linux/kernel
Eric W. Biederman fc6cd25b73 sysctl: Error on bad sysctl tables
After going through the kernels sysctl tables several times it has become
clear that code review and testing is just not effective in prevent
problematic sysctl tables from being used in the stable kernel.  I certainly
can't seem to fix the problems as fast as they are introduced.

Therefore this patch adds sysctl_check_table which is called when a sysctl
table is registered and checks to see if we have a problematic sysctl table.

The biggest part of the code is the table of valid binary sysctl entries, but
since we have frozen our set of binary sysctls this table should not need to
change, and it makes it much easier to detect when someone unintentionally
adds a new binary sysctl value.

As best as I can determine all of the several hundred errors spewed on boot up
now are legitimate.

[bunk@kernel.org: kernel/sysctl_check.c must #include <linux/string.h>]
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-18 14:37:23 -07:00
..
irq Compile handle_percpu_irq even for uniprocessor kernels 2007-10-17 08:43:00 -07:00
power Hibernation: Enter platform hibernation state in a consistent way 2007-10-18 14:37:20 -07:00
time x86: C1E late detection fix. Really switch off lapic timer 2007-10-17 20:15:13 +02:00
.gitignore
acct.c Cleanup non-arch xtime uses, use get_seconds() or current_kernel_time(). 2007-07-25 10:09:20 -07:00
audit.c [NET]: make netlink user -> kernel interface synchronious 2007-10-10 21:15:29 -07:00
audit.h Audit: add TTY input auditing 2007-07-16 09:05:47 -07:00
auditfilter.c [PATCH] allow audit filtering on bit & operations 2007-07-22 09:57:02 -04:00
auditsc.c Clean up duplicate includes in kernel/ 2007-10-17 08:42:48 -07:00
capability.c security/ cleanups 2007-10-17 08:43:07 -07:00
compat.c signal/timer/event: timerfd compat code 2007-05-11 08:29:36 -07:00
configs.c use simple_read_from_buffer in kernel/ 2007-05-09 12:30:49 -07:00
cpu.c cpu hotplug: cpu: deliver CPU_UP_CANCELED only to NOTIFY_OKed callbacks with CPU_UP_PREPARE 2007-10-18 14:37:21 -07:00
cpuset.c oom: compare cpuset mems_allowed instead of exclusive ancestors 2007-10-17 08:42:46 -07:00
delayacct.c sched: clean up schedstats, cnt -> count 2007-10-15 17:00:12 +02:00
die_notifier.c move die notifier handling to common code 2007-05-08 11:15:04 -07:00
dma.c [PATCH] struct seq_operations and struct file_operations constification 2006-12-07 08:39:46 -08:00
exec_domain.c
exit.c Shrink task_struct if CONFIG_FUTEX=n 2007-10-17 08:42:55 -07:00
extable.c
fork.c Remove struct task_struct::io_wait 2007-10-18 14:37:20 -07:00
futex_compat.c robust futex thread exit race 2007-10-01 07:52:23 -07:00
futex.c change inotifyfs magic as the same magic is used for futexfs 2007-10-17 08:43:00 -07:00
hrtimer.c [KTIME]: Introduce ktime_sub_ns and ktime_sub_us 2007-10-10 16:48:12 -07:00
itimer.c The scheduled -EINVAL for invalid timevals in setitimer 2007-05-08 11:15:13 -07:00
kallsyms.c kallsyms: make KSYM_NAME_LEN include space for trailing '\0' 2007-07-17 10:23:03 -07:00
Kconfig.hz [PATCH] HZ: 300Hz support 2006-12-07 08:39:36 -08:00
Kconfig.preempt Move PREEMPT_NOTIFIERS into an always-included Kconfig 2007-10-17 08:42:55 -07:00
kexec.c add-vmcore: add a prefix "VMCOREINFO_" to the vmcoreinfo macros 2007-10-17 08:42:54 -07:00
kfifo.c is_power_of_2: kernel/kfifo.c 2007-07-16 09:05:50 -07:00
kmod.c Restore call_usermodehelper_pipe() behaviour 2007-09-11 17:21:20 -07:00
kprobes.c kprobes: support kretprobe blacklist 2007-10-16 09:43:10 -07:00
ksysfs.c add-vmcore: cleanup the coding style according to Andrew's comments 2007-10-17 08:42:54 -07:00
kthread.c kthread: silence bogus section mismatch warning 2007-07-31 15:39:42 -07:00
latency.c [PATCH] severing module.h->sched.h 2006-12-04 02:00:22 -05:00
lockdep_internals.h [PATCH] lockdep: more chains 2006-12-07 08:39:43 -08:00
lockdep_proc.c lockdep: Avoid /proc/lockdep & lock_stat infinite output 2007-10-11 22:11:11 +02:00
lockdep.c lockdep: syscall exit check 2007-10-11 22:11:12 +02:00
Makefile sysctl: Error on bad sysctl tables 2007-10-18 14:37:23 -07:00
module.c module: return error when mod_sysfs_init() failed 2007-10-17 08:43:01 -07:00
mutex-debug.c [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
mutex-debug.h
mutex.c lockdep: fixup mutex annotations 2007-10-11 22:11:12 +02:00
mutex.h
nsproxy.c Use KMEM_CACHE macro to create the nsproxy cache 2007-10-17 08:42:59 -07:00
panic.c Report that kernel is tainted if there was an OOPS 2007-07-17 10:23:02 -07:00
params.c param_sysfs_builtin memchr argument fix 2007-10-18 14:37:21 -07:00
pid.c namespace: ensure clone_flags are always stored in an unsigned long 2007-07-16 09:05:48 -07:00
posix-cpu-timers.c sched: make posix-cpu-timers use CFS's accounting information 2007-07-09 18:51:58 +02:00
posix-timers.c SLAB_PANIC more (proc, posix-timers, shmem) 2007-10-17 08:42:47 -07:00
printk.c serial: turn serial console suspend a boot rather than compile time option 2007-10-18 14:37:19 -07:00
profile.c make kernel/profile.c:time_hook static 2007-10-17 08:42:55 -07:00
ptrace.c m32r: convert to generic sys_ptrace 2007-10-16 09:43:04 -07:00
rcupdate.c Clean up duplicate includes in kernel/ 2007-10-17 08:42:48 -07:00
rcutorture.c Make rcutorture RNG use temporal entropy 2007-10-17 08:42:53 -07:00
relay.c Fix a use after free bug in kernel->userspace relay file support 2007-07-31 15:39:42 -07:00
resource.c memory unplug: memory hotplug cleanup 2007-10-16 09:43:01 -07:00
rtmutex_common.h FUTEX: Tidy up the code 2007-07-16 09:05:49 -07:00
rtmutex-debug.c kernel/rtmutex-debug.c: cleanups 2007-10-17 08:42:50 -07:00
rtmutex-debug.h
rtmutex-tester.c Freezer: make kernel threads nonfreezable by default 2007-07-17 10:23:02 -07:00
rtmutex.c FUTEX: Tidy up the code 2007-07-16 09:05:49 -07:00
rtmutex.h
rwsem.c lockstat: hook into spinlock_t, rwlock_t, rwsem and mutex 2007-07-19 10:04:49 -07:00
sched_debug.c Make scheduler debug file operations const 2007-10-15 17:00:19 +02:00
sched_fair.c sched: fix new task startup crash 2007-10-17 16:55:11 +02:00
sched_idletask.c sched: mark scheduling classes as const 2007-10-15 17:00:12 +02:00
sched_rt.c sched: tidy up SCHED_RR 2007-10-15 17:00:13 +02:00
sched_stats.h sched: clean up schedstats, cnt -> count 2007-10-15 17:00:12 +02:00
sched.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-sched 2007-10-17 09:11:18 -07:00
seccomp.c make seccomp zerocost in schedule 2007-07-16 09:05:50 -07:00
signal.c freezer: do not send signals to kernel threads 2007-10-18 14:37:19 -07:00
softirq.c [KERNEL]: Unexport raise_softirq_irqoff 2007-10-10 16:49:18 -07:00
softlockup.c softlockup: add a /proc tuning parameter 2007-10-17 08:42:47 -07:00
spinlock.c lockstat: hook into spinlock_t, rwlock_t, rwsem and mutex 2007-07-19 10:04:49 -07:00
srcu.c [PATCH] SRCU: report out-of-memory errors 2006-10-04 07:55:30 -07:00
stacktrace.c
stop_machine.c Fix stop_machine_run problem with naughty real time process 2007-07-16 09:05:41 -07:00
sys_ni.c kernel/sys_ni.c: add dummy sys_ni_syscall() prototype 2007-10-17 08:42:55 -07:00
sys.c unexport pm_power_off_prepare 2007-10-18 14:37:19 -07:00
sysctl_check.c sysctl: Error on bad sysctl tables 2007-10-18 14:37:23 -07:00
sysctl.c sysctl: Error on bad sysctl tables 2007-10-18 14:37:23 -07:00
taskstats.c Clean up duplicate includes in kernel/ 2007-10-17 08:42:48 -07:00
time.c Fix discrepancy between VDSO based gettimeofday() and sys_gettimeofday(). 2007-10-18 14:37:20 -07:00
timer.c Pull ia64-clocksource into release branch 2007-07-20 11:26:47 -07:00
tsacct.c Cleanup non-arch xtime uses, use get_seconds() or current_kernel_time(). 2007-07-25 10:09:20 -07:00
uid16.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
user_namespace.c Fix user namespace exiting OOPs 2007-09-19 11:24:18 -07:00
user.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-sched 2007-10-17 09:11:18 -07:00
utsname_sysctl.c remove CONFIG_UTS_NS and CONFIG_IPC_NS 2007-07-16 09:05:47 -07:00
utsname.c Fix UTS corruption during clone(CLONE_NEWUTS) 2007-09-19 11:24:17 -07:00
wait.c Fix occurrences of "the the " 2007-05-09 08:57:56 +02:00
workqueue.c fix bogus hotplug cpu warning 2007-08-27 10:27:48 -07:00