Commit d6a624ee authored by Linus Torvalds's avatar Linus Torvalds

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security layer fixlet from James Morris.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  sysctl: fix write access to dmesg_restrict/kptr_restrict
parents f21fec96 620f6e8e
...@@ -170,7 +170,7 @@ static int proc_taint(struct ctl_table *table, int write, ...@@ -170,7 +170,7 @@ static int proc_taint(struct ctl_table *table, int write,
#endif #endif
#ifdef CONFIG_PRINTK #ifdef CONFIG_PRINTK
static int proc_dmesg_restrict(struct ctl_table *table, int write, static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos); void __user *buffer, size_t *lenp, loff_t *ppos);
#endif #endif
...@@ -703,7 +703,7 @@ static struct ctl_table kern_table[] = { ...@@ -703,7 +703,7 @@ static struct ctl_table kern_table[] = {
.data = &dmesg_restrict, .data = &dmesg_restrict,
.maxlen = sizeof(int), .maxlen = sizeof(int),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec_minmax, .proc_handler = proc_dointvec_minmax_sysadmin,
.extra1 = &zero, .extra1 = &zero,
.extra2 = &one, .extra2 = &one,
}, },
...@@ -712,7 +712,7 @@ static struct ctl_table kern_table[] = { ...@@ -712,7 +712,7 @@ static struct ctl_table kern_table[] = {
.data = &kptr_restrict, .data = &kptr_restrict,
.maxlen = sizeof(int), .maxlen = sizeof(int),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dmesg_restrict, .proc_handler = proc_dointvec_minmax_sysadmin,
.extra1 = &zero, .extra1 = &zero,
.extra2 = &two, .extra2 = &two,
}, },
...@@ -1943,7 +1943,7 @@ static int proc_taint(struct ctl_table *table, int write, ...@@ -1943,7 +1943,7 @@ static int proc_taint(struct ctl_table *table, int write,
} }
#ifdef CONFIG_PRINTK #ifdef CONFIG_PRINTK
static int proc_dmesg_restrict(struct ctl_table *table, int write, static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos) void __user *buffer, size_t *lenp, loff_t *ppos)
{ {
if (write && !capable(CAP_SYS_ADMIN)) if (write && !capable(CAP_SYS_ADMIN))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment