X-Git-Url: http://ftp.safe.ca/?a=blobdiff_plain;f=kernel%2Fsysctl_check.c;h=fafeb48f27c046d0b6586e2797b40397a6a76f19;hb=cac64d00c256e65776d575e82aaf540632b66178;hp=ed6fe51df77ab53c5960df8b53024ae75120f3b2;hpb=5081dba6588a0c228821ede4635441f7758eb757;p=safe%2Fjmp%2Flinux-2.6 diff --git a/kernel/sysctl_check.c b/kernel/sysctl_check.c index ed6fe51..fafeb48 100644 --- a/kernel/sysctl_check.c +++ b/kernel/sysctl_check.c @@ -1,6 +1,5 @@ #include #include -#include "../arch/s390/appldata/appldata.h" #include "../fs/xfs/linux-2.6/xfs_sysctl.h" #include #include @@ -9,10 +8,10 @@ struct trans_ctl_table { int ctl_name; const char *procname; - struct trans_ctl_table *child; + const struct trans_ctl_table *child; }; -static struct trans_ctl_table trans_random_table[] = { +static const struct trans_ctl_table trans_random_table[] = { { RANDOM_POOLSIZE, "poolsize" }, { RANDOM_ENTROPY_COUNT, "entropy_avail" }, { RANDOM_READ_THRESH, "read_wakeup_threshold" }, @@ -22,13 +21,13 @@ static struct trans_ctl_table trans_random_table[] = { {} }; -static struct trans_ctl_table trans_pty_table[] = { +static const struct trans_ctl_table trans_pty_table[] = { { PTY_MAX, "max" }, { PTY_NR, "nr" }, {} }; -static struct trans_ctl_table trans_kern_table[] = { +static const struct trans_ctl_table trans_kern_table[] = { { KERN_OSTYPE, "ostype" }, { KERN_OSRELEASE, "osrelease" }, /* KERN_OSREV not used */ @@ -38,10 +37,6 @@ static struct trans_ctl_table trans_kern_table[] = { { KERN_NODENAME, "hostname" }, { KERN_DOMAINNAME, "domainname" }, -#ifdef CONFIG_SECURITY_CAPABILITIES - { KERN_CAP_BSET, "cap-bound" }, -#endif /* def CONFIG_SECURITY_CAPABILITIES */ - { KERN_PANIC, "panic" }, { KERN_REALROOTDEV, "real-root-dev" }, @@ -96,7 +91,7 @@ static struct trans_ctl_table trans_kern_table[] = { { KERN_PTY, "pty", trans_pty_table }, { KERN_NGROUPS_MAX, "ngroups_max" }, - { KERN_SPARC_SCONS_PWROFF, "scons_poweroff" }, + { KERN_SPARC_SCONS_PWROFF, "scons-poweroff" }, { KERN_HZ_TIMER, "hz_timer" }, { KERN_UNKNOWN_NMI_PANIC, "unknown_nmi_panic" }, { KERN_BOOTLOADER_TYPE, "bootloader_type" }, @@ -112,7 +107,7 @@ static struct trans_ctl_table trans_kern_table[] = { {} }; -static struct trans_ctl_table trans_vm_table[] = { +static const struct trans_ctl_table trans_vm_table[] = { { VM_OVERCOMMIT_MEMORY, "overcommit_memory" }, { VM_PAGE_CLUSTER, "page-cluster" }, { VM_DIRTY_BACKGROUND, "dirty_background_ratio" }, @@ -140,14 +135,11 @@ static struct trans_ctl_table trans_vm_table[] = { { VM_PANIC_ON_OOM, "panic_on_oom" }, { VM_VDSO_ENABLED, "vdso_enabled" }, { VM_MIN_SLAB, "min_slab_ratio" }, - { VM_CMM_PAGES, "cmm_pages" }, - { VM_CMM_TIMED_PAGES, "cmm_timed_pages" }, - { VM_CMM_TIMEOUT, "cmm_timeout" }, {} }; -static struct trans_ctl_table trans_net_core_table[] = { +static const struct trans_ctl_table trans_net_core_table[] = { { NET_CORE_WMEM_MAX, "wmem_max" }, { NET_CORE_RMEM_MAX, "rmem_max" }, { NET_CORE_WMEM_DEFAULT, "wmem_default" }, @@ -173,14 +165,14 @@ static struct trans_ctl_table trans_net_core_table[] = { {}, }; -static struct trans_ctl_table trans_net_unix_table[] = { +static const struct trans_ctl_table trans_net_unix_table[] = { /* NET_UNIX_DESTROY_DELAY unused */ /* NET_UNIX_DELETE_DELAY unused */ { NET_UNIX_MAX_DGRAM_QLEN, "max_dgram_qlen" }, {} }; -static struct trans_ctl_table trans_net_ipv4_route_table[] = { +static const struct trans_ctl_table trans_net_ipv4_route_table[] = { { NET_IPV4_ROUTE_FLUSH, "flush" }, { NET_IPV4_ROUTE_MIN_DELAY, "min_delay" }, { NET_IPV4_ROUTE_MAX_DELAY, "max_delay" }, @@ -203,7 +195,7 @@ static struct trans_ctl_table trans_net_ipv4_route_table[] = { {} }; -static struct trans_ctl_table trans_net_ipv4_conf_vars_table[] = { +static const struct trans_ctl_table trans_net_ipv4_conf_vars_table[] = { { NET_IPV4_CONF_FORWARDING, "forwarding" }, { NET_IPV4_CONF_MC_FORWARDING, "mc_forwarding" }, @@ -230,44 +222,14 @@ static struct trans_ctl_table trans_net_ipv4_conf_vars_table[] = { {} }; -static struct trans_ctl_table trans_net_ipv4_conf_table[] = { +static const struct trans_ctl_table trans_net_ipv4_conf_table[] = { { NET_PROTO_CONF_ALL, "all", trans_net_ipv4_conf_vars_table }, { NET_PROTO_CONF_DEFAULT, "default", trans_net_ipv4_conf_vars_table }, { 0, NULL, trans_net_ipv4_conf_vars_table }, {} }; - -static struct trans_ctl_table trans_net_ipv4_vs_table[] = { - { NET_IPV4_VS_AMEMTHRESH, "amemthresh" }, - { NET_IPV4_VS_DEBUG_LEVEL, "debug_level" }, - { NET_IPV4_VS_AMDROPRATE, "am_droprate" }, - { NET_IPV4_VS_DROP_ENTRY, "drop_entry" }, - { NET_IPV4_VS_DROP_PACKET, "drop_packet" }, - { NET_IPV4_VS_SECURE_TCP, "secure_tcp" }, - { NET_IPV4_VS_TO_ES, "timeout_established" }, - { NET_IPV4_VS_TO_SS, "timeout_synsent" }, - { NET_IPV4_VS_TO_SR, "timeout_synrecv" }, - { NET_IPV4_VS_TO_FW, "timeout_finwait" }, - { NET_IPV4_VS_TO_TW, "timeout_timewait" }, - { NET_IPV4_VS_TO_CL, "timeout_close" }, - { NET_IPV4_VS_TO_CW, "timeout_closewait" }, - { NET_IPV4_VS_TO_LA, "timeout_lastack" }, - { NET_IPV4_VS_TO_LI, "timeout_listen" }, - { NET_IPV4_VS_TO_SA, "timeout_synack" }, - { NET_IPV4_VS_TO_UDP, "timeout_udp" }, - { NET_IPV4_VS_TO_ICMP, "timeout_icmp" }, - { NET_IPV4_VS_CACHE_BYPASS, "cache_bypass" }, - { NET_IPV4_VS_EXPIRE_NODEST_CONN, "expire_nodest_conn" }, - { NET_IPV4_VS_EXPIRE_QUIESCENT_TEMPLATE, "expire_quiescent_template" }, - { NET_IPV4_VS_SYNC_THRESHOLD, "sync_threshold" }, - { NET_IPV4_VS_NAT_ICMP_SEND, "nat_icmp_send" }, - { NET_IPV4_VS_LBLC_EXPIRE, "lblc_expiration" }, - { NET_IPV4_VS_LBLCR_EXPIRE, "lblcr_expiration" }, - {} -}; - -static struct trans_ctl_table trans_net_neigh_vars_table[] = { +static const struct trans_ctl_table trans_net_neigh_vars_table[] = { { NET_NEIGH_MCAST_SOLICIT, "mcast_solicit" }, { NET_NEIGH_UCAST_SOLICIT, "ucast_solicit" }, { NET_NEIGH_APP_SOLICIT, "app_solicit" }, @@ -289,13 +251,13 @@ static struct trans_ctl_table trans_net_neigh_vars_table[] = { {} }; -static struct trans_ctl_table trans_net_neigh_table[] = { +static const struct trans_ctl_table trans_net_neigh_table[] = { { NET_PROTO_CONF_DEFAULT, "default", trans_net_neigh_vars_table }, { 0, NULL, trans_net_neigh_vars_table }, {} }; -static struct trans_ctl_table trans_net_ipv4_netfilter_table[] = { +static const struct trans_ctl_table trans_net_ipv4_netfilter_table[] = { { NET_IPV4_NF_CONNTRACK_MAX, "ip_conntrack_max" }, { NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT, "ip_conntrack_tcp_timeout_syn_sent" }, @@ -332,7 +294,7 @@ static struct trans_ctl_table trans_net_ipv4_netfilter_table[] = { {} }; -static struct trans_ctl_table trans_net_ipv4_table[] = { +static const struct trans_ctl_table trans_net_ipv4_table[] = { { NET_IPV4_FORWARD, "ip_forward" }, { NET_IPV4_DYNADDR, "ip_dynaddr" }, @@ -341,7 +303,6 @@ static struct trans_ctl_table trans_net_ipv4_table[] = { { NET_IPV4_ROUTE, "route", trans_net_ipv4_route_table }, /* NET_IPV4_FIB_HASH unused */ { NET_IPV4_NETFILTER, "netfilter", trans_net_ipv4_netfilter_table }, - { NET_IPV4_VS, "vs", trans_net_ipv4_vs_table }, { NET_IPV4_TCP_TIMESTAMPS, "tcp_timestamps" }, { NET_IPV4_TCP_WINDOW_SCALING, "tcp_window_scaling" }, @@ -432,13 +393,13 @@ static struct trans_ctl_table trans_net_ipv4_table[] = { {} }; -static struct trans_ctl_table trans_net_ipx_table[] = { +static const struct trans_ctl_table trans_net_ipx_table[] = { { NET_IPX_PPROP_BROADCASTING, "ipx_pprop_broadcasting" }, /* NET_IPX_FORWARDING unused */ {} }; -static struct trans_ctl_table trans_net_atalk_table[] = { +static const struct trans_ctl_table trans_net_atalk_table[] = { { NET_ATALK_AARP_EXPIRY_TIME, "aarp-expiry-time" }, { NET_ATALK_AARP_TICK_TIME, "aarp-tick-time" }, { NET_ATALK_AARP_RETRANSMIT_LIMIT, "aarp-retransmit-limit" }, @@ -446,7 +407,7 @@ static struct trans_ctl_table trans_net_atalk_table[] = { {}, }; -static struct trans_ctl_table trans_net_netrom_table[] = { +static const struct trans_ctl_table trans_net_netrom_table[] = { { NET_NETROM_DEFAULT_PATH_QUALITY, "default_path_quality" }, { NET_NETROM_OBSOLESCENCE_COUNT_INITIALISER, "obsolescence_count_initialiser" }, { NET_NETROM_NETWORK_TTL_INITIALISER, "network_ttl_initialiser" }, @@ -462,7 +423,7 @@ static struct trans_ctl_table trans_net_netrom_table[] = { {} }; -static struct trans_ctl_table trans_net_ax25_table[] = { +static const struct trans_ctl_table trans_net_ax25_param_table[] = { { NET_AX25_IP_DEFAULT_MODE, "ip_default_mode" }, { NET_AX25_DEFAULT_MODE, "ax25_default_mode" }, { NET_AX25_BACKOFF_TYPE, "backoff_type" }, @@ -480,7 +441,12 @@ static struct trans_ctl_table trans_net_ax25_table[] = { {} }; -static struct trans_ctl_table trans_net_bridge_table[] = { +static const struct trans_ctl_table trans_net_ax25_table[] = { + { 0, NULL, trans_net_ax25_param_table }, + {} +}; + +static const struct trans_ctl_table trans_net_bridge_table[] = { { NET_BRIDGE_NF_CALL_ARPTABLES, "bridge-nf-call-arptables" }, { NET_BRIDGE_NF_CALL_IPTABLES, "bridge-nf-call-iptables" }, { NET_BRIDGE_NF_CALL_IP6TABLES, "bridge-nf-call-ip6tables" }, @@ -489,7 +455,7 @@ static struct trans_ctl_table trans_net_bridge_table[] = { {} }; -static struct trans_ctl_table trans_net_rose_table[] = { +static const struct trans_ctl_table trans_net_rose_table[] = { { NET_ROSE_RESTART_REQUEST_TIMEOUT, "restart_request_timeout" }, { NET_ROSE_CALL_REQUEST_TIMEOUT, "call_request_timeout" }, { NET_ROSE_RESET_REQUEST_TIMEOUT, "reset_request_timeout" }, @@ -503,7 +469,7 @@ static struct trans_ctl_table trans_net_rose_table[] = { {} }; -static struct trans_ctl_table trans_net_ipv6_conf_var_table[] = { +static const struct trans_ctl_table trans_net_ipv6_conf_var_table[] = { { NET_IPV6_FORWARDING, "forwarding" }, { NET_IPV6_HOP_LIMIT, "hop_limit" }, { NET_IPV6_MTU, "mtu" }, @@ -531,14 +497,14 @@ static struct trans_ctl_table trans_net_ipv6_conf_var_table[] = { {} }; -static struct trans_ctl_table trans_net_ipv6_conf_table[] = { +static const struct trans_ctl_table trans_net_ipv6_conf_table[] = { { NET_PROTO_CONF_ALL, "all", trans_net_ipv6_conf_var_table }, { NET_PROTO_CONF_DEFAULT, "default", trans_net_ipv6_conf_var_table }, { 0, NULL, trans_net_ipv6_conf_var_table }, {} }; -static struct trans_ctl_table trans_net_ipv6_route_table[] = { +static const struct trans_ctl_table trans_net_ipv6_route_table[] = { { NET_IPV6_ROUTE_FLUSH, "flush" }, { NET_IPV6_ROUTE_GC_THRESH, "gc_thresh" }, { NET_IPV6_ROUTE_MAX_SIZE, "max_size" }, @@ -552,12 +518,12 @@ static struct trans_ctl_table trans_net_ipv6_route_table[] = { {} }; -static struct trans_ctl_table trans_net_ipv6_icmp_table[] = { +static const struct trans_ctl_table trans_net_ipv6_icmp_table[] = { { NET_IPV6_ICMP_RATELIMIT, "ratelimit" }, {} }; -static struct trans_ctl_table trans_net_ipv6_table[] = { +static const struct trans_ctl_table trans_net_ipv6_table[] = { { NET_IPV6_CONF, "conf", trans_net_ipv6_conf_table }, { NET_IPV6_NEIGH, "neigh", trans_net_neigh_table }, { NET_IPV6_ROUTE, "route", trans_net_ipv6_route_table }, @@ -572,7 +538,7 @@ static struct trans_ctl_table trans_net_ipv6_table[] = { {} }; -static struct trans_ctl_table trans_net_x25_table[] = { +static const struct trans_ctl_table trans_net_x25_table[] = { { NET_X25_RESTART_REQUEST_TIMEOUT, "restart_request_timeout" }, { NET_X25_CALL_REQUEST_TIMEOUT, "call_request_timeout" }, { NET_X25_RESET_REQUEST_TIMEOUT, "reset_request_timeout" }, @@ -582,13 +548,13 @@ static struct trans_ctl_table trans_net_x25_table[] = { {} }; -static struct trans_ctl_table trans_net_tr_table[] = { +static const struct trans_ctl_table trans_net_tr_table[] = { { NET_TR_RIF_TIMEOUT, "rif_timeout" }, {} }; -static struct trans_ctl_table trans_net_decnet_conf_vars[] = { +static const struct trans_ctl_table trans_net_decnet_conf_vars[] = { { NET_DECNET_CONF_DEV_FORWARDING, "forwarding" }, { NET_DECNET_CONF_DEV_PRIORITY, "priority" }, { NET_DECNET_CONF_DEV_T2, "t2" }, @@ -596,12 +562,12 @@ static struct trans_ctl_table trans_net_decnet_conf_vars[] = { {} }; -static struct trans_ctl_table trans_net_decnet_conf[] = { +static const struct trans_ctl_table trans_net_decnet_conf[] = { { 0, NULL, trans_net_decnet_conf_vars }, {} }; -static struct trans_ctl_table trans_net_decnet_table[] = { +static const struct trans_ctl_table trans_net_decnet_table[] = { { NET_DECNET_CONF, "conf", trans_net_decnet_conf }, { NET_DECNET_NODE_ADDRESS, "node_address" }, { NET_DECNET_NODE_NAME, "node_name" }, @@ -619,7 +585,7 @@ static struct trans_ctl_table trans_net_decnet_table[] = { {} }; -static struct trans_ctl_table trans_net_sctp_table[] = { +static const struct trans_ctl_table trans_net_sctp_table[] = { { NET_SCTP_RTO_INITIAL, "rto_initial" }, { NET_SCTP_RTO_MIN, "rto_min" }, { NET_SCTP_RTO_MAX, "rto_max" }, @@ -640,7 +606,7 @@ static struct trans_ctl_table trans_net_sctp_table[] = { {} }; -static struct trans_ctl_table trans_net_llc_llc2_timeout_table[] = { +static const struct trans_ctl_table trans_net_llc_llc2_timeout_table[] = { { NET_LLC2_ACK_TIMEOUT, "ack" }, { NET_LLC2_P_TIMEOUT, "p" }, { NET_LLC2_REJ_TIMEOUT, "rej" }, @@ -648,23 +614,23 @@ static struct trans_ctl_table trans_net_llc_llc2_timeout_table[] = { {} }; -static struct trans_ctl_table trans_net_llc_station_table[] = { +static const struct trans_ctl_table trans_net_llc_station_table[] = { { NET_LLC_STATION_ACK_TIMEOUT, "ack_timeout" }, {} }; -static struct trans_ctl_table trans_net_llc_llc2_table[] = { +static const struct trans_ctl_table trans_net_llc_llc2_table[] = { { NET_LLC2, "timeout", trans_net_llc_llc2_timeout_table }, {} }; -static struct trans_ctl_table trans_net_llc_table[] = { +static const struct trans_ctl_table trans_net_llc_table[] = { { NET_LLC2, "llc2", trans_net_llc_llc2_table }, { NET_LLC_STATION, "station", trans_net_llc_station_table }, {} }; -static struct trans_ctl_table trans_net_netfilter_table[] = { +static const struct trans_ctl_table trans_net_netfilter_table[] = { { NET_NF_CONNTRACK_MAX, "nf_conntrack_max" }, { NET_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT, "nf_conntrack_tcp_timeout_syn_sent" }, { NET_NF_CONNTRACK_TCP_TIMEOUT_SYN_RECV, "nf_conntrack_tcp_timeout_syn_recv" }, @@ -701,12 +667,12 @@ static struct trans_ctl_table trans_net_netfilter_table[] = { {} }; -static struct trans_ctl_table trans_net_dccp_table[] = { +static const struct trans_ctl_table trans_net_dccp_table[] = { { NET_DCCP_DEFAULT, "default" }, {} }; -static struct trans_ctl_table trans_net_irda_table[] = { +static const struct trans_ctl_table trans_net_irda_table[] = { { NET_IRDA_DISCOVERY, "discovery" }, { NET_IRDA_DEVNAME, "devname" }, { NET_IRDA_DEBUG, "debug" }, @@ -724,7 +690,7 @@ static struct trans_ctl_table trans_net_irda_table[] = { {} }; -static struct trans_ctl_table trans_net_table[] = { +static const struct trans_ctl_table trans_net_table[] = { { NET_CORE, "core", trans_net_core_table }, /* NET_ETHER not used */ /* NET_802 not used */ @@ -738,7 +704,7 @@ static struct trans_ctl_table trans_net_table[] = { { NET_ROSE, "rose", trans_net_rose_table }, { NET_IPV6, "ipv6", trans_net_ipv6_table }, { NET_X25, "x25", trans_net_x25_table }, - { NET_TR, "tr", trans_net_tr_table }, + { NET_TR, "token-ring", trans_net_tr_table }, { NET_DECNET, "decnet", trans_net_decnet_table }, /* NET_ECONET not used */ { NET_SCTP, "sctp", trans_net_sctp_table }, @@ -750,7 +716,7 @@ static struct trans_ctl_table trans_net_table[] = { {} }; -static struct trans_ctl_table trans_fs_quota_table[] = { +static const struct trans_ctl_table trans_fs_quota_table[] = { { FS_DQ_LOOKUPS, "lookups" }, { FS_DQ_DROPS, "drops" }, { FS_DQ_READS, "reads" }, @@ -763,8 +729,7 @@ static struct trans_ctl_table trans_fs_quota_table[] = { {} }; -static struct trans_ctl_table trans_fs_xfs_table[] = { - { XFS_RESTRICT_CHOWN, "restrict_chown" }, +static const struct trans_ctl_table trans_fs_xfs_table[] = { { XFS_SGID_INHERIT, "irix_sgid_inherit" }, { XFS_SYMLINK_MODE, "irix_symlink_mode" }, { XFS_PANIC_MASK, "panic_mask" }, @@ -784,24 +749,24 @@ static struct trans_ctl_table trans_fs_xfs_table[] = { {} }; -static struct trans_ctl_table trans_fs_ocfs2_nm_table[] = { +static const struct trans_ctl_table trans_fs_ocfs2_nm_table[] = { { 1, "hb_ctl_path" }, {} }; -static struct trans_ctl_table trans_fs_ocfs2_table[] = { +static const struct trans_ctl_table trans_fs_ocfs2_table[] = { { 1, "nm", trans_fs_ocfs2_nm_table }, {} }; -static struct trans_ctl_table trans_inotify_table[] = { +static const struct trans_ctl_table trans_inotify_table[] = { { INOTIFY_MAX_USER_INSTANCES, "max_user_instances" }, { INOTIFY_MAX_USER_WATCHES, "max_user_watches" }, { INOTIFY_MAX_QUEUED_EVENTS, "max_queued_events" }, {} }; -static struct trans_ctl_table trans_fs_table[] = { +static const struct trans_ctl_table trans_fs_table[] = { { FS_NRINODE, "inode-nr" }, { FS_STATINODE, "inode-state" }, /* FS_MAXINODE unused */ @@ -827,11 +792,11 @@ static struct trans_ctl_table trans_fs_table[] = { {} }; -static struct trans_ctl_table trans_debug_table[] = { +static const struct trans_ctl_table trans_debug_table[] = { {} }; -static struct trans_ctl_table trans_cdrom_table[] = { +static const struct trans_ctl_table trans_cdrom_table[] = { { DEV_CDROM_INFO, "info" }, { DEV_CDROM_AUTOCLOSE, "autoclose" }, { DEV_CDROM_AUTOEJECT, "autoeject" }, @@ -841,12 +806,12 @@ static struct trans_ctl_table trans_cdrom_table[] = { {} }; -static struct trans_ctl_table trans_ipmi_table[] = { +static const struct trans_ctl_table trans_ipmi_table[] = { { DEV_IPMI_POWEROFF_POWERCYCLE, "poweroff_powercycle" }, {} }; -static struct trans_ctl_table trans_mac_hid_files[] = { +static const struct trans_ctl_table trans_mac_hid_files[] = { /* DEV_MAC_HID_KEYBOARD_SENDS_LINUX_KEYCODES unused */ /* DEV_MAC_HID_KEYBOARD_LOCK_KEYCODES unused */ { DEV_MAC_HID_MOUSE_BUTTON_EMULATION, "mouse_button_emulation" }, @@ -856,35 +821,35 @@ static struct trans_ctl_table trans_mac_hid_files[] = { {} }; -static struct trans_ctl_table trans_raid_table[] = { +static const struct trans_ctl_table trans_raid_table[] = { { DEV_RAID_SPEED_LIMIT_MIN, "speed_limit_min" }, { DEV_RAID_SPEED_LIMIT_MAX, "speed_limit_max" }, {} }; -static struct trans_ctl_table trans_scsi_table[] = { +static const struct trans_ctl_table trans_scsi_table[] = { { DEV_SCSI_LOGGING_LEVEL, "logging_level" }, {} }; -static struct trans_ctl_table trans_parport_default_table[] = { +static const struct trans_ctl_table trans_parport_default_table[] = { { DEV_PARPORT_DEFAULT_TIMESLICE, "timeslice" }, { DEV_PARPORT_DEFAULT_SPINTIME, "spintime" }, {} }; -static struct trans_ctl_table trans_parport_device_table[] = { +static const struct trans_ctl_table trans_parport_device_table[] = { { DEV_PARPORT_DEVICE_TIMESLICE, "timeslice" }, {} }; -static struct trans_ctl_table trans_parport_devices_table[] = { +static const struct trans_ctl_table trans_parport_devices_table[] = { { DEV_PARPORT_DEVICES_ACTIVE, "active" }, { 0, NULL, trans_parport_device_table }, {} }; -static struct trans_ctl_table trans_parport_parport_table[] = { +static const struct trans_ctl_table trans_parport_parport_table[] = { { DEV_PARPORT_SPINTIME, "spintime" }, { DEV_PARPORT_BASE_ADDR, "base-addr" }, { DEV_PARPORT_IRQ, "irq" }, @@ -898,13 +863,13 @@ static struct trans_ctl_table trans_parport_parport_table[] = { { DEV_PARPORT_AUTOPROBE + 4, "autoprobe3" }, {} }; -static struct trans_ctl_table trans_parport_table[] = { +static const struct trans_ctl_table trans_parport_table[] = { { DEV_PARPORT_DEFAULT, "default", trans_parport_default_table }, { 0, NULL, trans_parport_parport_table }, {} }; -static struct trans_ctl_table trans_dev_table[] = { +static const struct trans_ctl_table trans_dev_table[] = { { DEV_CDROM, "cdrom", trans_cdrom_table }, /* DEV_HWMON unused */ { DEV_PARPORT, "parport", trans_parport_table }, @@ -915,19 +880,19 @@ static struct trans_ctl_table trans_dev_table[] = { {} }; -static struct trans_ctl_table trans_bus_isa_table[] = { +static const struct trans_ctl_table trans_bus_isa_table[] = { { BUS_ISA_MEM_BASE, "membase" }, { BUS_ISA_PORT_BASE, "portbase" }, { BUS_ISA_PORT_SHIFT, "portshift" }, {} }; -static struct trans_ctl_table trans_bus_table[] = { +static const struct trans_ctl_table trans_bus_table[] = { { CTL_BUS_ISA, "isa", trans_bus_isa_table }, {} }; -static struct trans_ctl_table trans_arlan_conf_table0[] = { +static const struct trans_ctl_table trans_arlan_conf_table0[] = { { 1, "spreadingCode" }, { 2, "channelNumber" }, { 3, "scramblingDisable" }, @@ -998,7 +963,7 @@ static struct trans_ctl_table trans_arlan_conf_table0[] = { {} }; -static struct trans_ctl_table trans_arlan_conf_table1[] = { +static const struct trans_ctl_table trans_arlan_conf_table1[] = { { 1, "spreadingCode" }, { 2, "channelNumber" }, { 3, "scramblingDisable" }, @@ -1069,7 +1034,7 @@ static struct trans_ctl_table trans_arlan_conf_table1[] = { {} }; -static struct trans_ctl_table trans_arlan_conf_table2[] = { +static const struct trans_ctl_table trans_arlan_conf_table2[] = { { 1, "spreadingCode" }, { 2, "channelNumber" }, { 3, "scramblingDisable" }, @@ -1140,7 +1105,7 @@ static struct trans_ctl_table trans_arlan_conf_table2[] = { {} }; -static struct trans_ctl_table trans_arlan_conf_table3[] = { +static const struct trans_ctl_table trans_arlan_conf_table3[] = { { 1, "spreadingCode" }, { 2, "channelNumber" }, { 3, "scramblingDisable" }, @@ -1211,7 +1176,7 @@ static struct trans_ctl_table trans_arlan_conf_table3[] = { {} }; -static struct trans_ctl_table trans_arlan_table[] = { +static const struct trans_ctl_table trans_arlan_table[] = { { 1, "arlan0", trans_arlan_conf_table0 }, { 2, "arlan1", trans_arlan_conf_table1 }, { 3, "arlan2", trans_arlan_conf_table2 }, @@ -1219,23 +1184,13 @@ static struct trans_ctl_table trans_arlan_table[] = { {} }; -static struct trans_ctl_table trans_appldata_table[] = { - { CTL_APPLDATA_TIMER, "timer" }, - { CTL_APPLDATA_INTERVAL, "interval" }, - { CTL_APPLDATA_OS, "os" }, - { CTL_APPLDATA_NET_SUM, "net_sum" }, - { CTL_APPLDATA_MEM, "mem" }, - {} - -}; - -static struct trans_ctl_table trans_s390dbf_table[] = { +static const struct trans_ctl_table trans_s390dbf_table[] = { { 5678 /* CTL_S390DBF_STOPPABLE */, "debug_stoppable" }, { 5679 /* CTL_S390DBF_ACTIVE */, "debug_active" }, {} }; -static struct trans_ctl_table trans_sunrpc_table[] = { +static const struct trans_ctl_table trans_sunrpc_table[] = { { CTL_RPCDEBUG, "rpc_debug" }, { CTL_NFSDEBUG, "nfs_debug" }, { CTL_NFSDDEBUG, "nfsd_debug" }, @@ -1247,7 +1202,7 @@ static struct trans_ctl_table trans_sunrpc_table[] = { {} }; -static struct trans_ctl_table trans_pm_table[] = { +static const struct trans_ctl_table trans_pm_table[] = { { 1 /* CTL_PM_SUSPEND */, "suspend" }, { 2 /* CTL_PM_CMODE */, "cmode" }, { 3 /* CTL_PM_P0 */, "p0" }, @@ -1255,13 +1210,13 @@ static struct trans_ctl_table trans_pm_table[] = { {} }; -static struct trans_ctl_table trans_frv_table[] = { +static const struct trans_ctl_table trans_frv_table[] = { { 1, "cache-mode" }, { 2, "pin-cxnr" }, {} }; -static struct trans_ctl_table trans_root_table[] = { +static const struct trans_ctl_table trans_root_table[] = { { CTL_KERN, "kernel", trans_kern_table }, { CTL_VM, "vm", trans_vm_table }, { CTL_NET, "net", trans_net_table }, @@ -1273,7 +1228,6 @@ static struct trans_ctl_table trans_root_table[] = { { CTL_ABI, "abi" }, /* CTL_CPU not used */ { CTL_ARLAN, "arlan", trans_arlan_table }, - { CTL_APPLDATA, "appldata", trans_appldata_table }, { CTL_S390DBF, "s390dbf", trans_s390dbf_table }, { CTL_SUNRPC, "sunrpc", trans_sunrpc_table }, { CTL_PM, "pm", trans_pm_table }, @@ -1306,15 +1260,14 @@ static struct ctl_table *sysctl_parent(struct ctl_table *table, int n) return table; } -static struct trans_ctl_table *sysctl_binary_lookup(struct ctl_table *table) +static const struct trans_ctl_table *sysctl_binary_lookup(struct ctl_table *table) { struct ctl_table *test; - struct trans_ctl_table *ref; - int depth, cur_depth; + const struct trans_ctl_table *ref; + int cur_depth; - depth = sysctl_depth(table); + cur_depth = sysctl_depth(table); - cur_depth = depth; ref = trans_root_table; repeat: test = sysctl_parent(table, cur_depth); @@ -1383,7 +1336,8 @@ static void sysctl_repair_table(struct ctl_table *table) } } -static struct ctl_table *sysctl_check_lookup(struct ctl_table *table) +static struct ctl_table *sysctl_check_lookup(struct nsproxy *namespaces, + struct ctl_table *table) { struct ctl_table_header *head; struct ctl_table *ref, *test; @@ -1391,8 +1345,8 @@ static struct ctl_table *sysctl_check_lookup(struct ctl_table *table) depth = sysctl_depth(table); - for (head = sysctl_head_next(NULL); head; - head = sysctl_head_next(head)) { + for (head = __sysctl_head_next(namespaces, NULL); head; + head = __sysctl_head_next(namespaces, head)) { cur_depth = depth; ref = head->ctl_table; repeat: @@ -1432,17 +1386,19 @@ static void set_fail(const char **fail, struct ctl_table *table, const char *str printk(KERN_ERR "sysctl table check failed: "); sysctl_print_path(table); printk(" %s\n", *fail); + dump_stack(); } *fail = str; } -static int sysctl_check_dir(struct ctl_table *table) +static int sysctl_check_dir(struct nsproxy *namespaces, + struct ctl_table *table) { struct ctl_table *ref; int error; error = 0; - ref = sysctl_check_lookup(table); + ref = sysctl_check_lookup(namespaces, table); if (ref) { int match = 0; if ((!table->procname && !ref->procname) || @@ -1467,18 +1423,19 @@ static int sysctl_check_dir(struct ctl_table *table) return error; } -static void sysctl_check_leaf(struct ctl_table *table, const char **fail) +static void sysctl_check_leaf(struct nsproxy *namespaces, + struct ctl_table *table, const char **fail) { struct ctl_table *ref; - ref = sysctl_check_lookup(table); + ref = sysctl_check_lookup(namespaces, table); if (ref && (ref != table)) set_fail(fail, table, "Sysctl already exists"); } static void sysctl_check_bin_path(struct ctl_table *table, const char **fail) { - struct trans_ctl_table *ref; + const struct trans_ctl_table *ref; ref = sysctl_binary_lookup(table); if (table->ctl_name && !ref) @@ -1495,7 +1452,7 @@ static void sysctl_check_bin_path(struct ctl_table *table, const char **fail) } } -int sysctl_check_table(struct ctl_table *table) +int sysctl_check_table(struct nsproxy *namespaces, struct ctl_table *table) { int error = 0; for (; table->ctl_name || table->procname; table++) { @@ -1525,7 +1482,7 @@ int sysctl_check_table(struct ctl_table *table) set_fail(&fail, table, "Directory with extra1"); if (table->extra2) set_fail(&fail, table, "Directory with extra2"); - if (sysctl_check_dir(table)) + if (sysctl_check_dir(namespaces, table)) set_fail(&fail, table, "Inconsistent directory names"); } else { if ((table->strategy == sysctl_data) || @@ -1535,9 +1492,6 @@ int sysctl_check_table(struct ctl_table *table) (table->strategy == sysctl_ms_jiffies) || (table->proc_handler == proc_dostring) || (table->proc_handler == proc_dointvec) || -#ifdef CONFIG_SECURITY_CAPABILITIES - (table->proc_handler == proc_dointvec_bset) || -#endif /* def CONFIG_SECURITY_CAPABILITIES */ (table->proc_handler == proc_dointvec_minmax) || (table->proc_handler == proc_dointvec_jiffies) || (table->proc_handler == proc_dointvec_userhz_jiffies) || @@ -1574,15 +1528,17 @@ int sysctl_check_table(struct ctl_table *table) if (!table->procname && table->proc_handler) set_fail(&fail, table, "proc_handler without procname"); #endif - sysctl_check_leaf(table, &fail); + sysctl_check_leaf(namespaces, table, &fail); } sysctl_check_bin_path(table, &fail); + if (table->mode > 0777) + set_fail(&fail, table, "bogus .mode"); if (fail) { set_fail(&fail, table, NULL); error = -EINVAL; } if (table->child) - error |= sysctl_check_table(table->child); + error |= sysctl_check_table(namespaces, table->child); } return error; }