On Fri, Dec 15, 2023 at 05:32:52PM +0800, quic_zijuhu wrote: > On 12/15/2023 4:43 PM, Greg KH wrote: > > On Fri, Dec 15, 2023 at 04:28:53PM +0800, Zijun Hu wrote: > >> Function tty_ldisc_get() has a simple logical error and may cause tty-ldisc > >> module to be loaded by a user without CAP_SYS_MODULE, this security issue > >> is fixed by correcting the logical error. > > > > What specific security issue are you referring to here? > module tty-ldisc is able to be loaded by a user who don't have relevant permission CAP_SYS_MODULE to load module. Yes, that is as-intended, why are you trying to break existing functionality that has been present for forever? > current logical is weird and it confuse me as a tty driver beginner since the intuitive checking is shown by my change. It might be confusing, but it is correct. You have to justify changing existing functionality a lot, especially for user-visable stuff like this. And to say it is a "security issue" is not correct, it is this way by design, please work to understand history before attempting to change it for no documented reason. Did you read the config option that helps control this functionality? Did the help text there not explain it properly? If so, please provide additional documentation where needed. I suggest working with others at your company that have more experience before submitting changes like this in the future, as they should be able to help you out better instead of relying on the community to do so. thanks, greg k-h
