FROMLIST: Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps"
This reverts commit 68c4a4f8ab, with
various conflict clean-ups.
With the default root directory mode set to 0750 now, the capability
check was redundant.
Bug: 64503253
Change-Id: Ia361706f70eb691ebb8f7a41359ceb91c8495910
Suggested-by: Nick Kralevich <nnk@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Siqi Lin <siqilin@google.com>
Reviewed-by: Petr Mladek <pmladek@suse.cz>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
(am from https://patchwork.kernel.org/patch/9894575/)
This commit is contained in:
Kees Cook
Timi
parent
770519f0c0
commit
733bcbafab
3 changed files with 1 additions and 33 deletions
|
|
@ -36,7 +36,6 @@
|
|||
#include <linux/slab.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/uaccess.h>
|
||||
#include <linux/syslog.h>
|
||||
#include <linux/vmalloc.h>
|
||||
|
||||
#include "internal.h"
|
||||
|
|
@ -122,18 +121,6 @@ static const struct seq_operations pstore_ftrace_seq_ops = {
|
|||
.show = pstore_ftrace_seq_show,
|
||||
};
|
||||
|
||||
static int pstore_check_syslog_permissions(struct pstore_private *ps)
|
||||
{
|
||||
switch (ps->type) {
|
||||
case PSTORE_TYPE_DMESG:
|
||||
case PSTORE_TYPE_CONSOLE:
|
||||
return check_syslog_permissions(SYSLOG_ACTION_READ_ALL,
|
||||
SYSLOG_FROM_READER);
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
static ssize_t pstore_file_read(struct file *file, char __user *userbuf,
|
||||
size_t count, loff_t *ppos)
|
||||
{
|
||||
|
|
@ -152,10 +139,6 @@ static int pstore_file_open(struct inode *inode, struct file *file)
|
|||
int err;
|
||||
const struct seq_operations *sops = NULL;
|
||||
|
||||
err = pstore_check_syslog_permissions(ps);
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
if (ps->type == PSTORE_TYPE_FTRACE)
|
||||
sops = &pstore_ftrace_seq_ops;
|
||||
|
||||
|
|
@ -193,11 +176,6 @@ static const struct file_operations pstore_file_operations = {
|
|||
static int pstore_unlink(struct inode *dir, struct dentry *dentry)
|
||||
{
|
||||
struct pstore_private *p = d_inode(dentry)->i_private;
|
||||
int err;
|
||||
|
||||
err = pstore_check_syslog_permissions(p);
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
if (p->psi->erase)
|
||||
p->psi->erase(p->type, p->id, p->count,
|
||||
|
|
|
|||
|
|
@ -49,13 +49,4 @@
|
|||
|
||||
int do_syslog(int type, char __user *buf, int count, int source);
|
||||
|
||||
#ifdef CONFIG_PRINTK
|
||||
int check_syslog_permissions(int type, int source);
|
||||
#else
|
||||
static inline int check_syslog_permissions(int type, int source)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* _LINUX_SYSLOG_H */
|
||||
|
|
|
|||
|
|
@ -515,7 +515,7 @@ static int syslog_action_restricted(int type)
|
|||
type != SYSLOG_ACTION_SIZE_BUFFER;
|
||||
}
|
||||
|
||||
int check_syslog_permissions(int type, int source)
|
||||
static int check_syslog_permissions(int type, int source)
|
||||
{
|
||||
/*
|
||||
* If this is from /proc/kmsg and we've already opened it, then we've
|
||||
|
|
@ -543,7 +543,6 @@ int check_syslog_permissions(int type, int source)
|
|||
ok:
|
||||
return security_syslog(type);
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(check_syslog_permissions);
|
||||
|
||||
static void append_char(char **pp, char *e, char c)
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue