From ff29530e651a3449aea6b0ef4c7048db9e22ef27 Mon Sep 17 00:00:00 2001 From: Alex Williamson Date: Wed, 5 Jan 2011 10:26:41 -0700 Subject: PCI: sysfs: Update ROM to include default owner write access The PCI sysfs ROM interface requires an enabling write to access the ROM image, but the default file mode is 0400. The original proposed patch adding sysfs ROM support was a true read-only interface, with the enabling bit coming in as a feature request. I suspect it was simply an oversight that the file mode didn't get updated to match the API. Acked-by: Chris Wright Signed-off-by: Alex Williamson Signed-off-by: Jesse Barnes --- drivers/pci/pci-sysfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'drivers/pci/pci-sysfs.c') diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index 63d5042..8ecaac9 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -1149,7 +1149,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) sysfs_bin_attr_init(attr); attr->size = rom_size; attr->attr.name = "rom"; - attr->attr.mode = S_IRUSR; + attr->attr.mode = S_IRUSR | S_IWUSR; attr->read = pci_read_rom; attr->write = pci_write_rom; retval = sysfs_create_bin_file(&pdev->dev.kobj, attr); -- cgit v1.1 From 47970b1b2aa64464bc0a9543e86361a622ae7c03 Mon Sep 17 00:00:00 2001 From: Chris Wright Date: Thu, 10 Feb 2011 15:58:56 -0800 Subject: pci: use security_capable() when checking capablities during config space read Eric Paris noted that commit de139a3 ("pci: check caps from sysfs file open to read device dependent config space") caused the capability check to bypass security modules and potentially auditing. Rectify this by calling security_capable() when checking the open file's capabilities for config space reads. Reported-by: Eric Paris Signed-off-by: Chris Wright Signed-off-by: James Morris --- drivers/pci/pci-sysfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'drivers/pci/pci-sysfs.c') diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index 8ecaac9..f7771f3 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include "pci.h" @@ -368,7 +369,7 @@ pci_read_config(struct file *filp, struct kobject *kobj, u8 *data = (u8*) buf; /* Several chips lock up trying to read undefined config space */ - if (cap_raised(filp->f_cred->cap_effective, CAP_SYS_ADMIN)) { + if (security_capable(filp->f_cred, CAP_SYS_ADMIN)) { size = dev->cfg_size; } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) { size = 128; -- cgit v1.1 From f00eaeea7a42b5ea327e9ce8839cb0b53d3bdb4e Mon Sep 17 00:00:00 2001 From: Linus Torvalds Date: Sun, 13 Feb 2011 07:50:50 -0800 Subject: Revert "pci: use security_capable() when checking capablities during config space read" This reverts commit 47970b1b2aa64464bc0a9543e86361a622ae7c03. It turns out it breaks several distributions. Looks like the stricter selinux checks fail due to selinux policies not being set to allow the access - breaking X, but also lspci. So while the change was clearly the RightThing(tm) to do in theory, in practice we have backwards compatibility issues making it not work. Reported-by: Dave Young Acked-by: David Airlie Acked-by: Alex Riesen Cc: Eric Paris Cc: Chris Wright Cc: James Morris Signed-off-by: Linus Torvalds --- drivers/pci/pci-sysfs.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'drivers/pci/pci-sysfs.c') diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index f7771f3..8ecaac9 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -23,7 +23,6 @@ #include #include #include -#include #include #include #include "pci.h" @@ -369,7 +368,7 @@ pci_read_config(struct file *filp, struct kobject *kobj, u8 *data = (u8*) buf; /* Several chips lock up trying to read undefined config space */ - if (security_capable(filp->f_cred, CAP_SYS_ADMIN)) { + if (cap_raised(filp->f_cred->cap_effective, CAP_SYS_ADMIN)) { size = dev->cfg_size; } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) { size = 128; -- cgit v1.1