Re: [PATCH] sysctl: Deprecate sys_sysctl in a user space visible fashion.

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Rob Landley <rob@landley.net>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andi Kleen <andi@firstfloor.org>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Christoph Hellwig <hch@infradead.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH] sysctl: Deprecate sys_sysctl in a user space visible fashion.
Date: Sun, 2 Sep 2007 06:05:00 -0500	[thread overview]
Message-ID: <200709020605.00782.rob@landley.net> (raw)
In-Reply-To: <46DA7A4C.6080501@zytor.com>

On Sunday 02 September 2007 3:54:36 am H. Peter Anvin wrote:
> Rob Landley wrote:
> > On Saturday 01 September 2007 5:16:03 pm Andi Kleen wrote:
> >> Rob Landley <rob@landley.net> writes:
> >>> A lot of embedded people like to configure /proc out of the kernel for
> >>> space reasons.  This would make that noticeably more painful.
> >>
> >> I had a patch for a sysctl_name(2) for this a long time ago.
> >> If it was a serious issue that could be reintroduced.
> >>
> >> BTW sysctl(2) only needs to be quiet for a single sysctl used
> >> by glibc.
> >>
> >> -Andi
> >
> > Yeah, I found it:
> > http://lkml.org/lkml/2003/7/10/345
> >
> > I think that if /proc/sys could be broken out as a separate filesystem,
> > and it was small and simple, the embedded people would probably be happy.
> >  Is your patch significantly smaller than such a filesystem would be? 
> > (Keeping in mind that the smallest thing you can do is run from
> > initramfs, and I think that's pulling in libfs already...)
>
> IMO, the big problem with /proc/sys (and, for that matter, /sys) is
> mainly that they have to live in the process namespace, which is highly
> awkward when one uses chroot().
>
> One way to solve *that* might be a system call to get a file descriptor
> to the root of sysfs or procsysfs which can be used with openat().  That
> has its own perils, of course...

If you're going to add a new api, you might as well go with the sysctl-by-name 
patch above, which looks reasonably small and simple to me from a very quick 
glance at a 2.6.0-era patch.

The advantage of breaking /proc/sys into a separate filesystem doesn't 
introduce a new API (although possibly a new line in the init scripts), so 
existing software doesn't have to change to use it, which is good.  It 
increases orthogonality and granularity, which embedded guys like me are 
generally in favor of. :)

On the other hand, if you're adding a system call to get a file descriptor to 
an arbitrary superblock you can then openat...  How do you refer to said 
superblock?  (Perhaps invent a "volume" syntax for all the superblocks, ala 
the amiga?  Do the /proc and /sys superblocks exist if nobody's mounted them 
yet?  Yes the open could instantiate them, but I'm wondering about the "list 
available filesystems that aren't in your namespace" and the security fun 
from that.  Presumably this is doable as non-root, because if you're root you 
can just mount /proc and /sys and go from there...)

You could also special case "mount" so that if you try to mount sysfs on /sys 
or proc on /proc (and they're not already mount points) you don't need to be 
root.  Seems a bit evil, though...

> 	-hpa

Rob
-- 
"One of my most productive days was throwing away 1000 lines of code."
  - Ken Thompson.

next prev parent reply	other threads:[~2007-09-02 11:05 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-08-28 22:40 [PATCH] sysctl: Deprecate sys_sysctl in a user space visible fashion Eric W. Biederman
2007-08-28 23:04 ` Christoph Hellwig
2007-08-28 23:53   ` Eric W. Biederman
2007-08-29  1:31     ` H. Peter Anvin
2007-08-29  1:56       ` Eric W. Biederman
2007-08-29 10:46         ` Alan Cox
2007-08-29 17:16           ` Eric W. Biederman
2007-08-29 17:28             ` H. Peter Anvin
2007-08-29 19:00               ` Eric W. Biederman
2007-08-30 12:13                 ` Theodore Tso
2007-08-30 13:20             ` David Newall
2007-08-30 17:40               ` Eric W. Biederman
2007-08-29 22:51           ` Andrew Morton
2007-08-30 19:32       ` Rob Landley
2007-08-30 18:34         ` Christoph Hellwig
2007-08-30 18:57           ` Eric W. Biederman
2007-08-30 23:22           ` Rob Landley
2007-09-01 22:16         ` Andi Kleen
2007-09-02  8:44           ` Rob Landley
2007-09-02  8:54             ` H. Peter Anvin
2007-09-02 11:05               ` Rob Landley [this message]
2007-09-02 19:56                 ` Eric W. Biederman
2007-09-02 20:00                   ` Al Viro
2007-09-02 21:51                     ` Eric W. Biederman
2007-09-03  8:37                     ` Andi Kleen
2007-09-03  9:16                       ` Al Viro
2007-08-29  4:49   ` Andrew Morton
2007-08-30 18:56     ` Jan Engelhardt
2007-08-29  4:49 ` Andrew Morton
2007-08-29  5:24   ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200709020605.00782.rob@landley.net \
    --to=rob@landley.net \
    --cc=akpm@linux-foundation.org \
    --cc=andi@firstfloor.org \
    --cc=ebiederm@xmission.com \
    --cc=hch@infradead.org \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox