* [PATCH] check permission in ->open for /proc/sys/
@ 2003-09-23 14:51 Christoph Hellwig
0 siblings, 0 replies; only message in thread
From: Christoph Hellwig @ 2003-09-23 14:51 UTC (permalink / raw)
To: akpm; +Cc: viro, linux-kernel
It's the only abuse of proc_iops left (escept the totally b0rked comx
driver). The patch is from Al, I just forward-ported it from 2.4.
--- 1.53/kernel/sysctl.c Tue Sep 9 02:08:58 2003
+++ edited/kernel/sysctl.c Tue Sep 23 15:29:35 2003
@@ -136,17 +136,14 @@
static ssize_t proc_readsys(struct file *, char __user *, size_t, loff_t *);
static ssize_t proc_writesys(struct file *, const char __user *, size_t, loff_t *);
-static int proc_sys_permission(struct inode *, int, struct nameidata *);
+static int proc_opensys(struct inode *, struct file *);
struct file_operations proc_sys_file_operations = {
+ .open = proc_opensys,
.read = proc_readsys,
.write = proc_writesys,
};
-static struct inode_operations proc_sys_inode_operations = {
- .permission = proc_sys_permission,
-};
-
extern struct proc_dir_entry *proc_sys_root;
static void register_proc_table(ctl_table *, struct proc_dir_entry *);
@@ -1140,10 +1137,8 @@
if (!de)
continue;
de->data = (void *) table;
- if (table->proc_handler) {
+ if (table->proc_handler)
de->proc_fops = &proc_sys_file_operations;
- de->proc_iops = &proc_sys_inode_operations;
- }
}
table->de = de;
if (de->mode & S_IFDIR)
@@ -1212,6 +1207,20 @@
return res;
}
+static int proc_opensys(struct inode *inode, struct file *file)
+{
+ if (file->f_mode & FMODE_WRITE) {
+ /*
+ * sysctl entries that are not writable,
+ * are _NOT_ writable, capabilities or not.
+ */
+ if (!(inode->i_mode & S_IWUSR))
+ return -EPERM;
+ }
+
+ return 0;
+}
+
static ssize_t proc_readsys(struct file * file, char __user * buf,
size_t count, loff_t *ppos)
{
@@ -1222,11 +1231,6 @@
size_t count, loff_t *ppos)
{
return do_rw_proc(1, file, (char __user *) buf, count, ppos);
-}
-
-static int proc_sys_permission(struct inode *inode, int op, struct nameidata *nd)
-{
- return test_perm(inode->i_mode, op);
}
/**
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-09-23 14:51 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-09-23 14:51 [PATCH] check permission in ->open for /proc/sys/ Christoph Hellwig
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).