Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Greg Kroah-Hartman wrote:
> From: Alistair Delva <adelva@xxxxxxxxxx>
> 
> commit 94c4b4fd25e6c3763941bdec3ad54f2204afa992 upstream.
 [SNIP]
> --- a/block/ioprio.c
> +++ b/block/ioprio.c
> @@ -69,7 +69,14 @@ int ioprio_check_cap(int ioprio)
> 
>         switch (class) {
>                 case IOPRIO_CLASS_RT:
> -                       if (!capable(CAP_SYS_NICE) && !capable(CAP_SYS_ADMIN))
> +                       /*
> +                        * Originally this only checked for CAP_SYS_ADMIN,
> +                        * which was implicitly allowed for pid 0 by security
> +                        * modules such as SELinux. Make sure we check
> +                        * CAP_SYS_ADMIN first to avoid a denial/avc for
> +                        * possibly missing CAP_SYS_NICE permission.
> +                        */
> +                       if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_NICE))
>                                 return -EPERM;
>                         fallthrough;
>                         /* rt has prio field too */

What exactly is above patch trying to fix?
It does not change control flow at all, and added comment is misleading.

-- 
Jari Ruusu  4096R/8132F189 12D6 4C3A DCDA 0AA4 27BD  ACDF F073 3C80 8132 F189



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux