sysctl: fix write access to dmesg_restrict/kptr_restrict (620f6e8e) · Commits · 戴 / test

Commit adds code to restrict access to dmesg_restrict, however, it incorrectly alters kptr_restrict rather than dmesg_restrict. The original patch from Richard Weinberger (https://lkml.org/lkml/2011/3/14/362 ) alters dmesg_restrict as expected, and so the patch seems to have been misapplied. This adds the CAP_SYS_ADMIN check to both dmesg_restrict and kptr_restrict, since both are sensitive. Reported-by:

Phillip Lougher <plougher@redhat.com> Signed-off-by:

Kees Cook <keescook@chromium.org> Acked-by:

Serge Hallyn <serge.hallyn@canonical.com> Acked-by:

Richard Weinberger <richard@nod.at> Cc: stable@vger.kernel.org Signed-off-by:

James Morris <james.l.morris@oracle.com>

kernel/sysctl.c

+4 −4

Original line number	Diff line number	Diff line
		@@ -170,7 +170,7 @@ static int proc_taint(struct ctl_table *table, int write,
		#endif

		#ifdef CONFIG_PRINTK
		static int proc_dmesg_restrict(struct ctl_table *table, int write,
		static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
		void __user buffer, size_t lenp, loff_t *ppos);
		#endif

		@@ -703,7 +703,7 @@ static struct ctl_table kern_table[] = {
		.data = &dmesg_restrict,
		.maxlen = sizeof(int),
		.mode = 0644,
		.proc_handler = proc_dointvec_minmax,
		.proc_handler = proc_dointvec_minmax_sysadmin,
		.extra1 = &zero,
		.extra2 = &one,
		},
		@@ -712,7 +712,7 @@ static struct ctl_table kern_table[] = {
		.data = &kptr_restrict,
		.maxlen = sizeof(int),
		.mode = 0644,
		.proc_handler = proc_dmesg_restrict,
		.proc_handler = proc_dointvec_minmax_sysadmin,
		.extra1 = &zero,
		.extra2 = &two,
		},
		@@ -1943,7 +1943,7 @@ static int proc_taint(struct ctl_table *table, int write,
		}

		#ifdef CONFIG_PRINTK
		static int proc_dmesg_restrict(struct ctl_table *table, int write,
		static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
		void __user buffer, size_t lenp, loff_t *ppos)
		{
		if (write && !capable(CAP_SYS_ADMIN))

Admin message