Re: [PATCH 00/23] Removal of binary sysctl support

[Tetsuo Handa]

Hello.

Eric W. Biederman wrote:
> Tetsuo Handa writes:
> 
> > Eric W. Biederman wrote:
> >> There has been a gradual transition from the assumption that the table ends with
> >> !ctl_name to the assumption that procname == NULL.  There is no sysctl entry
> >> with a valid ctl_name without a valid procname.
> >
> > I see. Then, please add below one to your patchset.
> 
> I have been looking at this and in the sysctl tree I am now going through
> the vfs for all of the the operations on /proc/sys.  I believe that means
> we can completely remove the sysctl special case in tomoyo.  Like I have
> in the patch below.
> 
> Will that work?
> 
> Eric

If you remove sysctl(2) from kernel and let userland libraries emulate

	static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };
	int buffer[2] = { 0, 0 };
	int size = sizeof(buffer);
	sysctl(name, 3, buffer, &size, 0, 0);

like

	FILE *fp = fopen("/proc/sys/net/ipv4/ip_local_port_range", "r");
	int buffer[2] = { 0, 0 };
	fscanf(fp, "%u %u", &buffer[0], &buffer[1]);
	fclose(fp);

or you modify sysctl(2) to call security_dentry_open() rather than
security_sysctl(), we can completely remove the sysctl special case in tomoyo.

Regards.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/