| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 05 May 2018 08:09:42 -0500
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Christoph Hellwig <hch@....de>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Alexey Dobriyan <adobriyan@...il.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jiri Slaby <jslaby@...e.com>,
Alessandro Zummo <a.zummo@...ertech.it>,
Alexandre Belloni <alexandre.belloni@...tlin.com>,
linux-acpi@...r.kernel.org, drbd-dev@...ts.linbit.com,
linux-ide@...r.kernel.org, netdev@...r.kernel.org,
linux-rtc@...r.kernel.org, megaraidlinux.pdl@...adcom.com,
linux-scsi@...r.kernel.org, devel@...verdev.osuosl.org,
linux-afs@...ts.infradead.org, linux-ext4@...r.kernel.org,
jfs-discussion@...ts.sourceforge.net,
netfilter-devel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 38/40] ide: remove ide_driver_proc_write
Christoph Hellwig <hch@....de> writes:
> The driver proc file hasn't been writeable for a long time, so this is
> just dead code.
It is possible to chmod this file to get at the write method. Not that
I think anyone does.
It looks like this code was merged in 2.3.99-pre1 with permissions
S_IFREG|S_IRUGO so I don't think the write support was ever finished.
That cap_capable in the write method looks down right scary/buggy.
Acked-by: "Eric W. Biederman" <ebiederm@...ssion.com>
Eric
>
> Signed-off-by: Christoph Hellwig <hch@....de>
> ---
> drivers/ide/ide-proc.c | 46 ------------------------------------------
> 1 file changed, 46 deletions(-)
>
> diff --git a/drivers/ide/ide-proc.c b/drivers/ide/ide-proc.c
> index 863db44c7916..b3b8b8822d6a 100644
> --- a/drivers/ide/ide-proc.c
> +++ b/drivers/ide/ide-proc.c
> @@ -528,58 +528,12 @@ static int ide_driver_proc_open(struct inode *inode, struct file *file)
> return single_open(file, ide_driver_proc_show, PDE_DATA(inode));
> }
>
> -static int ide_replace_subdriver(ide_drive_t *drive, const char *driver)
> -{
> - struct device *dev = &drive->gendev;
> - int ret = 1;
> - int err;
> -
> - device_release_driver(dev);
> - /* FIXME: device can still be in use by previous driver */
> - strlcpy(drive->driver_req, driver, sizeof(drive->driver_req));
> - err = device_attach(dev);
> - if (err < 0)
> - printk(KERN_WARNING "IDE: %s: device_attach error: %d\n",
> - __func__, err);
> - drive->driver_req[0] = 0;
> - if (dev->driver == NULL) {
> - err = device_attach(dev);
> - if (err < 0)
> - printk(KERN_WARNING
> - "IDE: %s: device_attach(2) error: %d\n",
> - __func__, err);
> - }
> - if (dev->driver && !strcmp(dev->driver->name, driver))
> - ret = 0;
> -
> - return ret;
> -}
> -
> -static ssize_t ide_driver_proc_write(struct file *file, const char __user *buffer,
> - size_t count, loff_t *pos)
> -{
> - ide_drive_t *drive = PDE_DATA(file_inode(file));
> - char name[32];
> -
> - if (!capable(CAP_SYS_ADMIN))
> - return -EACCES;
> - if (count > 31)
> - count = 31;
> - if (copy_from_user(name, buffer, count))
> - return -EFAULT;
> - name[count] = '\0';
> - if (ide_replace_subdriver(drive, name))
> - return -EINVAL;
> - return count;
> -}
> -
> static const struct file_operations ide_driver_proc_fops = {
> .owner = THIS_MODULE,
> .open = ide_driver_proc_open,
> .read = seq_read,
> .llseek = seq_lseek,
> .release = single_release,
> - .write = ide_driver_proc_write,
> };
>
> static int ide_media_proc_show(struct seq_file *m, void *v)
Powered by blists - more mailing lists