]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blobdiff - kernel/printk.c
projects / mirror_ubuntu-bionic-kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
capabilities/syslog: open code cap_syslog logic to fix build failure
[mirror_ubuntu-bionic-kernel.git] / kernel / printk.c
diff --git a/kernel/printk.c b/kernel/printk.c
index 38e7d5868d60ccdfc8f13176f6021a4a712cdee1..9a2264fc42cafac30d9264d569e4e673e9617f19 100644 (file)
--- a/kernel/printk.c
+++ b/kernel/printk.c
@@ -274,7 +274,20 @@ int do_syslog(int type, char __user *buf, int len, bool from_file)
        char c;
        int error = 0;
 
-       error = security_syslog(type, from_file);
+       /*
+        * If this is from /proc/kmsg we only do the capabilities checks
+        * at open time.
+        */
+       if (type == SYSLOG_ACTION_OPEN || !from_file) {
+               if (dmesg_restrict && !capable(CAP_SYS_ADMIN))
+                       return -EPERM;
+               if ((type != SYSLOG_ACTION_READ_ALL &&
+                    type != SYSLOG_ACTION_SIZE_BUFFER) &&
+                   !capable(CAP_SYS_ADMIN))
+                       return -EPERM;
+       }
+
+       error = security_syslog(type);
        if (error)
                return error;
 
ubuntu-bionic-kernel mirror