| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190706165521.GB10550@avx2>
Date: Sat, 6 Jul 2019 19:55:21 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: davem@...emloft.net
Cc: netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
linux-nfs@...r.kernel.org, j.vosburgh@...il.com, vfalico@...il.com,
andy@...yhouse.net, pablo@...filter.org, kadlec@...filter.org,
fw@...len.de, bfields@...ldses.org, chuck.lever@...cle.com
Subject: [PATCH 2/2] net: apply proc_net_mkdir() harder
From: "Hallsmark, Per" <Per.Hallsmark@...driver.com>
proc_net_mkdir() should be used to create stuff under /proc/net,
so that dentry revalidation kicks in.
See
commit 1fde6f21d90f8ba5da3cb9c54ca991ed72696c43
proc: fix /proc/net/* after setns(2)
[added more chunks --adobriyan]
Signed-off-by: "Hallsmark, Per" <Per.Hallsmark@...driver.com>
Signed-off-by: Alexey Dobriyan <adobriyan@...il.com>
---
drivers/net/bonding/bond_procfs.c | 2 +-
net/core/pktgen.c | 2 +-
net/ipv4/netfilter/ipt_CLUSTERIP.c | 2 +-
net/ipv6/proc.c | 2 +-
net/netfilter/xt_hashlimit.c | 4 ++--
net/netfilter/xt_recent.c | 2 +-
net/sunrpc/stats.c | 2 +-
7 files changed, 8 insertions(+), 8 deletions(-)
--- a/drivers/net/bonding/bond_procfs.c
+++ b/drivers/net/bonding/bond_procfs.c
@@ -293,7 +293,7 @@ void bond_remove_proc_entry(struct bonding *bond)
void __net_init bond_create_proc_dir(struct bond_net *bn)
{
if (!bn->proc_dir) {
- bn->proc_dir = proc_mkdir(DRV_NAME, bn->net->proc_net);
+ bn->proc_dir = proc_net_mkdir(bn->net, DRV_NAME, bn->net->proc_net);
if (!bn->proc_dir)
pr_warn("Warning: Cannot create /proc/net/%s\n",
DRV_NAME);
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -3791,7 +3791,7 @@ static int __net_init pg_net_init(struct net *net)
pn->net = net;
INIT_LIST_HEAD(&pn->pktgen_threads);
pn->pktgen_exiting = false;
- pn->proc_dir = proc_mkdir(PG_PROC_DIR, pn->net->proc_net);
+ pn->proc_dir = proc_net_mkdir(pn->net, PG_PROC_DIR, pn->net->proc_net);
if (!pn->proc_dir) {
pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR);
return -ENODEV;
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -828,7 +828,7 @@ static int clusterip_net_init(struct net *net)
return ret;
#ifdef CONFIG_PROC_FS
- cn->procdir = proc_mkdir("ipt_CLUSTERIP", net->proc_net);
+ cn->procdir = proc_net_mkdir(net, "ipt_CLUSTERIP", net->proc_net);
if (!cn->procdir) {
nf_unregister_net_hook(net, &cip_arp_ops);
pr_err("Unable to proc dir entry\n");
--- a/net/ipv6/proc.c
+++ b/net/ipv6/proc.c
@@ -282,7 +282,7 @@ static int __net_init ipv6_proc_init_net(struct net *net)
snmp6_seq_show, NULL))
goto proc_snmp6_fail;
- net->mib.proc_net_devsnmp6 = proc_mkdir("dev_snmp6", net->proc_net);
+ net->mib.proc_net_devsnmp6 = proc_net_mkdir(net, "dev_snmp6", net->proc_net);
if (!net->mib.proc_net_devsnmp6)
goto proc_dev_snmp6_fail;
return 0;
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -1237,11 +1237,11 @@ static int __net_init hashlimit_proc_net_init(struct net *net)
{
struct hashlimit_net *hashlimit_net = hashlimit_pernet(net);
- hashlimit_net->ipt_hashlimit = proc_mkdir("ipt_hashlimit", net->proc_net);
+ hashlimit_net->ipt_hashlimit = proc_net_mkdir(net, "ipt_hashlimit", net->proc_net);
if (!hashlimit_net->ipt_hashlimit)
return -ENOMEM;
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
- hashlimit_net->ip6t_hashlimit = proc_mkdir("ip6t_hashlimit", net->proc_net);
+ hashlimit_net->ip6t_hashlimit = proc_net_mkdir(net, "ip6t_hashlimit", net->proc_net);
if (!hashlimit_net->ip6t_hashlimit) {
remove_proc_entry("ipt_hashlimit", net->proc_net);
return -ENOMEM;
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -629,7 +629,7 @@ static int __net_init recent_proc_net_init(struct net *net)
{
struct recent_net *recent_net = recent_pernet(net);
- recent_net->xt_recent = proc_mkdir("xt_recent", net->proc_net);
+ recent_net->xt_recent = proc_net_mkdir(net, "xt_recent", net->proc_net);
if (!recent_net->xt_recent)
return -ENOMEM;
return 0;
--- a/net/sunrpc/stats.c
+++ b/net/sunrpc/stats.c
@@ -323,7 +323,7 @@ int rpc_proc_init(struct net *net)
dprintk("RPC: registering /proc/net/rpc\n");
sn = net_generic(net, sunrpc_net_id);
- sn->proc_net_rpc = proc_mkdir("rpc", net->proc_net);
+ sn->proc_net_rpc = proc_net_mkdir(net, "rpc", net->proc_net);
if (sn->proc_net_rpc == NULL)
return -ENOMEM;
Powered by blists - more mailing lists