s
          rmmod dummy         -> 17s
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      9e3d47df
    • Eric W. Biederman's avatar
      sysctl: Move sysctl_check_dups into insert_header · e54012ce
      Eric W. Biederman authored
      Simplify the callers of insert_header by removing explicit calls to check
      for duplicates and instead have insert_header do the work.
      
      This makes the code slightly more maintainable by enabling changes to
      data structures where the insertion of new entries without duplicate
      suppression is not possible.
      
      There is not always a convenient path string where insert_header
      is called so modify sysctl_check_dups to use sysctl_print_dir
      when printing the full path when a duplicate is discovered.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      e54012ce
    • Eric W. Biederman's avatar
      sysctl: Modify __register_sysctl_paths to take a set instead of a root and an nsproxy · 60a47a2e
      Eric W. Biederman authored
      An nsproxy argument here has always been awkard and now the nsproxy argument
      is completely unnecessary so remove it, replacing it with the set we want
      the registered tables to show up in.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      60a47a2e
    • Eric W. Biederman's avatar
      sysctl: Replace root_list with links between sysctl_table_sets. · 0e47c99d
      Eric W. Biederman authored
      Piecing together directories by looking first in one directory
      tree, than in another directory tree and finally in a third
      directory tree makes it hard to verify that some directory
      entries are not multiply defined and makes it hard to create
      efficient implementations the sysctl filesystem.
      
      Replace the sysctl wide list of roots with autogenerated
      links from the core sysctl directory tree to the other
      sysctl directory trees.
      
      This simplifies sysctl directory reading and lookups as now
      only entries in a single sysctl directory tree need to be
      considered.
      
      Benchmark before:
          make-dummies 0 999 -> 0.44s
          rmmod dummy        -> 0.065s
          make-dummies 0 9999 -> 1m36s
          rmmod dummy         -> 0.4s
      
      Benchmark after:
          make-dummies 0 999 -> 0.63s
          rmmod dummy        -> 0.12s
          make-dummies 0 9999 -> 2m35s
          rmmod dummy         -> 18s
      
      The slowdown is caused by the lookups used in insert_headers
      and put_links to see if we need to add links or remove links.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      0e47c99d
    • Eric W. Biederman's avatar
      sysctl: Add sysctl_print_dir and use it in get_subdir · 6980128f
      Eric W. Biederman authored
      When there are errors it is very nice to know the full sysctl path.
      Add a simple function that computes the sysctl path and prints it
      out.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      6980128f
    • Eric W. Biederman's avatar
      sysctl: Stop requiring explicit management of sysctl directories · 7ec66d06
      Eric W. Biederman authored
      Simplify the code and the sysctl semantics by autogenerating
      sysctl directories when a sysctl table is registered that needs
      the directories and autodeleting the directories when there are
      no more sysctl tables registered that need them.
      
      Autogenerating directories keeps sysctl tables from depending
      on each other, removing all of the arcane register/unregister
      ordering constraints and makes it impossible to get the order
      wrong when reigsering and unregistering sysctl tables.
      
      Autogenerating directories yields one unique entity that dentries
      can point to, retaining the current effective use of the dcache.
      
      Add struct ctl_dir as the type of these new autogenerated
      directories.
      
      The attached_by and attached_to fields in ctl_table_header are
      removed as they are no longer needed.
      
      The child field in ctl_table is no longer needed by the core of
      the sysctl code.  ctl_table.child can be removed once all of the
      existing users have been updated.
      
      Benchmark before:
          make-dummies 0 999 -> 0.7s
          rmmod dummy        -> 0.07s
          make-dummies 0 9999 -> 1m10s
          rmmod dummy         -> 0.4s
      
      Benchmark after:
          make-dummies 0 999 -> 0.44s
          rmmod dummy        -> 0.065s
          make-dummies 0 9999 -> 1m36s
          rmmod dummy         -> 0.4s
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      7ec66d06
    • Eric W. Biederman's avatar
      sysctl: Add a root pointer to ctl_table_set · 9eb47c26
      Eric W. Biederman authored
      Add a ctl_table_root pointer to ctl_table set so it is easy to
      go from a ctl_table_set to a ctl_table_root.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      9eb47c26
    • Eric W. Biederman's avatar
      sysctl: Rewrite proc_sys_readdir in terms of first_entry and next_entry · 6a75ce16
      Eric W. Biederman authored
      Replace sysctl_head_next with first_entry and next_entry.  These new
      iterators operate at the level of sysctl table entries and filter
      out any sysctl tables that should not be shown.
      
      Utilizing two specialized functions instead of a single function removes
      conditionals for handling awkward special cases that only come up
      at the beginning of iteration, making the iterators easier to read
      and understand.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      6a75ce16
    • Eric W. Biederman's avatar
      sysctl: Rewrite proc_sys_lookup introducing find_entry and lookup_entry. · 076c3eed
      Eric W. Biederman authored
      Replace the helpers that proc_sys_lookup uses with helpers that work
      in terms of an entire sysctl directory.  This is worse for sysctl_lock
      hold times but it is much better for code clarity and the code cleanups
      to come.
      
      find_in_table is no longer needed so it is removed.
      
      find_entry a general helper to find entries in a directory is added.
      
      lookup_entry is a simple wrapper around find_entry that takes the
      sysctl_lock increases the use count if an entry is found and drops
      the sysctl_lock.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      076c3eed
    • Eric W. Biederman's avatar
      sysctl: Normalize the root_table data structure. · a194558e
      Eric W. Biederman authored
      Every other directory has a .child member and we look at the .child
      for our entries.  Do the same for the root_table.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      a194558e
    • Eric W. Biederman's avatar
    • Eric W. Biederman's avatar
      sysctl: Factor out init_header from __register_sysctl_paths · e0d04529
      Eric W. Biederman authored
      Factor out a routing to initialize the sysctl_table_header.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      e0d04529
    • Eric W. Biederman's avatar
      sysctl: Initial support for auto-unregistering sysctl tables. · 938aaa4f
      Eric W. Biederman authored
      Add nreg to ctl_table_header.  When nreg drops to 0 the ctl_table_header
      will be unregistered.
      
      Factor out drop_sysctl_table from unregister_sysctl_table, and add
      the logic for decrementing nreg.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      938aaa4f
    • Eric W. Biederman's avatar
      sysctl: A more obvious version of grab_header. · 3cc3e046
      Eric W. Biederman authored
      Instead of relying on sysct_head_next(NULL) to magically
      return the right header for the root directory instead
      explicitly transform NULL into the root directories header.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      3cc3e046
    • Eric W. Biederman's avatar
      sysctl: Remove the now unused ctl_table parent field. · 8d6ecfcc
      Eric W. Biederman authored
      While useful at one time for selinux and the sysctl sanity
      checks those users no longer use the parent field and we can
      safely remove it.
      Inspired-by: default avatarLucian Adrian Grijincu <lucian.grijincu@gmil.com>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      8d6ecfcc
    • Eric W. Biederman's avatar
      sysctl: Improve the sysctl sanity checks · 7c60c48f
      Eric W. Biederman authored
      - Stop validating subdirectories now that we only register leaf tables
      
      - Cleanup and improve the duplicate filename check.
        * Run the duplicate filename check under the sysctl_lock to guarantee
          we never add duplicate names.
        * Reduce the duplicate filename check to nearly O(M*N) where M is the
          number of entries in tthe table we are registering and N is the
          number of entries in the directory before we got there.
      
      - Move the duplicate filename check into it's own function and call
        it directtly from __register_sysctl_table
      
      - Kill the config option as the sanity checks are now cheap enough
        the config option is unnecessary. The original reason for the config
        option was because we had a huge table used to verify the proc filename
        to binary sysctl mapping.  That table has now evolved into the binary_sysctl
        translation layer and is no longer part of the sysctl_check code.
      
      - Tighten up the permission checks.  Guarnateeing that files only have read
        or write permissions.
      
      - Removed redudant check for parents having a procname as now everything has
        a procname.
      
      - Generalize the backtrace logic so that we print a backtrace from
        any failure of __register_sysctl_table that was not caused by
        a memmory allocation failure.  The backtrace allows us to track
        down who erroneously registered a sysctl table.
      
      Bechmark before (CONFIG_SYSCTL_CHECK=y):
          make-dummies 0 999 -> 12s
          rmmod dummy        -> 0.08s
      
      Bechmark before (CONFIG_SYSCTL_CHECK=n):
          make-dummies 0 999 -> 0.7s
          rmmod dummy        -> 0.06s
          make-dummies 0 99999 -> 1m13s
          rmmod dummy          -> 0.38s
      
      Benchmark after:
          make-dummies 0 999 -> 0.65s
          rmmod dummy        -> 0.055s
          make-dummies 0 9999 -> 1m10s
          rmmod dummy         -> 0.39s
      
      The sysctl sanity checks now impose no measurable cost.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      7c60c48f
    • Eric W. Biederman's avatar
      sysctl: register only tables of sysctl files · f728019b
      Eric W. Biederman authored
      Split the registration of a complex ctl_table array which may have
      arbitrary numbers of directories (->child != NULL) and tables of files
      into a series of simpler registrations that only register tables of files.
      
      Graphically:
      
         register('dir', { + file-a
                           + file-b
                           + subdir1
                             + file-c
                           + subdir2
                             + file-d
                             + file-e })
      
      is transformed into:
         wrapper->subheaders[0] = register('dir', {file1-a, file1-b})
         wrapper->subheaders[1] = register('dir/subdir1', {file-c})
         wrapper->subheaders[2] = register('dir/subdir2', {file-d, file-e})
         return wrapper
      
      This guarantees that __register_sysctl_table will only see a simple
      ctl_table array with all entries having (->child == NULL).
      
      Care was taken to pass the original simple ctl_table arrays to
      __register_sysctl_table whenever possible.
      
      This change is derived from a similar patch written
      by Lucrian Grijincu.
      Inspired-by: default avatarLucian Adrian Grijincu <lucian.grijincu@gmail.com>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      f728019b
    • Eric W. Biederman's avatar
      sysctl: Add ctl_table chains into cstring paths · ec6a5266
      Eric W. Biederman authored
      For any component of table passed to __register_sysctl_paths
      that actually serves as a path, add that to the cstring path
      that is passed to __register_sysctl_table.
      
      The result is that for most calls to __register_sysctl_paths
      we only pass a table to __register_sysctl_table that contains
      no child directories.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      ec6a5266
    • Eric W. Biederman's avatar
      sysctl: Add support for register sysctl tables with a normal cstring path. · 6e9d5164
      Eric W. Biederman authored
      Make __register_sysctl_table the core sysctl registration operation and
      make it take a char * string as path.
      
      Now that binary paths have been banished into the real of backwards
      compatibility in kernel/binary_sysctl.c where they can be safely
      ignored there is no longer a need to use struct ctl_path to represent
      path names when registering ctl_tables.
      
      Start the transition to using normal char * strings to represent
      pathnames when registering sysctl tables.  Normal strings are easier
      to deal with both in the internal sysctl implementation and for
      programmers registering sysctl tables.
      
      __register_sysctl_paths is turned into a backwards compatibility wrapper
      that converts a ctl_path array into a normal char * string.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      6e9d5164
    • Eric W. Biederman's avatar
      sysctl: Create local copies of directory names used in paths · f05e53a7
      Eric W. Biederman authored
      Creating local copies of directory names is a good idea for
      two reasons.
      - The dynamic names used by callers must be copied into new
        strings by the callers today to ensure the strings do not
        change between register and unregister of the sysctl table.
      
      - Sysctl directories have a potentially different lifetime
        than the time between register and unregister of any
        particular sysctl table.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      f05e53a7
    • Eric W. Biederman's avatar
      sysctl: Remove the unnecessary sysctl_set parent concept. · bd295b56
      Eric W. Biederman authored
      In sysctl_net register the two networking roots in the proper order.
      
      In register_sysctl walk the sysctl sets in the reverse order of the
      sysctl roots.
      
      Remove parent from ctl_table_set and setup_sysctl_set as it is no
      longer needed.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      bd295b56
    • Eric W. Biederman's avatar
      sysctl: Implement retire_sysctl_set · 97324cd8
      Eric W. Biederman authored
      This adds a small helper retire_sysctl_set to remove the intimate knowledge about
      the how a sysctl_set is implemented from net/sysct_net.c
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      97324cd8
    • Eric W. Biederman's avatar
      sysctl: Make the directories have nlink == 1 · a15e2098
      Eric W. Biederman authored
      I goofed when I made sysctl directories have nlink == 0.
      nlink == 0 means the directory has been deleted.
      nlink == 1 meands a directory does not count subdirectories.
      
      Use the default nlink == 1 for sysctl directories.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      a15e2098
    • Eric W. Biederman's avatar
      sysctl: Move the implementation into fs/proc/proc_sysctl.c · 1f87f0b5
      Eric W. Biederman authored
      Move the core sysctl code from kernel/sysctl.c and kernel/sysctl_check.c
      into fs/proc/proc_sysctl.c.
      
      Currently sysctl maintenance is hampered by the sysctl implementation
      being split across 3 files with artificial layering between them.
      Consolidate the entire sysctl implementation into 1 file so that
      it is easier to see what is going on and hopefully allowing for
      simpler maintenance.
      
      For functions that are now only used in fs/proc/proc_sysctl.c remove
      their declarations from sysctl.h and make them static in fs/proc/proc_sysctl.c
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      1f87f0b5
    • Eric W. Biederman's avatar
      sysctl: Register the base sysctl table like any other sysctl table. · de4e83bd
      Eric W. Biederman authored
      Simplify the code by treating the base sysctl table like any other
      sysctl table and register it with register_sysctl_table.
      
      To ensure this table is registered early enough to avoid problems
      call sysctl_init from proc_sys_init.
      
      Rename sysctl_net.c:sysctl_init() to net_sysctl_init() to avoid
      name conflicts now that kernel/sysctl.c:sysctl_init() is no longer
      static.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      de4e83bd
    • Eric W. Biederman's avatar
      sysctl: Consolidate !CONFIG_SYSCTL handling · 0ce8974d
      Eric W. Biederman authored
      - In sysctl.h move functions only available if CONFIG_SYSCL
        is defined inside of #ifdef CONFIG_SYSCTL
      
      - Move the stub function definitions for !CONFIG_SYSCTL
        into sysctl.h and make them static inlines.
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      0ce8974d
    • Lucas De Marchi's avatar
      sysctl: remove impossible condition check · 36885d7b
      Lucas De Marchi authored
      Remove checks for conditions that will never happen. If procname is NULL
      the loop would already had bailed out, so there's no need to check it
      again.
      
      At the same time this also compacts the function find_in_table() by
      refactoring it to be easier to read.
      Signed-off-by: default avatarLucas De Marchi <lucas.demarchi@profusion.mobi>
      Reviewed-by: default avatarJesper Juhl <jj@chaosbits.net>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      36885d7b
  5. 19 Jan, 2012 4 commits