OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/fs
History
Kees Cook c71b02e4d2 Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps" 
This reverts commit 68c4a4f8ab, with
various conflict clean-ups.

The capability check required too much privilege compared to simple DAC
controls. A system builder was forced to have crash handler processes
run with CAP_SYSLOG which would give it the ability to read (and wipe)
the _current_ dmesg, which is much more access than being given access
only to the historical log stored in pstorefs.

With the prior commit to make the root directory 0750, the files are
protected by default but a system builder can now opt to give access
to a specific group (via chgrp on the pstorefs root directory) without
being forced to also give away CAP_SYSLOG.

Suggested-by: Nick Kralevich <nnk@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Petr Mladek <pmladek@suse.cz>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
 		2017-08-17 16:29:19 -07:00
..
9p 9p: Implement show_options 2017-07-11 06:08:58 -04:00
adfs
affs affs: Implement show_options 2017-07-11 06:06:17 -04:00
afs Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
autofs4 Fix up over-eager 'wait_queue_t' renaming 2017-07-10 11:40:19 -07:00
befs Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
bfs bfs: fix sanity checks for empty files 2017-07-12 16:26:00 -07:00
btrfs Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
cachefiles sched/wait: Disambiguate wq_entry->task_list and wq_head->task_list naming 2017-06-20 12:19:14 +02:00
ceph ceph: fix race in concurrent readdir 2017-07-17 14:54:59 +02:00
cifs Add wait_for_random_bytes() and get_random_*_wait() functions so that 2017-07-15 12:44:02 -07:00
coda fs: implement vfs_iter_write using do_iter_write 2017-06-29 17:49:23 -04:00
configfs configfs: Introduce config_item_get_unless_zero() 2017-06-12 13:20:20 +02:00
cramfs
crypto The first major feature for ext4 this merge window is the largedir 2017-07-09 09:31:22 -07:00
debugfs Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
devpts
dlm
ecryptfs
efivarfs VFS: Kill off s_options and helpers 2017-07-11 06:09:21 -04:00
efs
exofs mm: drop "wait" parameter from write_one_page() 2017-07-05 18:44:22 -04:00
exportfs
ext2 ext2: preserve i_mode if ext2_set_acl() fails 2017-07-18 11:23:56 +02:00
ext4 The first major feature for ext4 this merge window is the largedir 2017-07-09 09:31:22 -07:00
f2fs f2fs: avoid cpu lockup 2017-07-17 19:23:18 -07:00
fat
freevxfs
fscache
fuse
gfs2 Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
hfs
hfsplus hfsplus: Don't clear SGID when inheriting ACLs 2017-07-18 18:23:39 +02:00
hostfs
hpfs
hugetlbfs Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
isofs isofs: Fix off-by-one in 'session' mount option parsing 2017-07-18 12:33:16 +02:00
jbd2 Writeback error handling fixes (pile #2) 2017-07-07 19:38:17 -07:00
jffs2
jfs Writeback error handling fixes (pile #1) 2017-07-07 18:39:15 -07:00
kernfs
lockd sunrpc: mark all struct svc_version instances as const 2017-07-13 15:58:03 -04:00
minix Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-08 10:50:54 -07:00
ncpfs mm: per-cgroup memory reclaim stats 2017-07-06 16:24:35 -07:00
nfs NFS client bugfixes for 4.13 2017-07-21 16:26:01 -07:00
nfs_common
nfsd nfsd: Fix a memory scribble in the callback channel 2017-07-17 13:15:06 -04:00
nilfs2 Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-07-03 13:08:04 -07:00
nls
notify dentry name snapshots 2017-07-07 20:09:10 -04:00
ntfs ntfs: Use ERR_CAST() to avoid cross-structure cast 2017-05-28 10:11:48 -07:00
ocfs2 ocfs2: constify attribute_group structures 2017-07-06 16:24:30 -07:00
omfs omfs: Implement show_options 2017-07-06 03:31:46 -04:00
openpromfs
orangefs Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
overlayfs ovl: check for bad and whiteout index on lookup 2017-07-20 11:08:21 +02:00
proc Now that IPC and other changes have landed, enable manual markings for 2017-07-19 08:55:18 -07:00
pstore Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps" 2017-08-17 16:29:19 -07:00
qnx4
qnx6
quota quota: add get_inode_usage callback to transfer multi-inode charges 2017-06-22 11:46:48 -04:00
ramfs ramfs: Implement show_options 2017-07-06 03:31:46 -04:00
reiserfs reiserfs: preserve i_mode if __reiserfs_set_acl() fails 2017-07-18 11:24:08 +02:00
romfs
squashfs
sysfs
sysv mm: drop "wait" parameter from write_one_page() 2017-07-05 18:44:22 -04:00
tracefs VFS: Don't use save/replace_mount_options if not using generic_show_options 2017-07-06 03:31:46 -04:00
ubifs ubifs: Set double hash cookie also for RENAME_EXCHANGE 2017-07-14 22:50:57 +02:00
udf udf: Convert udf_disk_stamp_to_time() to use mktime64() 2017-06-14 11:21:02 +02:00
ufs Writeback error handling fixes (pile #1) 2017-07-07 18:39:15 -07:00
xfs Changes since last update: 2017-07-14 22:57:32 -07:00
Kconfig fs/Kconfig: kill CONFIG_PERCPU_RWSEM some more 2017-07-12 16:26:00 -07:00
Kconfig.binfmt
Makefile
aio.c fs: add O_DIRECT and aio support for sending down write life time hints 2017-06-27 12:05:36 -06:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf.c binfmt_elf: safely increment argv pointers 2017-07-10 16:32:36 -07:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c binfmt_flat: Use %u to format u32 2017-07-16 09:24:05 -07:00
binfmt_misc.c
binfmt_script.c
block_dev.c Writeback error handling fixes (pile #2) 2017-07-07 19:38:17 -07:00
buffer.c fs/buffer.c: make bh_lru_install() more efficient 2017-07-10 16:32:30 -07:00
char_dev.c
compat.c
compat_binfmt_elf.c
compat_ioctl.c Merge branch 'work.__copy_in_user' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-08 10:15:02 -07:00
coredump.c
dax.c Writeback error handling fixes (pile #2) 2017-07-07 19:38:17 -07:00
dcache.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
dcookies.c
direct-io.c fs: add O_DIRECT and aio support for sending down write life time hints 2017-06-27 12:05:36 -06:00
drop_caches.c
eventfd.c There has been a fair amount of activity in the docs tree this time 2017-07-03 21:13:25 -07:00
eventpoll.c kcmp: fs/epoll: wrap kcmp code with CONFIG_CHECKPOINT_RESTORE 2017-07-12 16:26:01 -07:00
exec.c exec: Limit arg stack to at most 75% of _STK_LIM 2017-07-07 20:05:08 -07:00
fcntl.c vfs: fix flock compat thinko 2017-07-07 13:48:18 -07:00
fhandle.c
file.c fs/file.c: replace alloc_fdmem() with kvmalloc() alternative 2017-07-06 16:24:30 -07:00
file_table.c fs: new infrastructure for writeback error handling and reporting 2017-07-06 07:02:25 -04:00
filesystems.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
fs-writeback.c writeback: rework wb_[dec|inc]_stat family of functions 2017-07-12 16:26:05 -07:00
fs_pin.c sched/wait: Disambiguate wq_entry->task_list and wq_head->task_list naming 2017-06-20 12:19:14 +02:00
fs_struct.c
inode.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-08 10:50:54 -07:00
internal.h
ioctl.c
iomap.c Changes since last update: 2017-07-14 22:57:32 -07:00
libfs.c fs: convert __generic_file_fsync to use errseq_t based reporting 2017-07-06 07:02:29 -04:00
locks.c fs/locks: pass kernel struct flock to fcntl_getlk/setlk 2017-05-27 06:07:19 -04:00
mbcache.c ext4: xattr inode deduplication 2017-06-22 11:44:55 -04:00
mount.h Now that IPC and other changes have landed, enable manual markings for 2017-07-19 08:55:18 -07:00
mpage.c There has been a fair amount of activity in the docs tree this time 2017-07-03 21:13:25 -07:00
namei.c Now that IPC and other changes have landed, enable manual markings for 2017-07-19 08:55:18 -07:00
namespace.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
no-block.c
nsfs.c VFS: Provide empty name qstr 2017-07-06 03:27:09 -04:00
open.c Writeback error handling fixes (pile #2) 2017-07-07 19:38:17 -07:00
pipe.c VFS: Provide empty name qstr 2017-07-06 03:27:09 -04:00
pnode.c mnt: Make propagate_umount less slow for overlapping mount propagation trees 2017-05-23 08:41:17 -05:00
pnode.h
posix_acl.c
proc_namespace.c
read_write.c Merge branch 'work.read_write' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-07 21:48:15 -07:00
readdir.c
select.c Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-06 20:57:13 -07:00
seq_file.c
signalfd.c sched/wait: Rename wait_queue_t => wait_queue_entry_t 2017-06-20 12:18:27 +02:00
splice.c fs: implement vfs_iter_write using do_iter_write 2017-06-29 17:49:23 -04:00
stack.c
stat.c ufs: restore maintaining ->i_blocks 2017-06-09 16:28:01 -04:00
statfs.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-08 10:50:54 -07:00
super.c VFS: Kill off s_options and helpers 2017-07-11 06:09:21 -04:00
sync.c fs: remove call_fsync helper function 2017-07-05 18:44:23 -04:00
timerfd.c timerfd: Use get_itimerspec64() and put_itimerspec64() 2017-06-30 04:14:38 -04:00
userfaultfd.c mm/hugetlb: add size parameter to huge_pte_offset() 2017-07-06 16:24:34 -07:00
utimes.c
xattr.c