]> git.proxmox.com Git - mirror_ubuntu-eoan-kernel.git/commit
kernfs, sysfs, cgroup: restrict extra perm check on open to sysfs
authorTejun Heo <tj@kernel.org>
Mon, 12 May 2014 17:56:27 +0000 (13:56 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 13 May 2014 11:21:40 +0000 (13:21 +0200)
commit555724a831b4a146e7bdf16ecc989cda032b076d
tree10e1c1b0a15af7bdaa01e6c3e86ecf642403afd4
parentd1db0eea852497762cab43b905b879dfcd3b8987
kernfs, sysfs, cgroup: restrict extra perm check on open to sysfs

The kernfs open method - kernfs_fop_open() - inherited extra
permission checks from sysfs.  While the vfs layer allows ignoring the
read/write permissions checks if the issuer has CAP_DAC_OVERRIDE,
sysfs explicitly denied open regardless of the cap if the file doesn't
have any of the UGO perms of the requested access or doesn't implement
the requested operation.  It can be debated whether this was a good
idea or not but the behavior is too subtle and dangerous to change at
this point.

After cgroup got converted to kernfs, this extra perm check also got
applied to cgroup breaking libcgroup which opens write-only files with
O_RDWR as root.  This patch gates the extra open permission check with
a new flag KERNFS_ROOT_EXTRA_OPEN_PERM_CHECK and enables it for sysfs.
For sysfs, nothing changes.  For cgroup, root now can perform any
operation regardless of the permissions as it was before kernfs
conversion.  Note that kernfs still fails unimplemented operations
with -EINVAL.

While at it, add comments explaining KERNFS_ROOT flags.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Andrey Wagin <avagin@gmail.com>
Tested-by: Andrey Wagin <avagin@gmail.com>
Cc: Li Zefan <lizefan@huawei.com>
References: http://lkml.kernel.org/g/CANaxB-xUm3rJ-Cbp72q-rQJO5mZe1qK6qXsQM=vh0U8upJ44+A@mail.gmail.com
Fixes: 2bd59d48ebfb ("cgroup: convert to kernfs")
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/kernfs/file.c
fs/sysfs/mount.c
include/linux/kernfs.h