Re: [PATCH] powerpc/papr_scm: Limit the readability of 'perf_stats' sysfs attribute
Thanks Aneesh and Mpe for reviewing this patch.
Michael Ellerman <mpe(a)ellerman.id.au> writes:
"Aneesh Kumar K.V" <aneesh.kumar(a)linux.ibm.com>
writes:
[snip]
>>
>> + /* Allow access only to perfmon capable users */
>> + if (!perfmon_capable())
>> + return -EACCES;
>> +
>
> An access check is usually done in open(). This is the read callback IIUC.
Yes. Otherwise an unprivileged user can open the file, and then trick a
suid program into reading from it.
Agree, but since the 'open()' for this sysfs attribute is handled
by kern-fs, AFAIK dont see any direct way to enforce this policy.
Only other way it seems to me is to convert the 'perf_stats' DEVICE_ATTR_RO
to DEVICE_ATTR_ADMIN_RO.
cheers
--
Cheers
~ Vaibhav