summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-01-21 13:34:05 -0800
committerEric W. Biederman <ebiederm@xmission.com>2012-01-24 16:40:27 -0800
commit7c60c48f58a78195acc1f71c9a9d01958c02ab89 (patch)
tree7d1a66abc2510aa474105a747fdcd08b033f2b36 /lib
parentf728019bb72e655680c02ad1829323054a8e875f (diff)
downloadlinux-stable-7c60c48f58a78195acc1f71c9a9d01958c02ab89.tar.gz
linux-stable-7c60c48f58a78195acc1f71c9a9d01958c02ab89.tar.bz2
linux-stable-7c60c48f58a78195acc1f71c9a9d01958c02ab89.zip
sysctl: Improve the sysctl sanity checks
- Stop validating subdirectories now that we only register leaf tables - Cleanup and improve the duplicate filename check. * Run the duplicate filename check under the sysctl_lock to guarantee we never add duplicate names. * Reduce the duplicate filename check to nearly O(M*N) where M is the number of entries in tthe table we are registering and N is the number of entries in the directory before we got there. - Move the duplicate filename check into it's own function and call it directtly from __register_sysctl_table - Kill the config option as the sanity checks are now cheap enough the config option is unnecessary. The original reason for the config option was because we had a huge table used to verify the proc filename to binary sysctl mapping. That table has now evolved into the binary_sysctl translation layer and is no longer part of the sysctl_check code. - Tighten up the permission checks. Guarnateeing that files only have read or write permissions. - Removed redudant check for parents having a procname as now everything has a procname. - Generalize the backtrace logic so that we print a backtrace from any failure of __register_sysctl_table that was not caused by a memmory allocation failure. The backtrace allows us to track down who erroneously registered a sysctl table. Bechmark before (CONFIG_SYSCTL_CHECK=y): make-dummies 0 999 -> 12s rmmod dummy -> 0.08s Bechmark before (CONFIG_SYSCTL_CHECK=n): make-dummies 0 999 -> 0.7s rmmod dummy -> 0.06s make-dummies 0 99999 -> 1m13s rmmod dummy -> 0.38s Benchmark after: make-dummies 0 999 -> 0.65s rmmod dummy -> 0.055s make-dummies 0 9999 -> 1m10s rmmod dummy -> 0.39s The sysctl sanity checks now impose no measurable cost. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'lib')
-rw-r--r--lib/Kconfig.debug8
1 files changed, 0 insertions, 8 deletions
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 8745ac7d1f75..943a6182cdf2 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1113,14 +1113,6 @@ config LATENCYTOP
Enable this option if you want to use the LatencyTOP tool
to find out which userspace is blocking on what kernel operations.
-config SYSCTL_SYSCALL_CHECK
- bool "Sysctl checks"
- depends on SYSCTL
- ---help---
- sys_sysctl uses binary paths that have been found challenging
- to properly maintain and use. This enables checks that help
- you to keep things correct.
-
source mm/Kconfig.debug
source kernel/trace/Kconfig