projects / thirdparty / kernel / stable-queue.git / blame
| Commit | Line | Data |
|---|---|---|
| 544566e1 GKH |
1 | From ben@decadent.org.uk Thu May 9 19:42:50 2019 |
| 2 | From: Ben Hutchings <ben@decadent.org.uk> | |
| 3 | Date: Tue, 7 May 2019 20:04:04 +0100 | |
| 4 | Subject: timer/debug: Change /proc/timer_stats from 0644 to 0600 | |
| 5 | To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Sasha Levin <sashal@kernel.org> | |
| 6 | Cc: stable@vger.kernel.org | |
| 7 | Message-ID: <20190507190404.ub43rr4iuvqfkbsq@decadent.org.uk> | |
| 8 | Content-Disposition: inline | |
| 9 | ||
| 10 | From: Ben Hutchings <ben@decadent.org.uk> | |
| 11 | ||
| 12 | The timer_stats facility should filter and translate PIDs if opened | |
| 13 | from a non-initial PID namespace, to avoid leaking information about | |
| 14 | the wider system. It should also not show kernel virtual addresses. | |
| 15 | Unfortunately it has now been removed upstream (as redundant) | |
| 16 | instead of being fixed. | |
| 17 | ||
| 18 | For stable, fix the leak by restricting access to root only. A | |
| 19 | similar change was already made for the /proc/timer_list file. | |
| 20 | ||
| 21 | Signed-off-by: Ben Hutchings <ben@decadent.org.uk> | |
| 22 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
| 23 | ||
| 24 | --- | |
| 25 | kernel/time/timer_stats.c | 2 +- | |
| 26 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
| 27 | ||
| 28 | --- a/kernel/time/timer_stats.c | |
| 29 | +++ b/kernel/time/timer_stats.c | |
| 30 | @@ -417,7 +417,7 @@ static int __init init_tstats_procfs(voi | |
| 31 | { | |
| 32 | struct proc_dir_entry *pe; | |
| 33 | ||
| 34 | - pe = proc_create("timer_stats", 0644, NULL, &tstats_fops); | |
| 35 | + pe = proc_create("timer_stats", 0600, NULL, &tstats_fops); | |
| 36 | if (!pe) | |
| 37 | return -ENOMEM; | |
| 38 | return 0; |