Skip to content

Commit 511fdb7

Browse files
torvaldstorvalds
committed
Merge branch 'x86-mtrr-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 mtrr updates from Ingo Molnar: "Two changes: restrict /proc/mtrr to CAP_SYS_ADMIN, plus a cleanup" * 'x86-mtrr-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mtrr: Require CAP_SYS_ADMIN for all access x86/mtrr: Get rid of mtrr_seq_show() forward declaration
2 parents 4d6245c + 4fc265a commit 511fdb7

File tree

1 file changed

+22
-41
lines changed
  • arch/x86/kernel/cpu/mtrr

1 file changed

+22
-41
lines changed

arch/x86/kernel/cpu/mtrr/if.c

Lines changed: 22 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -101,9 +101,6 @@ mtrr_write(struct file *file, const char __user *buf, size_t len, loff_t * ppos)
101101
int length;
102102
size_t linelen;
103103

104-
if (!capable(CAP_SYS_ADMIN))
105-
return -EPERM;
106-
107104
memset(line, 0, LINE_SIZE);
108105

109106
len = min_t(size_t, len, LINE_SIZE - 1);
@@ -226,8 +223,6 @@ mtrr_ioctl(struct file *file, unsigned int cmd, unsigned long __arg)
226223
#ifdef CONFIG_COMPAT
227224
case MTRRIOC32_ADD_ENTRY:
228225
#endif
229-
if (!capable(CAP_SYS_ADMIN))
230-
return -EPERM;
231226
err =
232227
mtrr_file_add(sentry.base, sentry.size, sentry.type, true,
233228
file, 0);
@@ -236,24 +231,18 @@ mtrr_ioctl(struct file *file, unsigned int cmd, unsigned long __arg)
236231
#ifdef CONFIG_COMPAT
237232
case MTRRIOC32_SET_ENTRY:
238233
#endif
239-
if (!capable(CAP_SYS_ADMIN))
240-
return -EPERM;
241234
err = mtrr_add(sentry.base, sentry.size, sentry.type, false);
242235
break;
243236
case MTRRIOC_DEL_ENTRY:
244237
#ifdef CONFIG_COMPAT
245238
case MTRRIOC32_DEL_ENTRY:
246239
#endif
247-
if (!capable(CAP_SYS_ADMIN))
248-
return -EPERM;
249240
err = mtrr_file_del(sentry.base, sentry.size, file, 0);
250241
break;
251242
case MTRRIOC_KILL_ENTRY:
252243
#ifdef CONFIG_COMPAT
253244
case MTRRIOC32_KILL_ENTRY:
254245
#endif
255-
if (!capable(CAP_SYS_ADMIN))
256-
return -EPERM;
257246
err = mtrr_del(-1, sentry.base, sentry.size);
258247
break;
259248
case MTRRIOC_GET_ENTRY:
@@ -279,8 +268,6 @@ mtrr_ioctl(struct file *file, unsigned int cmd, unsigned long __arg)
279268
#ifdef CONFIG_COMPAT
280269
case MTRRIOC32_ADD_PAGE_ENTRY:
281270
#endif
282-
if (!capable(CAP_SYS_ADMIN))
283-
return -EPERM;
284271
err =
285272
mtrr_file_add(sentry.base, sentry.size, sentry.type, true,
286273
file, 1);
@@ -289,25 +276,19 @@ mtrr_ioctl(struct file *file, unsigned int cmd, unsigned long __arg)
289276
#ifdef CONFIG_COMPAT
290277
case MTRRIOC32_SET_PAGE_ENTRY:
291278
#endif
292-
if (!capable(CAP_SYS_ADMIN))
293-
return -EPERM;
294279
err =
295280
mtrr_add_page(sentry.base, sentry.size, sentry.type, false);
296281
break;
297282
case MTRRIOC_DEL_PAGE_ENTRY:
298283
#ifdef CONFIG_COMPAT
299284
case MTRRIOC32_DEL_PAGE_ENTRY:
300285
#endif
301-
if (!capable(CAP_SYS_ADMIN))
302-
return -EPERM;
303286
err = mtrr_file_del(sentry.base, sentry.size, file, 1);
304287
break;
305288
case MTRRIOC_KILL_PAGE_ENTRY:
306289
#ifdef CONFIG_COMPAT
307290
case MTRRIOC32_KILL_PAGE_ENTRY:
308291
#endif
309-
if (!capable(CAP_SYS_ADMIN))
310-
return -EPERM;
311292
err = mtrr_del_page(-1, sentry.base, sentry.size);
312293
break;
313294
case MTRRIOC_GET_PAGE_ENTRY:
@@ -373,28 +354,6 @@ static int mtrr_close(struct inode *ino, struct file *file)
373354
return single_release(ino, file);
374355
}
375356

376-
static int mtrr_seq_show(struct seq_file *seq, void *offset);
377-
378-
static int mtrr_open(struct inode *inode, struct file *file)
379-
{
380-
if (!mtrr_if)
381-
return -EIO;
382-
if (!mtrr_if->get)
383-
return -ENXIO;
384-
return single_open(file, mtrr_seq_show, NULL);
385-
}
386-
387-
static const struct file_operations mtrr_fops = {
388-
.owner = THIS_MODULE,
389-
.open = mtrr_open,
390-
.read = seq_read,
391-
.llseek = seq_lseek,
392-
.write = mtrr_write,
393-
.unlocked_ioctl = mtrr_ioctl,
394-
.compat_ioctl = mtrr_ioctl,
395-
.release = mtrr_close,
396-
};
397-
398357
static int mtrr_seq_show(struct seq_file *seq, void *offset)
399358
{
400359
char factor;
@@ -426,6 +385,28 @@ static int mtrr_seq_show(struct seq_file *seq, void *offset)
426385
return 0;
427386
}
428387

388+
static int mtrr_open(struct inode *inode, struct file *file)
389+
{
390+
if (!mtrr_if)
391+
return -EIO;
392+
if (!mtrr_if->get)
393+
return -ENXIO;
394+
if (!capable(CAP_SYS_ADMIN))
395+
return -EPERM;
396+
return single_open(file, mtrr_seq_show, NULL);
397+
}
398+
399+
static const struct file_operations mtrr_fops = {
400+
.owner = THIS_MODULE,
401+
.open = mtrr_open,
402+
.read = seq_read,
403+
.llseek = seq_lseek,
404+
.write = mtrr_write,
405+
.unlocked_ioctl = mtrr_ioctl,
406+
.compat_ioctl = mtrr_ioctl,
407+
.release = mtrr_close,
408+
};
409+
429410
static int __init mtrr_if_init(void)
430411
{
431412
struct cpuinfo_x86 *c = &boot_cpu_data;

0 commit comments

Comments
 (0)