[PATCH] check permission in ->open for /proc/sys/

From: Christoph Hellwig <hch@lst.de> It's the only abuse of proc_iops left (except the totally b0rked comx driver). The patch is from Al, I just forward-ported it from 2.4. Background: struct proc_dir_entry has a struct inode_operations *proc_iops member, it's from Linux's stoneage and used internally by procfs to assign either the link or directory inode ops. Unfortunately some drivers started to abuse it do do bad things like create on lookup (that's the comx thingy which relies on unexported symbols and thus is broken for modular builds since mid-2.3) or various ->permission tricks (all gone by now). After this patch is gone I have another one that kills proc_iops and just uses a normal conditional inside procfs to assign the right one directly.

[PATCH] check permission in ->open for /proc/sys/
From: Christoph Hellwig <hch@lst.de> It's the only abuse of proc_iops left (except the totally b0rked comx driver). The patch is from Al, I just forward-ported it from 2.4. Background: struct proc_dir_entry has a struct inode_operations *proc_iops member, it's from Linux's stoneage and used internally by procfs to assign either the link or directory inode ops. Unfortunately some drivers started to abuse it do do bad things like create on lookup (that's the comx thingy which relies on unexported symbols and thus is broken for modular builds since mid-2.3) or various ->permission tricks (all gone by now). After this patch is gone I have another one that kills proc_iops and just uses a normal conditional inside procfs to assign the right one directly.
dc5f46be · Andrew Morton · Linus Torvalds · 206a70f2 · dc5f46be
Commit dc5f46be authored Oct 01, 2003 by Andrew Morton Committed by Linus Torvalds Oct 01, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 13 deletions

kernel/sysctl.c kernel/sysctl.c +17 -13

No files found.
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -137,17 +137,14 @@ extern ctl_table random_table[];

 static ssize_t proc_readsys(struct file *, char __user *, size_t, loff_t *);
 static ssize_t proc_writesys(struct file *, const char __user *, size_t, loff_t *);
-static int proc_sys_permission(struct inode *, int, struct nameidata *);
+static int proc_opensys(struct inode *, struct file *);

 struct file_operations proc_sys_file_operations = {
+	.open		= proc_opensys,
 	.read		= proc_readsys,
 	.write		= proc_writesys,
 };

-static struct inode_operations proc_sys_inode_operations = {
-	.permission	= proc_sys_permission,
-};
-
 extern struct proc_dir_entry *proc_sys_root;

 static void register_proc_table(ctl_table *, struct proc_dir_entry *);
@@ -1141,10 +1138,8 @@ static void register_proc_table(ctl_table * table, struct proc_dir_entry *root)
 			if (!de)
 				continue;
 			de->data = (void *) table;
-			if (table->proc_handler) {
+			if (table->proc_handler)
 				de->proc_fops = &proc_sys_file_operations;
-				de->proc_iops = &proc_sys_inode_operations;
-			}
 		}
 		table->de = de;
 		if (de->mode & S_IFDIR)
@@ -1213,6 +1208,20 @@ static ssize_t do_rw_proc(int write, struct file * file, char __user * buf,
 	return res;
 }

+static int proc_opensys(struct inode *inode, struct file *file)
+{
+	if (file->f_mode & FMODE_WRITE) {
+		/*
+		 * sysctl entries that are not writable,
+		 * are _NOT_ writable, capabilities or not.
+		 */
+		if (!(inode->i_mode & S_IWUSR))
+			return -EPERM;
+	}
+
+	return 0;
+}
+
 static ssize_t proc_readsys(struct file * file, char __user * buf,
 			    size_t count, loff_t *ppos)
 {
@@ -1225,11 +1234,6 @@ static ssize_t proc_writesys(struct file * file, const char __user * buf,
 	return do_rw_proc(1, file, (char __user *) buf, count, ppos);
 }

-static int proc_sys_permission(struct inode *inode, int op, struct nameidata *nd)
-{
-	return test_perm(inode->i_mode, op);
-}
-
 /**
 * proc_dostring - read a string sysctl
 * @table: the sysctl table