From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
To: ebiederm@xmission.com
Cc: linux-kernel@vger.kernel.org
Subject: Re: [PATCH 00/23] Removal of binary sysctl support
Date: Thu, 19 Nov 2009 07:04:19 +0900 [thread overview]
Message-ID: <200911190704.CHI18293.VJOMHFtOLQSOFF@I-love.SAKURA.ne.jp> (raw)
In-Reply-To: <m1zl6j65by.fsf@fess.ebiederm.org>
Hello.
Eric W. Biederman wrote:
> Tetsuo Handa writes:
>
> > Eric W. Biederman wrote:
> >> There has been a gradual transition from the assumption that the table ends with
> >> !ctl_name to the assumption that procname == NULL. There is no sysctl entry
> >> with a valid ctl_name without a valid procname.
> >
> > I see. Then, please add below one to your patchset.
>
> I have been looking at this and in the sysctl tree I am now going through
> the vfs for all of the the operations on /proc/sys. I believe that means
> we can completely remove the sysctl special case in tomoyo. Like I have
> in the patch below.
>
> Will that work?
>
> Eric
If you remove sysctl(2) from kernel and let userland libraries emulate
static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };
int buffer[2] = { 0, 0 };
int size = sizeof(buffer);
sysctl(name, 3, buffer, &size, 0, 0);
like
FILE *fp = fopen("/proc/sys/net/ipv4/ip_local_port_range", "r");
int buffer[2] = { 0, 0 };
fscanf(fp, "%u %u", &buffer[0], &buffer[1]);
fclose(fp);
or you modify sysctl(2) to call security_dentry_open() rather than
security_sysctl(), we can completely remove the sysctl special case in tomoyo.
Regards.
next prev parent reply other threads:[~2009-11-18 22:04 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-08 12:20 [PATCH 00/23] Removal of binary sysctl support Eric W. Biederman
2009-11-08 13:15 ` Tetsuo Handa
2009-11-08 23:39 ` Eric W. Biederman
2009-11-09 0:12 ` Tetsuo Handa
2009-11-09 0:35 ` Eric W. Biederman
2009-11-18 18:44 ` Eric W. Biederman
2009-11-18 22:04 ` Tetsuo Handa [this message]
2009-11-18 22:45 ` Eric W. Biederman
2009-11-19 14:33 ` Tetsuo Handa
2009-11-19 17:49 ` Eric W. Biederman
2009-11-19 22:17 ` Tetsuo Handa
2009-11-19 22:22 ` Eric W. Biederman
2009-11-19 22:35 ` John Johansen
-- strict thread matches above, loose matches on Subject: below --
2009-11-08 12:16 Eric W. Biederman
2009-11-08 13:06 ` Arnd Bergmann
2009-11-09 3:44 ` Eric W. Biederman
2009-11-08 12:15 Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200911190704.CHI18293.VJOMHFtOLQSOFF@I-love.SAKURA.ne.jp \
--to=penguin-kernel@i-love.sakura.ne.jp \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.