From patchwork Thu Mar  8 01:34:38 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: John Stultz <john.stultz@linaro.org>
X-Patchwork-Id: 7156
Return-Path: <patch+caf_=linaro-patchwork=canonical.com@linaro.org>
X-Original-To: patchwork@peony.canonical.com
Delivered-To: patchwork@peony.canonical.com
Received: from fiordland.canonical.com (fiordland.canonical.com
 [91.189.94.145])
 by peony.canonical.com (Postfix) with ESMTP id 459C023EA9
 for <patchwork@peony.canonical.com>;
 Thu,  8 Mar 2012 01:34:57 +0000 (UTC)
Received: from mail-iy0-f180.google.com (mail-iy0-f180.google.com
 [209.85.210.180])
 by fiordland.canonical.com (Postfix) with ESMTP id 08669A18466
 for <linaro-patchwork@canonical.com>;
 Thu,  8 Mar 2012 01:34:56 +0000 (UTC)
Received: by mail-iy0-f180.google.com with SMTP id e36so12685171iag.11
 for <linaro-patchwork@canonical.com>;
 Wed, 07 Mar 2012 17:34:56 -0800 (PST)
Received: by 10.50.197.135 with SMTP id iu7mr3577702igc.50.1331170496818;
 Wed, 07 Mar 2012 17:34:56 -0800 (PST)
X-Forwarded-To: linaro-patchwork@canonical.com
X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com
Delivered-To: patches@linaro.org
Received: by 10.231.53.18 with SMTP id k18csp160ibg;
 Wed, 7 Mar 2012 17:34:54 -0800 (PST)
Received: by 10.52.173.104 with SMTP id bj8mr6891603vdc.83.1331170493338;
 Wed, 07 Mar 2012 17:34:53 -0800 (PST)
Received: from e6.ny.us.ibm.com (e6.ny.us.ibm.com. [32.97.182.146])
 by mx.google.com with ESMTPS id ip8si124920vdb.19.2012.03.07.17.34.53
 (version=TLSv1/SSLv3 cipher=OTHER);
 Wed, 07 Mar 2012 17:34:53 -0800 (PST)
Received-SPF: pass (google.com: domain of jstultz@us.ibm.com designates
 32.97.182.146 as permitted sender) client-ip=32.97.182.146; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of jstultz@us.ibm.com
 designates 32.97.182.146 as permitted sender)
 smtp.mail=jstultz@us.ibm.com
Received: from /spool/local
 by e6.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only!
 Violators will be prosecuted
 for <patches@linaro.org> from <jstultz@us.ibm.com>;
 Wed, 7 Mar 2012 20:34:52 -0500
Received: from d01dlp01.pok.ibm.com (9.56.224.56)
 by e6.ny.us.ibm.com (192.168.1.106) with IBM ESMTP SMTP Gateway:
 Authorized Use Only! Violators will be prosecuted; 
 Wed, 7 Mar 2012 20:34:50 -0500
Received: from d01relay01.pok.ibm.com (d01relay01.pok.ibm.com [9.56.227.233])
 by d01dlp01.pok.ibm.com (Postfix) with ESMTP id 43B6738C803A;
 Wed,  7 Mar 2012 20:34:49 -0500 (EST)
Received: from d01av03.pok.ibm.com (d01av03.pok.ibm.com [9.56.224.217])
 by d01relay01.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
 q281Yn81208628; Wed, 7 Mar 2012 20:34:49 -0500
Received: from d01av03.pok.ibm.com (loopback [127.0.0.1])
 by d01av03.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id
 q281YmWI013966; Wed, 7 Mar 2012 22:34:49 -0300
Received: from kernel.beaverton.ibm.com (kernel.beaverton.ibm.com [9.47.67.96])
 by d01av03.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id
 q281YmHt013955; Wed, 7 Mar 2012 22:34:48 -0300
Received: by kernel.beaverton.ibm.com (Postfix, from userid 1056)
 id CF2DAC0420; Wed,  7 Mar 2012 17:34:46 -0800 (PST)
From: John Stultz <john.stultz@linaro.org>
To: lkml <linux-kernel@vger.kernel.org>
Cc: Nick Kralevich <nnk@google.com>, Greg KH <gregkh@linuxfoundation.org>,
 Android Kernel Team <kernel-team@android.com>,
 John Stultz <john.stultz@linaro.org>
Subject: [PATCH 11/11] android: ram_console: honor dmesg_restrict
Date: Wed,  7 Mar 2012 17:34:38 -0800
Message-Id: <1331170478-30538-12-git-send-email-john.stultz@linaro.org>
X-Mailer: git-send-email 1.7.3.2.146.gca209
In-Reply-To: <1331170478-30538-1-git-send-email-john.stultz@linaro.org>
References: <1331170478-30538-1-git-send-email-john.stultz@linaro.org>
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 12030801-1976-0000-0000-00000B456AE5
X-Gm-Message-State: ALoCoQktfiQvj35JcJ+Jn8EmZKwPUEtMQQgrjsQrbYYz8PtafYknmsLVf1RGM9I/1Yq3Px114Dku

From: Nick Kralevich <nnk@google.com>

The Linux kernel has a setting called dmesg_restrict. When true,
only processes with CAP_SYSLOG can view the kernel dmesg logs. This
helps prevent leaking of kernel information into user space.

On Android, it's possible to bypass these restrictions by viewing
/proc/last_kmsg.

This change makes /proc/last_kmsg require the same permissions as
dmesg.

CC: Greg KH <gregkh@linuxfoundation.org>
CC: Android Kernel Team <kernel-team@android.com>
Signed-off-by: Nick Kralevich <nnk@google.com>
Signed-off-by: John Stultz <john.stultz@linaro.org>
---
 drivers/staging/android/ram_console.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/drivers/staging/android/ram_console.c b/drivers/staging/android/ram_console.c
index d956b84..b242be2 100644
--- a/drivers/staging/android/ram_console.c
+++ b/drivers/staging/android/ram_console.c
@@ -99,6 +99,9 @@ static ssize_t ram_console_read_old(struct file *file, char __user *buf,
 	char *str;
 	int ret;
 
+	if (dmesg_restrict && !capable(CAP_SYSLOG))
+		return -EPERM;
+
 	/* Main last_kmsg log */
 	if (pos < old_log_size) {
 		count = min(len, (size_t)(old_log_size - pos));