From nobody Tue Jun 23 17:23:08 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 310E4C433F5 for ; Wed, 2 Mar 2022 02:05:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239029AbiCBCGV (ORCPT ); Tue, 1 Mar 2022 21:06:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55312 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232069AbiCBCGR (ORCPT ); Tue, 1 Mar 2022 21:06:17 -0500 Received: from szxga08-in.huawei.com (szxga08-in.huawei.com [45.249.212.255]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B2B19A41A3; Tue, 1 Mar 2022 18:05:34 -0800 (PST) Received: from dggeme762-chm.china.huawei.com (unknown [172.30.72.55]) by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4K7clG14X2z1GC1j; Wed, 2 Mar 2022 10:00:26 +0800 (CST) Received: from linux-suse12sp5.huawei.com (10.67.133.175) by dggeme762-chm.china.huawei.com (10.3.19.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.21; Wed, 2 Mar 2022 10:05:05 +0800 From: Yan Zhu To: CC: , , , , , , , , , , , , , , , , , , Subject: [PATCH v3 sysctl-next] bpf: move bpf sysctls from kernel/sysctl.c to bpf module Date: Wed, 2 Mar 2022 10:04:12 +0800 Message-ID: <20220302020412.128772-1-zhuyan34@huawei.com> X-Mailer: git-send-email 2.12.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.67.133.175] X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To dggeme762-chm.china.huawei.com (10.3.19.108) X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We're moving sysctls out of kernel/sysctl.c as its a mess. We already moved all filesystem sysctls out. And with time the goal is to move all sysctls out to their own susbsystem/actual user. kernel/sysctl.c has grown to an insane mess and its easy to run into conflicts with it. The effort to move them out is part of this. Signed-off-by: Yan Zhu --- v1->v2: 1.Added patch branch identifier sysctl-next. 2.Re-describe the reason for the patch submission. v2->v3: Re-describe the reason for the patch submission. --- kernel/bpf/syscall.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++++= ++++ kernel/sysctl.c | 71 ---------------------------------------------- 2 files changed, 80 insertions(+), 71 deletions(-) diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 35646db3d950..50f85b47d478 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -4888,3 +4888,83 @@ const struct bpf_verifier_ops bpf_syscall_verifier_o= ps =3D { const struct bpf_prog_ops bpf_syscall_prog_ops =3D { .test_run =3D bpf_prog_test_run_syscall, }; + +#ifdef CONFIG_SYSCTL +static int bpf_stats_handler(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + struct static_key *key =3D (struct static_key *)table->data; + static int saved_val; + int val, ret; + struct ctl_table tmp =3D { + .data =3D &val, + .maxlen =3D sizeof(val), + .mode =3D table->mode, + .extra1 =3D SYSCTL_ZERO, + .extra2 =3D SYSCTL_ONE, + }; + + if (write && !capable(CAP_SYS_ADMIN)) + return -EPERM; + + mutex_lock(&bpf_stats_enabled_mutex); + val =3D saved_val; + ret =3D proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); + if (write && !ret && val !=3D saved_val) { + if (val) + static_key_slow_inc(key); + else + static_key_slow_dec(key); + saved_val =3D val; + } + mutex_unlock(&bpf_stats_enabled_mutex); + return ret; +} + +static int bpf_unpriv_handler(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + int ret, unpriv_enable =3D *(int *)table->data; + bool locked_state =3D unpriv_enable =3D=3D 1; + struct ctl_table tmp =3D *table; + + if (write && !capable(CAP_SYS_ADMIN)) + return -EPERM; + + tmp.data =3D &unpriv_enable; + ret =3D proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); + if (write && !ret) { + if (locked_state && unpriv_enable !=3D 1) + return -EPERM; + *(int *)table->data =3D unpriv_enable; + } + return ret; +} + +static struct ctl_table bpf_syscall_table[] =3D { + { + .procname =3D "unprivileged_bpf_disabled", + .data =3D &sysctl_unprivileged_bpf_disabled, + .maxlen =3D sizeof(sysctl_unprivileged_bpf_disabled), + .mode =3D 0644, + .proc_handler =3D bpf_unpriv_handler, + .extra1 =3D SYSCTL_ZERO, + .extra2 =3D SYSCTL_TWO, + }, + { + .procname =3D "bpf_stats_enabled", + .data =3D &bpf_stats_enabled_key.key, + .maxlen =3D sizeof(bpf_stats_enabled_key), + .mode =3D 0644, + .proc_handler =3D bpf_stats_handler, + }, + { } +}; + +static int __init bpf_syscall_sysctl_init(void) +{ + register_sysctl_init("kernel", bpf_syscall_table); + return 0; +} +late_initcall(bpf_syscall_sysctl_init); +#endif /* CONFIG_SYSCTL */ diff --git a/kernel/sysctl.c b/kernel/sysctl.c index ae5e59396b5d..c64db3755d9c 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -146,59 +146,6 @@ static const int max_extfrag_threshold =3D 1000; =20 #endif /* CONFIG_SYSCTL */ =20 -#if defined(CONFIG_BPF_SYSCALL) && defined(CONFIG_SYSCTL) -static int bpf_stats_handler(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - struct static_key *key =3D (struct static_key *)table->data; - static int saved_val; - int val, ret; - struct ctl_table tmp =3D { - .data =3D &val, - .maxlen =3D sizeof(val), - .mode =3D table->mode, - .extra1 =3D SYSCTL_ZERO, - .extra2 =3D SYSCTL_ONE, - }; - - if (write && !capable(CAP_SYS_ADMIN)) - return -EPERM; - - mutex_lock(&bpf_stats_enabled_mutex); - val =3D saved_val; - ret =3D proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); - if (write && !ret && val !=3D saved_val) { - if (val) - static_key_slow_inc(key); - else - static_key_slow_dec(key); - saved_val =3D val; - } - mutex_unlock(&bpf_stats_enabled_mutex); - return ret; -} - -static int bpf_unpriv_handler(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - int ret, unpriv_enable =3D *(int *)table->data; - bool locked_state =3D unpriv_enable =3D=3D 1; - struct ctl_table tmp =3D *table; - - if (write && !capable(CAP_SYS_ADMIN)) - return -EPERM; - - tmp.data =3D &unpriv_enable; - ret =3D proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); - if (write && !ret) { - if (locked_state && unpriv_enable !=3D 1) - return -EPERM; - *(int *)table->data =3D unpriv_enable; - } - return ret; -} -#endif /* CONFIG_BPF_SYSCALL && CONFIG_SYSCTL */ - /* * /proc/sys support */ @@ -2188,24 +2135,6 @@ static struct ctl_table kern_table[] =3D { .extra2 =3D SYSCTL_ONE, }, #endif -#ifdef CONFIG_BPF_SYSCALL - { - .procname =3D "unprivileged_bpf_disabled", - .data =3D &sysctl_unprivileged_bpf_disabled, - .maxlen =3D sizeof(sysctl_unprivileged_bpf_disabled), - .mode =3D 0644, - .proc_handler =3D bpf_unpriv_handler, - .extra1 =3D SYSCTL_ZERO, - .extra2 =3D SYSCTL_TWO, - }, - { - .procname =3D "bpf_stats_enabled", - .data =3D &bpf_stats_enabled_key.key, - .maxlen =3D sizeof(bpf_stats_enabled_key), - .mode =3D 0644, - .proc_handler =3D bpf_stats_handler, - }, -#endif #if defined(CONFIG_TREE_RCU) { .procname =3D "panic_on_rcu_stall", --=20 2.12.3