* [PATCH] Various suser() -> capable() chang
@ 2002-04-26 23:28 Colin Slater
2002-04-27 18:56 ` Alan Cox
0 siblings, 1 reply; 5+ messages in thread
From: Colin Slater @ 2002-04-26 23:28 UTC (permalink / raw)
To: linux-kernel; +Cc: davej
[-- Attachment #1.1: Type: text/plain, Size: 1491 bytes --]
Hello,
I've made several cleanups changeing suser() to capable(CAP_SYS_ADMIN)
changes. This patch is mostly one line changes to 20 files, some files
with more. If any maintainers want to pick up these changes and
integrate them themselves, it would be appreciated. I can easily split
the patch if needed. This patch is aginst 2.5.10, and is already in
2.5.9-dj1.
DaveJ: same patch, just re-diffed.
Colin
diffstat:
arch/i386/kernel/mtrr.c | 18 +++++++++---------
arch/ppc64/kernel/ioctl32.c | 2 +-
arch/sparc64/kernel/ioctl32.c | 2 +-
arch/x86_64/ia32/ia32_ioctl.c | 2 +-
arch/x86_64/kernel/mtrr.c | 18 +++++++++---------
drivers/block/cpqarray.c | 6 +++---
drivers/block/swim3.c | 2 +-
drivers/block/swim_iop.c | 2 +-
drivers/char/ip2main.c | 2 +-
drivers/char/moxa.c | 2 +-
drivers/char/mxser.c | 2 +-
drivers/char/rio/rio_linux.c | 2 +-
drivers/char/rocket.c | 4 ----
drivers/char/serial167.c | 2 +-
drivers/char/tty_io.c | 8 ++++----
drivers/char/vt.c | 6 +++---
drivers/media/video/zr36120.c | 2 +-
drivers/pcmcia/ds.c | 2 +-
drivers/s390/char/tubtty.c | 2 +-
drivers/scsi/cpqfcTSinit.c | 2 +-
20 files changed, 42 insertions(+), 46 deletions(-)
--
-----
GPG Key 0x626FD58E; wwwkeys.pgp.net
6788 94B7 A407 A1D4 1B05 2559 FD52 D2D0 626F D58E
[-- Attachment #1.2: Type: text/plain, Size: 16361 bytes --]
# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
# ChangeSet 1.558 -> 1.559
# arch/x86_64/ia32/ia32_ioctl.c 1.5 -> 1.6
# drivers/block/swim_iop.c 1.3 -> 1.4
# arch/i386/kernel/mtrr.c 1.16 -> 1.17
# drivers/char/rio/rio_linux.c 1.8 -> 1.9
# drivers/scsi/cpqfcTSinit.c 1.13 -> 1.14
# drivers/char/rocket.c 1.10 -> 1.11
# drivers/block/cpqarray.c 1.30 -> 1.31
# drivers/pcmcia/ds.c 1.12 -> 1.13
# arch/x86_64/kernel/mtrr.c 1.2 -> 1.3
# arch/sparc64/kernel/ioctl32.c 1.26 -> 1.27
# drivers/block/swim3.c 1.4 -> 1.5
# drivers/char/serial167.c 1.7 -> 1.8
# drivers/media/video/zr36120.c 1.14 -> 1.15
# drivers/char/ip2main.c 1.9 -> 1.10
# drivers/char/tty_io.c 1.23 -> 1.24
# drivers/char/mxser.c 1.10 -> 1.11
# drivers/char/vt.c 1.9 -> 1.10
# drivers/s390/char/tubtty.c 1.4 -> 1.5
# drivers/char/moxa.c 1.9 -> 1.10
# arch/ppc64/kernel/ioctl32.c 1.3 -> 1.4
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 02/04/26 cslater@neptune.tacomeat.null 1.559
# Changed suser() to capable(CAP_SYS_ADMIN) in various places.
# --------------------------------------------
#
diff -Nru a/arch/i386/kernel/mtrr.c b/arch/i386/kernel/mtrr.c
--- a/arch/i386/kernel/mtrr.c Fri Apr 26 18:34:23 2002
+++ b/arch/i386/kernel/mtrr.c Fri Apr 26 18:34:23 2002
@@ -1659,7 +1659,7 @@
char *ptr;
char line[LINE_SIZE];
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN)) return -EPERM;
/* Can't seek (pwrite) on this device */
if (ppos != &file->f_pos) return -ESPIPE;
memset (line, 0, LINE_SIZE);
@@ -1727,28 +1727,28 @@
default:
return -ENOIOCTLCMD;
case MTRRIOC_ADD_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( ! capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_add (sentry.base, sentry.size, sentry.type, 1, file, 0);
if (err < 0) return err;
break;
case MTRRIOC_SET_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_add (sentry.base, sentry.size, sentry.type, 0);
if (err < 0) return err;
break;
case MTRRIOC_DEL_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_del (sentry.base, sentry.size, file, 0);
if (err < 0) return err;
break;
case MTRRIOC_KILL_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_del (-1, sentry.base, sentry.size);
@@ -1773,28 +1773,28 @@
return -EFAULT;
break;
case MTRRIOC_ADD_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_add (sentry.base, sentry.size, sentry.type, 1, file, 1);
if (err < 0) return err;
break;
case MTRRIOC_SET_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_add_page (sentry.base, sentry.size, sentry.type, 0);
if (err < 0) return err;
break;
case MTRRIOC_DEL_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_del (sentry.base, sentry.size, file, 1);
if (err < 0) return err;
break;
case MTRRIOC_KILL_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_del_page (-1, sentry.base, sentry.size);
diff -Nru a/arch/ppc64/kernel/ioctl32.c b/arch/ppc64/kernel/ioctl32.c
--- a/arch/ppc64/kernel/ioctl32.c Fri Apr 26 18:34:23 2002
+++ b/arch/ppc64/kernel/ioctl32.c Fri Apr 26 18:34:23 2002
@@ -1561,7 +1561,7 @@
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or super-user.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
return 1;
return 0;
}
diff -Nru a/arch/sparc64/kernel/ioctl32.c b/arch/sparc64/kernel/ioctl32.c
--- a/arch/sparc64/kernel/ioctl32.c Fri Apr 26 18:34:23 2002
+++ b/arch/sparc64/kernel/ioctl32.c Fri Apr 26 18:34:23 2002
@@ -2060,7 +2060,7 @@
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or super-user.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
return 1;
return 0;
}
diff -Nru a/arch/x86_64/ia32/ia32_ioctl.c b/arch/x86_64/ia32/ia32_ioctl.c
--- a/arch/x86_64/ia32/ia32_ioctl.c Fri Apr 26 18:34:23 2002
+++ b/arch/x86_64/ia32/ia32_ioctl.c Fri Apr 26 18:34:23 2002
@@ -1650,7 +1650,7 @@
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or super-user.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
return 1;
return 0;
}
diff -Nru a/arch/x86_64/kernel/mtrr.c b/arch/x86_64/kernel/mtrr.c
--- a/arch/x86_64/kernel/mtrr.c Fri Apr 26 18:34:23 2002
+++ b/arch/x86_64/kernel/mtrr.c Fri Apr 26 18:34:23 2002
@@ -983,7 +983,7 @@
char *ptr;
char line[LINE_SIZE];
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
/* Can't seek (pwrite) on this device */
@@ -1071,7 +1071,7 @@
return -ENOIOCTLCMD;
case MTRRIOC_ADD_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1083,7 +1083,7 @@
break;
case MTRRIOC_SET_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1093,7 +1093,7 @@
break;
case MTRRIOC_DEL_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1103,7 +1103,7 @@
break;
case MTRRIOC_KILL_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1134,7 +1134,7 @@
break;
case MTRRIOC_ADD_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1146,7 +1146,7 @@
break;
case MTRRIOC_SET_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1156,7 +1156,7 @@
break;
case MTRRIOC_DEL_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1166,7 +1166,7 @@
break;
case MTRRIOC_KILL_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
diff -Nru a/drivers/block/cpqarray.c b/drivers/block/cpqarray.c
--- a/drivers/block/cpqarray.c Fri Apr 26 18:34:23 2002
+++ b/drivers/block/cpqarray.c Fri Apr 26 18:34:23 2002
@@ -787,7 +787,7 @@
if (ctlr > MAX_CTLR || hba[ctlr] == NULL)
return -ENXIO;
- if (!suser() && ida_sizes[(ctlr << CTLR_SHIFT) +
+ if (!capable(CAP_SYS_ADMIN) && ida_sizes[(ctlr << CTLR_SHIFT) +
minor(inode->i_rdev)] == 0)
return -ENXIO;
@@ -797,7 +797,7 @@
* but I'm already using way to many device nodes to claim another one
* for "raw controller".
*/
- if (suser()
+ if (capable(CAP_SYS_ADMIN)
&& ida_sizes[(ctlr << CTLR_SHIFT) + minor(inode->i_rdev)] == 0
&& minor(inode->i_rdev) != 0)
return -ENXIO;
@@ -1139,7 +1139,7 @@
case BLKRRPART:
return revalidate_logvol(inode->i_rdev, 1);
case IDAPASSTHRU:
- if (!suser()) return -EPERM;
+ if (!capable(CAP_SYS_ADMIN)) return -EPERM;
error = copy_from_user(&my_io, io, sizeof(my_io));
if (error) return error;
error = ida_ctlr_ioctl(ctlr, dsk, &my_io);
diff -Nru a/drivers/block/swim3.c b/drivers/block/swim3.c
--- a/drivers/block/swim3.c Fri Apr 26 18:34:23 2002
+++ b/drivers/block/swim3.c Fri Apr 26 18:34:23 2002
@@ -821,7 +821,7 @@
if (devnum >= floppy_count)
return -ENODEV;
- if ((cmd & 0x80) && !suser())
+ if ((cmd & 0x80) && !capable(CAP_SYS_ADMIN))
return -EPERM;
fs = &floppy_states[devnum];
diff -Nru a/drivers/block/swim_iop.c b/drivers/block/swim_iop.c
--- a/drivers/block/swim_iop.c Fri Apr 26 18:34:23 2002
+++ b/drivers/block/swim_iop.c Fri Apr 26 18:34:23 2002
@@ -349,7 +349,7 @@
if (devnum >= floppy_count)
return -ENODEV;
- if ((cmd & 0x80) && !suser())
+ if ((cmd & 0x80) && !capable(CAP_SYS_ADMIN))
return -EPERM;
fs = &floppy_states[devnum];
diff -Nru a/drivers/char/ip2main.c b/drivers/char/ip2main.c
--- a/drivers/char/ip2main.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/ip2main.c Fri Apr 26 18:34:23 2002
@@ -2660,7 +2660,7 @@
old_flags = pCh->flags;
old_baud_divisor = pCh->BaudDivisor;
- if ( !suser() ) {
+ if ( !capable(CAP_SYS_ADMIN) ) {
if ( ( ns.close_delay != pCh->ClosingDelay ) ||
( (ns.flags & ~ASYNC_USR_MASK) !=
(pCh->flags & ~ASYNC_USR_MASK) ) ) {
diff -Nru a/drivers/char/moxa.c b/drivers/char/moxa.c
--- a/drivers/char/moxa.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/moxa.c Fri Apr 26 18:34:23 2002
@@ -2799,7 +2799,7 @@
(new_serial.baud_base != 921600))
return (-EPERM);
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if (((new_serial.flags & ~ASYNC_USR_MASK) !=
(info->asyncflags & ~ASYNC_USR_MASK)))
return (-EPERM);
diff -Nru a/drivers/char/mxser.c b/drivers/char/mxser.c
--- a/drivers/char/mxser.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/mxser.c Fri Apr 26 18:34:23 2002
@@ -2199,7 +2199,7 @@
flags = info->flags & ASYNC_SPD_MASK;
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if ((new_serial.baud_base != info->baud_base) ||
(new_serial.close_delay != info->close_delay) ||
((new_serial.flags & ~ASYNC_USR_MASK) !=
diff -Nru a/drivers/char/rio/rio_linux.c b/drivers/char/rio/rio_linux.c
--- a/drivers/char/rio/rio_linux.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/rio/rio_linux.c Fri Apr 26 18:34:23 2002
@@ -702,7 +702,7 @@
func_enter();
/* The "dev" argument isn't used. */
- rc = -riocontrol (p, 0, cmd, (void *)arg, suser ());
+ rc = -riocontrol (p, 0, cmd, (void *)arg, capable(CAP_SYS_ADMIN));
func_exit ();
return rc;
diff -Nru a/drivers/char/rocket.c b/drivers/char/rocket.c
--- a/drivers/char/rocket.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/rocket.c Fri Apr 26 18:34:23 2002
@@ -1238,11 +1238,7 @@
if (copy_from_user(&new_serial, new_info, sizeof(new_serial)))
return -EFAULT;
-#ifdef CAP_SYS_ADMIN
if (!capable(CAP_SYS_ADMIN))
-#else
- if (!suser())
-#endif
{
if ((new_serial.flags & ~ROCKET_USR_MASK) !=
(info->flags & ~ROCKET_USR_MASK))
diff -Nru a/drivers/char/serial167.c b/drivers/char/serial167.c
--- a/drivers/char/serial167.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/serial167.c Fri Apr 26 18:34:23 2002
@@ -1472,7 +1472,7 @@
return -EFAULT;
old_info = *info;
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if ((new_serial.close_delay != info->close_delay) ||
((new_serial.flags & ASYNC_FLAGS & ~ASYNC_USR_MASK) !=
(info->flags & ASYNC_FLAGS & ~ASYNC_USR_MASK)))
diff -Nru a/drivers/char/tty_io.c b/drivers/char/tty_io.c
--- a/drivers/char/tty_io.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/tty_io.c Fri Apr 26 18:34:23 2002
@@ -1370,7 +1370,7 @@
retval = -ENODEV;
filp->f_flags = saved_flags;
- if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !suser())
+ if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN))
retval = -EBUSY;
if (retval) {
@@ -1472,7 +1472,7 @@
{
char ch, mbz = 0;
- if ((current->tty != tty) && !suser())
+ if ((current->tty != tty) && !capable(CAP_SYS_ADMIN))
return -EPERM;
if (get_user(ch, arg))
return -EFAULT;
@@ -1510,7 +1510,7 @@
{
if (IS_SYSCONS_DEV(inode->i_rdev) ||
IS_CONSOLE_DEV(inode->i_rdev)) {
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
redirect = NULL;
return 0;
@@ -1552,7 +1552,7 @@
* This tty is already the controlling
* tty for another session group!
*/
- if ((arg == 1) && suser()) {
+ if ((arg == 1) && capable(CAP_SYS_ADMIN)) {
/*
* Steal it away
*/
diff -Nru a/drivers/char/vt.c b/drivers/char/vt.c
--- a/drivers/char/vt.c Fri Apr 26 18:34:23 2002
+++ b/drivers/char/vt.c Fri Apr 26 18:34:23 2002
@@ -443,7 +443,7 @@
* to be the owner of the tty, or super-user.
*/
perm = 0;
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
perm = 1;
kbd = kbd_table + console;
@@ -1038,12 +1038,12 @@
return do_unimap_ioctl(cmd, (struct unimapdesc *)arg, perm);
case VT_LOCKSWITCH:
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
vt_dont_switch = 1;
return 0;
case VT_UNLOCKSWITCH:
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
vt_dont_switch = 0;
return 0;
diff -Nru a/drivers/media/video/zr36120.c b/drivers/media/video/zr36120.c
--- a/drivers/media/video/zr36120.c Fri Apr 26 18:34:23 2002
+++ b/drivers/media/video/zr36120.c Fri Apr 26 18:34:23 2002
@@ -1294,7 +1294,7 @@
#if LINUX_VERSION_CODE >= 0x020100
if(!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_ADMIN))
#else
- if(!suser())
+ if(!capable(CAP_SYS_ADMIN))
#endif
return -EPERM;
if (copy_from_user(&v, arg,sizeof(v)))
diff -Nru a/drivers/pcmcia/ds.c b/drivers/pcmcia/ds.c
--- a/drivers/pcmcia/ds.c Fri Apr 26 18:34:23 2002
+++ b/drivers/pcmcia/ds.c Fri Apr 26 18:34:23 2002
@@ -830,7 +830,7 @@
err = unbind_request(i, &buf.bind_info);
break;
case DS_BIND_MTD:
- if (!suser()) return -EPERM;
+ if (!capable(CAP_SYS_ADMIN)) return -EPERM;
err = bind_mtd(i, &buf.mtd_info);
break;
default:
diff -Nru a/drivers/s390/char/tubtty.c b/drivers/s390/char/tubtty.c
--- a/drivers/s390/char/tubtty.c Fri Apr 26 18:34:23 2002
+++ b/drivers/s390/char/tubtty.c Fri Apr 26 18:34:23 2002
@@ -561,7 +561,7 @@
/*
* Superuser-mode settings affect the driver overall ---
*/
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
return -EPERM;
} else if (strncmp(mybuf, "index=", 6) == 0) {
tty3270_proc_index = simple_strtoul(mybuf + 6, 0,0);
diff -Nru a/drivers/scsi/cpqfcTSinit.c b/drivers/scsi/cpqfcTSinit.c
--- a/drivers/scsi/cpqfcTSinit.c Fri Apr 26 18:34:23 2002
+++ b/drivers/scsi/cpqfcTSinit.c Fri Apr 26 18:34:23 2002
@@ -532,7 +532,7 @@
// must be super user to send stuff directly to the
// controller and/or physical drives...
- if( !suser() )
+ if( !capable(CAP_SYS_ADMIN) )
return -EPERM;
// copy the caller's struct to our space.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Various suser() -> capable() chang
2002-04-26 23:28 [PATCH] Various suser() -> capable() chang Colin Slater
@ 2002-04-27 18:56 ` Alan Cox
2002-04-27 23:16 ` Colin Slater
0 siblings, 1 reply; 5+ messages in thread
From: Alan Cox @ 2002-04-27 18:56 UTC (permalink / raw)
To: Colin Slater; +Cc: linux-kernel, davej
> case IDAPASSTHRU:
> - if (!suser()) return -EPERM;
> + if (!capable(CAP_SYS_ADMIN)) return -EPERM;
The cpqarray ones should be CAP_SYS_RAWIO
> diff -Nru a/drivers/scsi/cpqfcTSinit.c b/drivers/scsi/cpqfcTSinit.c
> --- a/drivers/scsi/cpqfcTSinit.c Fri Apr 26 18:34:23 2002
> +++ b/drivers/scsi/cpqfcTSinit.c Fri Apr 26 18:34:23 2002
> @@ -532,7 +532,7 @@
> =20
> // must be super user to send stuff directly to the
> // controller and/or physical drives...
> - if( !suser() )
> + if( !capable(CAP_SYS_ADMIN) )
Also RAWIO
Basically - stuff giving raw hardware access sohuld be CAP_SYS_RAWIO, the
others CAP_SYS_ADMIN is a good general case, but as you change then check
its appropriate
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Various suser() -> capable() chang
2002-04-27 18:56 ` Alan Cox
@ 2002-04-27 23:16 ` Colin Slater
2002-04-28 1:52 ` Chris Wright
0 siblings, 1 reply; 5+ messages in thread
From: Colin Slater @ 2002-04-27 23:16 UTC (permalink / raw)
To: Alan Cox; +Cc: linux-kernel, davej
[-- Attachment #1.1: Type: text/plain, Size: 1133 bytes --]
On Sat, 2002-04-27 at 14:56, Alan Cox wrote:
> > case IDAPASSTHRU:
> > - if (!suser()) return -EPERM;
> > + if (!capable(CAP_SYS_ADMIN)) return -EPERM;
>
> The cpqarray ones should be CAP_SYS_RAWIO
>
> > diff -Nru a/drivers/scsi/cpqfcTSinit.c b/drivers/scsi/cpqfcTSinit.c
> > --- a/drivers/scsi/cpqfcTSinit.c Fri Apr 26 18:34:23 2002
> > +++ b/drivers/scsi/cpqfcTSinit.c Fri Apr 26 18:34:23 2002
> > @@ -532,7 +532,7 @@
> > =20
> > // must be super user to send stuff directly to the
> > // controller and/or physical drives...
> > - if( !suser() )
> > + if( !capable(CAP_SYS_ADMIN) )
>
> Also RAWIO
>
>
> Basically - stuff giving raw hardware access sohuld be CAP_SYS_RAWIO, the
> others CAP_SYS_ADMIN is a good general case, but as you change then check
> its appropriate
I figured that it would be functionaly equivilent and didn't pay mutch
more attention to the issue. I've gone through it all again, and changed
alot of them to CAP_SYS_TTY_CONFIG and CAP_RAW_IO. New patch attached.
--
-----
GPG Key 0x626FD58E; wwwkeys.pgp.net
6788 94B7 A407 A1D4 1B05 2559 FD52 D2D0 626F D58E
[-- Attachment #1.2: suser3.patch --]
[-- Type: text/plain, Size: 14893 bytes --]
diff -Nru a/arch/i386/kernel/mtrr.c b/arch/i386/kernel/mtrr.c
--- a/arch/i386/kernel/mtrr.c Sat Apr 27 19:14:55 2002
+++ b/arch/i386/kernel/mtrr.c Sat Apr 27 19:14:55 2002
@@ -1659,7 +1659,7 @@
char *ptr;
char line[LINE_SIZE];
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN)) return -EPERM;
/* Can't seek (pwrite) on this device */
if (ppos != &file->f_pos) return -ESPIPE;
memset (line, 0, LINE_SIZE);
@@ -1727,28 +1727,28 @@
default:
return -ENOIOCTLCMD;
case MTRRIOC_ADD_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( ! capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_add (sentry.base, sentry.size, sentry.type, 1, file, 0);
if (err < 0) return err;
break;
case MTRRIOC_SET_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_add (sentry.base, sentry.size, sentry.type, 0);
if (err < 0) return err;
break;
case MTRRIOC_DEL_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_del (sentry.base, sentry.size, file, 0);
if (err < 0) return err;
break;
case MTRRIOC_KILL_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_del (-1, sentry.base, sentry.size);
@@ -1773,28 +1773,28 @@
return -EFAULT;
break;
case MTRRIOC_ADD_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_add (sentry.base, sentry.size, sentry.type, 1, file, 1);
if (err < 0) return err;
break;
case MTRRIOC_SET_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_add_page (sentry.base, sentry.size, sentry.type, 0);
if (err < 0) return err;
break;
case MTRRIOC_DEL_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_del (sentry.base, sentry.size, file, 1);
if (err < 0) return err;
break;
case MTRRIOC_KILL_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_del_page (-1, sentry.base, sentry.size);
diff -Nru a/arch/ppc64/kernel/ioctl32.c b/arch/ppc64/kernel/ioctl32.c
--- a/arch/ppc64/kernel/ioctl32.c Sat Apr 27 19:14:56 2002
+++ b/arch/ppc64/kernel/ioctl32.c Sat Apr 27 19:14:56 2002
@@ -1561,7 +1561,7 @@
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or super-user.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
return 1;
return 0;
}
diff -Nru a/arch/sparc64/kernel/ioctl32.c b/arch/sparc64/kernel/ioctl32.c
--- a/arch/sparc64/kernel/ioctl32.c Sat Apr 27 19:14:55 2002
+++ b/arch/sparc64/kernel/ioctl32.c Sat Apr 27 19:14:55 2002
@@ -2060,7 +2060,7 @@
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or super-user.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
return 1;
return 0;
}
diff -Nru a/arch/x86_64/ia32/ia32_ioctl.c b/arch/x86_64/ia32/ia32_ioctl.c
--- a/arch/x86_64/ia32/ia32_ioctl.c Sat Apr 27 19:14:55 2002
+++ b/arch/x86_64/ia32/ia32_ioctl.c Sat Apr 27 19:14:55 2002
@@ -1650,7 +1650,7 @@
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or super-user.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
return 1;
return 0;
}
diff -Nru a/arch/x86_64/kernel/mtrr.c b/arch/x86_64/kernel/mtrr.c
--- a/arch/x86_64/kernel/mtrr.c Sat Apr 27 19:14:55 2002
+++ b/arch/x86_64/kernel/mtrr.c Sat Apr 27 19:14:55 2002
@@ -983,7 +983,7 @@
char *ptr;
char line[LINE_SIZE];
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
/* Can't seek (pwrite) on this device */
@@ -1071,7 +1071,7 @@
return -ENOIOCTLCMD;
case MTRRIOC_ADD_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1083,7 +1083,7 @@
break;
case MTRRIOC_SET_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1093,7 +1093,7 @@
break;
case MTRRIOC_DEL_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1103,7 +1103,7 @@
break;
case MTRRIOC_KILL_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1134,7 +1134,7 @@
break;
case MTRRIOC_ADD_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1146,7 +1146,7 @@
break;
case MTRRIOC_SET_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1156,7 +1156,7 @@
break;
case MTRRIOC_DEL_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1166,7 +1166,7 @@
break;
case MTRRIOC_KILL_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
diff -Nru a/drivers/block/cpqarray.c b/drivers/block/cpqarray.c
--- a/drivers/block/cpqarray.c Sat Apr 27 19:14:55 2002
+++ b/drivers/block/cpqarray.c Sat Apr 27 19:14:55 2002
@@ -787,7 +787,7 @@
if (ctlr > MAX_CTLR || hba[ctlr] == NULL)
return -ENXIO;
- if (!suser() && ida_sizes[(ctlr << CTLR_SHIFT) +
+ if (!capable(CAP_SYS_ADMIN) && ida_sizes[(ctlr << CTLR_SHIFT) +
minor(inode->i_rdev)] == 0)
return -ENXIO;
@@ -797,7 +797,7 @@
* but I'm already using way to many device nodes to claim another one
* for "raw controller".
*/
- if (suser()
+ if (capable(CAP_SYS_ADMIN)
&& ida_sizes[(ctlr << CTLR_SHIFT) + minor(inode->i_rdev)] == 0
&& minor(inode->i_rdev) != 0)
return -ENXIO;
@@ -1139,7 +1139,7 @@
case BLKRRPART:
return revalidate_logvol(inode->i_rdev, 1);
case IDAPASSTHRU:
- if (!suser()) return -EPERM;
+ if (!capable(CAP_SYS_ADMIN)) return -EPERM;
error = copy_from_user(&my_io, io, sizeof(my_io));
if (error) return error;
error = ida_ctlr_ioctl(ctlr, dsk, &my_io);
diff -Nru a/drivers/block/swim3.c b/drivers/block/swim3.c
--- a/drivers/block/swim3.c Sat Apr 27 19:14:55 2002
+++ b/drivers/block/swim3.c Sat Apr 27 19:14:55 2002
@@ -821,7 +821,7 @@
if (devnum >= floppy_count)
return -ENODEV;
- if ((cmd & 0x80) && !suser())
+ if ((cmd & 0x80) && !capable(CAP_SYS_ADMIN))
return -EPERM;
fs = &floppy_states[devnum];
diff -Nru a/drivers/block/swim_iop.c b/drivers/block/swim_iop.c
--- a/drivers/block/swim_iop.c Sat Apr 27 19:14:55 2002
+++ b/drivers/block/swim_iop.c Sat Apr 27 19:14:55 2002
@@ -349,7 +349,7 @@
if (devnum >= floppy_count)
return -ENODEV;
- if ((cmd & 0x80) && !suser())
+ if ((cmd & 0x80) && !capable(CAP_SYS_ADMIN))
return -EPERM;
fs = &floppy_states[devnum];
diff -Nru a/drivers/char/ip2main.c b/drivers/char/ip2main.c
--- a/drivers/char/ip2main.c Sat Apr 27 19:14:56 2002
+++ b/drivers/char/ip2main.c Sat Apr 27 19:14:56 2002
@@ -2660,7 +2660,7 @@
old_flags = pCh->flags;
old_baud_divisor = pCh->BaudDivisor;
- if ( !suser() ) {
+ if ( !capable(CAP_SYS_ADMIN) ) {
if ( ( ns.close_delay != pCh->ClosingDelay ) ||
( (ns.flags & ~ASYNC_USR_MASK) !=
(pCh->flags & ~ASYNC_USR_MASK) ) ) {
diff -Nru a/drivers/char/moxa.c b/drivers/char/moxa.c
--- a/drivers/char/moxa.c Sat Apr 27 19:14:56 2002
+++ b/drivers/char/moxa.c Sat Apr 27 19:14:56 2002
@@ -2799,7 +2799,7 @@
(new_serial.baud_base != 921600))
return (-EPERM);
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if (((new_serial.flags & ~ASYNC_USR_MASK) !=
(info->asyncflags & ~ASYNC_USR_MASK)))
return (-EPERM);
diff -Nru a/drivers/char/mxser.c b/drivers/char/mxser.c
--- a/drivers/char/mxser.c Sat Apr 27 19:14:56 2002
+++ b/drivers/char/mxser.c Sat Apr 27 19:14:56 2002
@@ -2199,7 +2199,7 @@
flags = info->flags & ASYNC_SPD_MASK;
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if ((new_serial.baud_base != info->baud_base) ||
(new_serial.close_delay != info->close_delay) ||
((new_serial.flags & ~ASYNC_USR_MASK) !=
diff -Nru a/drivers/char/rio/rio_linux.c b/drivers/char/rio/rio_linux.c
--- a/drivers/char/rio/rio_linux.c Sat Apr 27 19:14:55 2002
+++ b/drivers/char/rio/rio_linux.c Sat Apr 27 19:14:55 2002
@@ -702,7 +702,7 @@
func_enter();
/* The "dev" argument isn't used. */
- rc = -riocontrol (p, 0, cmd, (void *)arg, suser ());
+ rc = -riocontrol (p, 0, cmd, (void *)arg, capable(CAP_SYS_ADMIN));
func_exit ();
return rc;
diff -Nru a/drivers/char/rocket.c b/drivers/char/rocket.c
--- a/drivers/char/rocket.c Sat Apr 27 19:14:55 2002
+++ b/drivers/char/rocket.c Sat Apr 27 19:14:55 2002
@@ -1238,11 +1238,7 @@
if (copy_from_user(&new_serial, new_info, sizeof(new_serial)))
return -EFAULT;
-#ifdef CAP_SYS_ADMIN
if (!capable(CAP_SYS_ADMIN))
-#else
- if (!suser())
-#endif
{
if ((new_serial.flags & ~ROCKET_USR_MASK) !=
(info->flags & ~ROCKET_USR_MASK))
diff -Nru a/drivers/char/serial167.c b/drivers/char/serial167.c
--- a/drivers/char/serial167.c Sat Apr 27 19:14:55 2002
+++ b/drivers/char/serial167.c Sat Apr 27 19:14:55 2002
@@ -1472,7 +1472,7 @@
return -EFAULT;
old_info = *info;
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if ((new_serial.close_delay != info->close_delay) ||
((new_serial.flags & ASYNC_FLAGS & ~ASYNC_USR_MASK) !=
(info->flags & ASYNC_FLAGS & ~ASYNC_USR_MASK)))
diff -Nru a/drivers/char/tty_io.c b/drivers/char/tty_io.c
--- a/drivers/char/tty_io.c Sat Apr 27 19:14:56 2002
+++ b/drivers/char/tty_io.c Sat Apr 27 19:14:56 2002
@@ -1370,7 +1370,7 @@
retval = -ENODEV;
filp->f_flags = saved_flags;
- if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !suser())
+ if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN))
retval = -EBUSY;
if (retval) {
@@ -1472,7 +1472,7 @@
{
char ch, mbz = 0;
- if ((current->tty != tty) && !suser())
+ if ((current->tty != tty) && !capable(CAP_SYS_ADMIN))
return -EPERM;
if (get_user(ch, arg))
return -EFAULT;
@@ -1510,7 +1510,7 @@
{
if (IS_SYSCONS_DEV(inode->i_rdev) ||
IS_CONSOLE_DEV(inode->i_rdev)) {
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
redirect = NULL;
return 0;
@@ -1552,7 +1552,7 @@
* This tty is already the controlling
* tty for another session group!
*/
- if ((arg == 1) && suser()) {
+ if ((arg == 1) && capable(CAP_SYS_ADMIN)) {
/*
* Steal it away
*/
diff -Nru a/drivers/char/vt.c b/drivers/char/vt.c
--- a/drivers/char/vt.c Sat Apr 27 19:14:56 2002
+++ b/drivers/char/vt.c Sat Apr 27 19:14:56 2002
@@ -443,7 +443,7 @@
* to be the owner of the tty, or super-user.
*/
perm = 0;
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_ADMIN))
perm = 1;
kbd = kbd_table + console;
@@ -1038,12 +1038,12 @@
return do_unimap_ioctl(cmd, (struct unimapdesc *)arg, perm);
case VT_LOCKSWITCH:
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
vt_dont_switch = 1;
return 0;
case VT_UNLOCKSWITCH:
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
vt_dont_switch = 0;
return 0;
diff -Nru a/drivers/media/video/zr36120.c b/drivers/media/video/zr36120.c
--- a/drivers/media/video/zr36120.c Sat Apr 27 19:14:55 2002
+++ b/drivers/media/video/zr36120.c Sat Apr 27 19:14:56 2002
@@ -1294,7 +1294,7 @@
#if LINUX_VERSION_CODE >= 0x020100
if(!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_ADMIN))
#else
- if(!suser())
+ if(!capable(CAP_SYS_ADMIN))
#endif
return -EPERM;
if (copy_from_user(&v, arg,sizeof(v)))
diff -Nru a/drivers/pcmcia/ds.c b/drivers/pcmcia/ds.c
--- a/drivers/pcmcia/ds.c Sat Apr 27 19:14:55 2002
+++ b/drivers/pcmcia/ds.c Sat Apr 27 19:14:55 2002
@@ -830,7 +830,7 @@
err = unbind_request(i, &buf.bind_info);
break;
case DS_BIND_MTD:
- if (!suser()) return -EPERM;
+ if (!capable(CAP_SYS_ADMIN)) return -EPERM;
err = bind_mtd(i, &buf.mtd_info);
break;
default:
diff -Nru a/drivers/s390/char/tubtty.c b/drivers/s390/char/tubtty.c
--- a/drivers/s390/char/tubtty.c Sat Apr 27 19:14:56 2002
+++ b/drivers/s390/char/tubtty.c Sat Apr 27 19:14:56 2002
@@ -561,7 +561,7 @@
/*
* Superuser-mode settings affect the driver overall ---
*/
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
return -EPERM;
} else if (strncmp(mybuf, "index=", 6) == 0) {
tty3270_proc_index = simple_strtoul(mybuf + 6, 0,0);
diff -Nru a/drivers/scsi/cpqfcTSinit.c b/drivers/scsi/cpqfcTSinit.c
--- a/drivers/scsi/cpqfcTSinit.c Sat Apr 27 19:14:55 2002
+++ b/drivers/scsi/cpqfcTSinit.c Sat Apr 27 19:14:55 2002
@@ -532,7 +532,7 @@
// must be super user to send stuff directly to the
// controller and/or physical drives...
- if( !suser() )
+ if( !capable(CAP_SYS_ADMIN) )
return -EPERM;
// copy the caller's struct to our space.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Various suser() -> capable() chang
2002-04-27 23:16 ` Colin Slater
@ 2002-04-28 1:52 ` Chris Wright
2002-04-28 16:47 ` Colin Slater
0 siblings, 1 reply; 5+ messages in thread
From: Chris Wright @ 2002-04-28 1:52 UTC (permalink / raw)
To: Colin Slater; +Cc: Alan Cox, linux-kernel, davej
* Colin Slater (hoho@binbash.net) wrote:
>
> I figured that it would be functionaly equivilent and didn't pay mutch
> more attention to the issue. I've gone through it all again, and changed
> alot of them to CAP_SYS_TTY_CONFIG and CAP_RAW_IO. New patch attached.
Thanks for working on this change, it's been on the LSM todo list as well.
It looks like the patch is still all CAP_SYS_ADMIN, perhaps you attached
the wrong one. I see one fsuser() check in fs/ufs/balloc.c that should
be converted also.
cheers,
-chris
--- 1.8/fs/ufs/balloc.c Sun Feb 10 04:27:35 2002
+++ edited/fs/ufs/balloc.c Sat Apr 27 18:40:22 2002
@@ -288,7 +288,7 @@
/*
* There is not enough space for user on the device
*/
- if (!fsuser() && ufs_freespace(usb1, UFS_MINFREE) <= 0) {
+ if (!capable(CAP_SYS_RESOURCE) && ufs_freespace(usb1, UFS_MINFREE) <= 0) {
unlock_super (sb);
UFSD(("EXIT (FAILED)\n"))
return 0;
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Various suser() -> capable() chang
2002-04-28 1:52 ` Chris Wright
@ 2002-04-28 16:47 ` Colin Slater
0 siblings, 0 replies; 5+ messages in thread
From: Colin Slater @ 2002-04-28 16:47 UTC (permalink / raw)
To: Chris Wright; +Cc: Alan Cox, linux-kernel, davej
[-- Attachment #1: Type: text/plain, Size: 643 bytes --]
On Sat, 2002-04-27 at 21:52, Chris Wright wrote:
> Thanks for working on this change, it's been on the LSM todo list as well.
> It looks like the patch is still all CAP_SYS_ADMIN, perhaps you attached
> the wrong one. I see one fsuser() check in fs/ufs/balloc.c that should
> be converted also.
>
> cheers,
> -chris
>
I diffed the wrong versions. Attached is a new patch, with the
ufs/balloc.c changes, and the more specific capabilities suggested by
Alan. I spent some more time greping, and can't see anymore instances of
suser().
Colin
--
-----
GPG Key 0x626FD58E; wwwkeys.pgp.net
6788 94B7 A407 A1D4 1B05 2559 FD52 D2D0 626F D58E
[-- Attachment #2: suser4.patch --]
[-- Type: text/plain, Size: 16210 bytes --]
diff -Nru a/arch/i386/kernel/mtrr.c b/arch/i386/kernel/mtrr.c
--- a/arch/i386/kernel/mtrr.c Sun Apr 28 12:41:49 2002
+++ b/arch/i386/kernel/mtrr.c Sun Apr 28 12:41:49 2002
@@ -1659,7 +1659,7 @@
char *ptr;
char line[LINE_SIZE];
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN)) return -EPERM;
/* Can't seek (pwrite) on this device */
if (ppos != &file->f_pos) return -ESPIPE;
memset (line, 0, LINE_SIZE);
@@ -1727,28 +1727,28 @@
default:
return -ENOIOCTLCMD;
case MTRRIOC_ADD_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( ! capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_add (sentry.base, sentry.size, sentry.type, 1, file, 0);
if (err < 0) return err;
break;
case MTRRIOC_SET_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_add (sentry.base, sentry.size, sentry.type, 0);
if (err < 0) return err;
break;
case MTRRIOC_DEL_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_del (sentry.base, sentry.size, file, 0);
if (err < 0) return err;
break;
case MTRRIOC_KILL_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_del (-1, sentry.base, sentry.size);
@@ -1773,28 +1773,28 @@
return -EFAULT;
break;
case MTRRIOC_ADD_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_add (sentry.base, sentry.size, sentry.type, 1, file, 1);
if (err < 0) return err;
break;
case MTRRIOC_SET_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_add_page (sentry.base, sentry.size, sentry.type, 0);
if (err < 0) return err;
break;
case MTRRIOC_DEL_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_file_del (sentry.base, sentry.size, file, 1);
if (err < 0) return err;
break;
case MTRRIOC_KILL_PAGE_ENTRY:
- if ( !suser () ) return -EPERM;
+ if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
if ( copy_from_user (&sentry, (void *) arg, sizeof sentry) )
return -EFAULT;
err = mtrr_del_page (-1, sentry.base, sentry.size);
diff -Nru a/arch/ppc64/kernel/ioctl32.c b/arch/ppc64/kernel/ioctl32.c
--- a/arch/ppc64/kernel/ioctl32.c Sun Apr 28 12:41:49 2002
+++ b/arch/ppc64/kernel/ioctl32.c Sun Apr 28 12:41:49 2002
@@ -1559,9 +1559,9 @@
/*
* To have permissions to do most of the vt ioctls, we either have
- * to be the owner of the tty, or super-user.
+ * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_TTY_CONFIG))
return 1;
return 0;
}
diff -Nru a/arch/sparc64/kernel/ioctl32.c b/arch/sparc64/kernel/ioctl32.c
--- a/arch/sparc64/kernel/ioctl32.c Sun Apr 28 12:41:49 2002
+++ b/arch/sparc64/kernel/ioctl32.c Sun Apr 28 12:41:49 2002
@@ -2058,9 +2058,9 @@
/*
* To have permissions to do most of the vt ioctls, we either have
- * to be the owner of the tty, or super-user.
+ * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_TTY_CONFIG))
return 1;
return 0;
}
diff -Nru a/arch/x86_64/ia32/ia32_ioctl.c b/arch/x86_64/ia32/ia32_ioctl.c
--- a/arch/x86_64/ia32/ia32_ioctl.c Sun Apr 28 12:41:49 2002
+++ b/arch/x86_64/ia32/ia32_ioctl.c Sun Apr 28 12:41:49 2002
@@ -1648,9 +1648,9 @@
/*
* To have permissions to do most of the vt ioctls, we either have
- * to be the owner of the tty, or super-user.
+ * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
*/
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_TTY_CONFIG))
return 1;
return 0;
}
diff -Nru a/arch/x86_64/kernel/mtrr.c b/arch/x86_64/kernel/mtrr.c
--- a/arch/x86_64/kernel/mtrr.c Sun Apr 28 12:41:49 2002
+++ b/arch/x86_64/kernel/mtrr.c Sun Apr 28 12:41:49 2002
@@ -983,7 +983,7 @@
char *ptr;
char line[LINE_SIZE];
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
/* Can't seek (pwrite) on this device */
@@ -1071,7 +1071,7 @@
return -ENOIOCTLCMD;
case MTRRIOC_ADD_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1083,7 +1083,7 @@
break;
case MTRRIOC_SET_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1093,7 +1093,7 @@
break;
case MTRRIOC_DEL_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1103,7 +1103,7 @@
break;
case MTRRIOC_KILL_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1134,7 +1134,7 @@
break;
case MTRRIOC_ADD_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1146,7 +1146,7 @@
break;
case MTRRIOC_SET_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1156,7 +1156,7 @@
break;
case MTRRIOC_DEL_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
@@ -1166,7 +1166,7 @@
break;
case MTRRIOC_KILL_PAGE_ENTRY:
- if (!suser ())
+ if (!capable (CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user (&sentry, (void *) arg, sizeof sentry))
return -EFAULT;
diff -Nru a/drivers/block/cpqarray.c b/drivers/block/cpqarray.c
--- a/drivers/block/cpqarray.c Sun Apr 28 12:41:49 2002
+++ b/drivers/block/cpqarray.c Sun Apr 28 12:41:49 2002
@@ -787,7 +787,7 @@
if (ctlr > MAX_CTLR || hba[ctlr] == NULL)
return -ENXIO;
- if (!suser() && ida_sizes[(ctlr << CTLR_SHIFT) +
+ if (!capable(CAP_RAW_IO) && ida_sizes[(ctlr << CTLR_SHIFT) +
minor(inode->i_rdev)] == 0)
return -ENXIO;
@@ -797,7 +797,7 @@
* but I'm already using way to many device nodes to claim another one
* for "raw controller".
*/
- if (suser()
+ if (capable(CAP_SYS_ADMIN)
&& ida_sizes[(ctlr << CTLR_SHIFT) + minor(inode->i_rdev)] == 0
&& minor(inode->i_rdev) != 0)
return -ENXIO;
@@ -1139,7 +1139,7 @@
case BLKRRPART:
return revalidate_logvol(inode->i_rdev, 1);
case IDAPASSTHRU:
- if (!suser()) return -EPERM;
+ if (!capable(CAP_RAW_IO)) return -EPERM;
error = copy_from_user(&my_io, io, sizeof(my_io));
if (error) return error;
error = ida_ctlr_ioctl(ctlr, dsk, &my_io);
diff -Nru a/drivers/block/swim3.c b/drivers/block/swim3.c
--- a/drivers/block/swim3.c Sun Apr 28 12:41:49 2002
+++ b/drivers/block/swim3.c Sun Apr 28 12:41:49 2002
@@ -821,7 +821,7 @@
if (devnum >= floppy_count)
return -ENODEV;
- if ((cmd & 0x80) && !suser())
+ if ((cmd & 0x80) && !capable(CAP_SYS_ADMIN))
return -EPERM;
fs = &floppy_states[devnum];
diff -Nru a/drivers/block/swim_iop.c b/drivers/block/swim_iop.c
--- a/drivers/block/swim_iop.c Sun Apr 28 12:41:49 2002
+++ b/drivers/block/swim_iop.c Sun Apr 28 12:41:49 2002
@@ -349,7 +349,7 @@
if (devnum >= floppy_count)
return -ENODEV;
- if ((cmd & 0x80) && !suser())
+ if ((cmd & 0x80) && !capable(CAP_SYS_ADMIN))
return -EPERM;
fs = &floppy_states[devnum];
diff -Nru a/drivers/char/ip2main.c b/drivers/char/ip2main.c
--- a/drivers/char/ip2main.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/ip2main.c Sun Apr 28 12:41:49 2002
@@ -2660,7 +2660,7 @@
old_flags = pCh->flags;
old_baud_divisor = pCh->BaudDivisor;
- if ( !suser() ) {
+ if ( !capable(CAP_SYS_ADMIN) ) {
if ( ( ns.close_delay != pCh->ClosingDelay ) ||
( (ns.flags & ~ASYNC_USR_MASK) !=
(pCh->flags & ~ASYNC_USR_MASK) ) ) {
diff -Nru a/drivers/char/moxa.c b/drivers/char/moxa.c
--- a/drivers/char/moxa.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/moxa.c Sun Apr 28 12:41:49 2002
@@ -2799,7 +2799,7 @@
(new_serial.baud_base != 921600))
return (-EPERM);
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if (((new_serial.flags & ~ASYNC_USR_MASK) !=
(info->asyncflags & ~ASYNC_USR_MASK)))
return (-EPERM);
diff -Nru a/drivers/char/mxser.c b/drivers/char/mxser.c
--- a/drivers/char/mxser.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/mxser.c Sun Apr 28 12:41:49 2002
@@ -2199,7 +2199,7 @@
flags = info->flags & ASYNC_SPD_MASK;
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if ((new_serial.baud_base != info->baud_base) ||
(new_serial.close_delay != info->close_delay) ||
((new_serial.flags & ~ASYNC_USR_MASK) !=
diff -Nru a/drivers/char/rio/rio_linux.c b/drivers/char/rio/rio_linux.c
--- a/drivers/char/rio/rio_linux.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/rio/rio_linux.c Sun Apr 28 12:41:49 2002
@@ -702,7 +702,7 @@
func_enter();
/* The "dev" argument isn't used. */
- rc = -riocontrol (p, 0, cmd, (void *)arg, suser ());
+ rc = -riocontrol (p, 0, cmd, (void *)arg, capable(CAP_SYS_ADMIN));
func_exit ();
return rc;
diff -Nru a/drivers/char/rocket.c b/drivers/char/rocket.c
--- a/drivers/char/rocket.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/rocket.c Sun Apr 28 12:41:49 2002
@@ -1238,11 +1238,7 @@
if (copy_from_user(&new_serial, new_info, sizeof(new_serial)))
return -EFAULT;
-#ifdef CAP_SYS_ADMIN
if (!capable(CAP_SYS_ADMIN))
-#else
- if (!suser())
-#endif
{
if ((new_serial.flags & ~ROCKET_USR_MASK) !=
(info->flags & ~ROCKET_USR_MASK))
diff -Nru a/drivers/char/serial167.c b/drivers/char/serial167.c
--- a/drivers/char/serial167.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/serial167.c Sun Apr 28 12:41:49 2002
@@ -1472,7 +1472,7 @@
return -EFAULT;
old_info = *info;
- if (!suser()) {
+ if (!capable(CAP_SYS_ADMIN)) {
if ((new_serial.close_delay != info->close_delay) ||
((new_serial.flags & ASYNC_FLAGS & ~ASYNC_USR_MASK) !=
(info->flags & ASYNC_FLAGS & ~ASYNC_USR_MASK)))
diff -Nru a/drivers/char/tty_io.c b/drivers/char/tty_io.c
--- a/drivers/char/tty_io.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/tty_io.c Sun Apr 28 12:41:49 2002
@@ -1370,7 +1370,7 @@
retval = -ENODEV;
filp->f_flags = saved_flags;
- if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !suser())
+ if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN))
retval = -EBUSY;
if (retval) {
@@ -1472,7 +1472,7 @@
{
char ch, mbz = 0;
- if ((current->tty != tty) && !suser())
+ if ((current->tty != tty) && !capable(CAP_SYS_ADMIN))
return -EPERM;
if (get_user(ch, arg))
return -EFAULT;
@@ -1510,7 +1510,7 @@
{
if (IS_SYSCONS_DEV(inode->i_rdev) ||
IS_CONSOLE_DEV(inode->i_rdev)) {
- if (!suser())
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
redirect = NULL;
return 0;
@@ -1552,7 +1552,7 @@
* This tty is already the controlling
* tty for another session group!
*/
- if ((arg == 1) && suser()) {
+ if ((arg == 1) && capable(CAP_SYS_ADMIN)) {
/*
* Steal it away
*/
diff -Nru a/drivers/char/vt.c b/drivers/char/vt.c
--- a/drivers/char/vt.c Sun Apr 28 12:41:49 2002
+++ b/drivers/char/vt.c Sun Apr 28 12:41:49 2002
@@ -440,10 +440,10 @@
/*
* To have permissions to do most of the vt ioctls, we either have
- * to be the owner of the tty, or super-user.
+ * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
*/
perm = 0;
- if (current->tty == tty || suser())
+ if (current->tty == tty || capable(CAP_SYS_TTY_CONFIG))
perm = 1;
kbd = kbd_table + console;
@@ -508,7 +508,7 @@
{
struct kbd_repeat kbrep;
- if (!capable(CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_TTY_CONFIG))
return -EPERM;
if (copy_from_user(&kbrep, (void *)arg,
@@ -621,7 +621,7 @@
case KDGETKEYCODE:
case KDSETKEYCODE:
- if(!capable(CAP_SYS_ADMIN))
+ if(!capable(CAP_SYS_TTY_CONFIG))
perm=0;
return do_kbkeycode_ioctl(cmd, (struct kbkeycode *)arg, perm);
@@ -1038,12 +1038,12 @@
return do_unimap_ioctl(cmd, (struct unimapdesc *)arg, perm);
case VT_LOCKSWITCH:
- if (!suser())
+ if (!capable(CAP_SYS_TTY_CONFIG))
return -EPERM;
vt_dont_switch = 1;
return 0;
case VT_UNLOCKSWITCH:
- if (!suser())
+ if (!capable(CAP_SYS_TTY_CONFIG))
return -EPERM;
vt_dont_switch = 0;
return 0;
diff -Nru a/drivers/media/video/zr36120.c b/drivers/media/video/zr36120.c
--- a/drivers/media/video/zr36120.c Sun Apr 28 12:41:49 2002
+++ b/drivers/media/video/zr36120.c Sun Apr 28 12:41:49 2002
@@ -1291,11 +1291,7 @@
case VIDIOCSFBUF:
{
struct video_buffer v;
-#if LINUX_VERSION_CODE >= 0x020100
- if(!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_ADMIN))
-#else
- if(!suser())
-#endif
+ if(!capable(CAP_SYS_ADMIN))
return -EPERM;
if (copy_from_user(&v, arg,sizeof(v)))
return -EFAULT;
diff -Nru a/drivers/pcmcia/ds.c b/drivers/pcmcia/ds.c
--- a/drivers/pcmcia/ds.c Sun Apr 28 12:41:49 2002
+++ b/drivers/pcmcia/ds.c Sun Apr 28 12:41:49 2002
@@ -830,7 +830,7 @@
err = unbind_request(i, &buf.bind_info);
break;
case DS_BIND_MTD:
- if (!suser()) return -EPERM;
+ if (!capable(CAP_SYS_ADMIN)) return -EPERM;
err = bind_mtd(i, &buf.mtd_info);
break;
default:
diff -Nru a/drivers/s390/char/tubtty.c b/drivers/s390/char/tubtty.c
--- a/drivers/s390/char/tubtty.c Sun Apr 28 12:41:49 2002
+++ b/drivers/s390/char/tubtty.c Sun Apr 28 12:41:49 2002
@@ -561,7 +561,7 @@
/*
* Superuser-mode settings affect the driver overall ---
*/
- if (!suser()) {
+ if (!capable(CAP_SYS_TTY_CONFIG)) {
return -EPERM;
} else if (strncmp(mybuf, "index=", 6) == 0) {
tty3270_proc_index = simple_strtoul(mybuf + 6, 0,0);
diff -Nru a/drivers/scsi/cpqfcTSinit.c b/drivers/scsi/cpqfcTSinit.c
--- a/drivers/scsi/cpqfcTSinit.c Sun Apr 28 12:41:49 2002
+++ b/drivers/scsi/cpqfcTSinit.c Sun Apr 28 12:41:49 2002
@@ -532,7 +532,7 @@
// must be super user to send stuff directly to the
// controller and/or physical drives...
- if( !suser() )
+ if( !capable(CAP_RAW_IO) )
return -EPERM;
// copy the caller's struct to our space.
diff -Nru a/fs/ufs/balloc.c b/fs/ufs/balloc.c
--- a/fs/ufs/balloc.c Sun Apr 28 12:41:49 2002
+++ b/fs/ufs/balloc.c Sun Apr 28 12:41:49 2002
@@ -288,7 +288,7 @@
/*
* There is not enough space for user on the device
*/
- if (!fsuser() && ufs_freespace(usb1, UFS_MINFREE) <= 0) {
+ if (!capable(CAP_SYS_RESOURCE) && ufs_freespace(usb1, UFS_MINFREE) <= 0) {
unlock_super (sb);
UFSD(("EXIT (FAILED)\n"))
return 0;
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2002-04-28 16:48 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-04-26 23:28 [PATCH] Various suser() -> capable() chang Colin Slater
2002-04-27 18:56 ` Alan Cox
2002-04-27 23:16 ` Colin Slater
2002-04-28 1:52 ` Chris Wright
2002-04-28 16:47 ` Colin Slater
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox