diff options
| author | Vasily Averin <[email protected]> | 2015-06-25 15:01:44 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2015-06-25 17:00:39 -0700 |
| commit | d194e5d666225b04c7754471df0948f645b6ab3a (patch) | |
| tree | 07b78850800078b3b4f147939309d29642773266 /tools/perf/scripts/python/export-to-postgresql.py | |
| parent | e2f15f9a79201ddd596727b84a85c419ee57ad5c (diff) | |
security_syslog() should be called once only
The final version of commit 637241a900cb ("kmsg: honor dmesg_restrict
sysctl on /dev/kmsg") lost few hooks, as result security_syslog() are
processed incorrectly:
- open of /dev/kmsg checks syslog access permissions by using
check_syslog_permissions() where security_syslog() is not called if
dmesg_restrict is set.
- syslog syscall and /proc/kmsg calls do_syslog() where security_syslog
can be executed twice (inside check_syslog_permissions() and then
directly in do_syslog())
With this patch security_syslog() is called once only in all
syslog-related operations regardless of dmesg_restrict value.
Fixes: 637241a900cb ("kmsg: honor dmesg_restrict sysctl on /dev/kmsg")
Signed-off-by: Vasily Averin <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Josh Boyer <[email protected]>
Cc: Eric Paris <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python/export-to-postgresql.py')
0 files changed, 0 insertions, 0 deletions