From patchwork Wed Mar  7 21:58:23 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: John Stultz <john.stultz@linaro.org>
X-Patchwork-Id: 7142
Return-Path: <patch+caf_=linaro-patchwork=canonical.com@linaro.org>
X-Original-To: patchwork@peony.canonical.com
Delivered-To: patchwork@peony.canonical.com
Received: from fiordland.canonical.com (fiordland.canonical.com
 [91.189.94.145])
 by peony.canonical.com (Postfix) with ESMTP id 54E5C23E64
 for <patchwork@peony.canonical.com>;
 Wed,  7 Mar 2012 21:58:42 +0000 (UTC)
Received: from mail-gy0-f180.google.com (mail-gy0-f180.google.com
 [209.85.160.180])
 by fiordland.canonical.com (Postfix) with ESMTP id 1ABA0A181D7
 for <linaro-patchwork@canonical.com>;
 Wed,  7 Mar 2012 21:58:42 +0000 (UTC)
Received: by ghbz12 with SMTP id z12so3795456ghb.11
 for <linaro-patchwork@canonical.com>;
 Wed, 07 Mar 2012 13:58:41 -0800 (PST)
Received: by 10.50.197.135 with SMTP id iu7mr3006482igc.50.1331157521473;
 Wed, 07 Mar 2012 13:58:41 -0800 (PST)
X-Forwarded-To: linaro-patchwork@canonical.com
X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com
Delivered-To: patches@linaro.org
Received: by 10.231.53.18 with SMTP id k18csp22994ibg;
 Wed, 7 Mar 2012 13:58:41 -0800 (PST)
Received: by 10.68.225.164 with SMTP id rl4mr5799700pbc.117.1331157520593;
 Wed, 07 Mar 2012 13:58:40 -0800 (PST)
Received: from e37.co.us.ibm.com (e37.co.us.ibm.com. [32.97.110.158])
 by mx.google.com with ESMTPS id
 b5si2255692pbj.143.2012.03.07.13.58.40
 (version=TLSv1/SSLv3 cipher=OTHER);
 Wed, 07 Mar 2012 13:58:40 -0800 (PST)
Received-SPF: pass (google.com: domain of jstultz@us.ibm.com designates
 32.97.110.158 as permitted sender) client-ip=32.97.110.158; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of jstultz@us.ibm.com
 designates 32.97.110.158 as permitted sender)
 smtp.mail=jstultz@us.ibm.com
Received: from /spool/local
 by e37.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
 Only! Violators will be prosecuted
 for <patches@linaro.org> from <jstultz@us.ibm.com>;
 Wed, 7 Mar 2012 14:58:37 -0700
Received: from d03dlp01.boulder.ibm.com (9.17.202.177)
 by e37.co.us.ibm.com (192.168.1.137) with IBM ESMTP SMTP Gateway:
 Authorized Use Only! Violators will be prosecuted; 
 Wed, 7 Mar 2012 14:58:35 -0700
Received: from d03relay02.boulder.ibm.com (d03relay02.boulder.ibm.com
 [9.17.195.227])
 by d03dlp01.boulder.ibm.com (Postfix) with ESMTP id 051731FF0047;
 Wed,  7 Mar 2012 14:58:35 -0700 (MST)
Received: from d03av04.boulder.ibm.com (d03av04.boulder.ibm.com [9.17.195.170])
 by d03relay02.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
 q27LwYGe193832; Wed, 7 Mar 2012 14:58:34 -0700
Received: from d03av04.boulder.ibm.com (loopback [127.0.0.1])
 by d03av04.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP
 id q27LwXNb032712; Wed, 7 Mar 2012 14:58:34 -0700
Received: from kernel.beaverton.ibm.com (kernel.beaverton.ibm.com [9.47.67.96])
 by d03av04.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP
 id q27LwXrY032642; Wed, 7 Mar 2012 14:58:33 -0700
Received: by kernel.beaverton.ibm.com (Postfix, from userid 1056)
 id BAE12C0420; Wed,  7 Mar 2012 13:58:30 -0800 (PST)
From: John Stultz <john.stultz@linaro.org>
To: lkml <linux-kernel@vger.kernel.org>
Cc: Nick Kralevich <nnk@google.com>, Greg KH <gregkh@linuxfoundation.org>,
 Android Kernel Team <kernel-team@android.com>,
 John Stultz <john.stultz@linaro.org>
Subject: [PATCH 13/13] android: ram_console: honor dmesg_restrict
Date: Wed,  7 Mar 2012 13:58:23 -0800
Message-Id: <1331157503-3413-14-git-send-email-john.stultz@linaro.org>
X-Mailer: git-send-email 1.7.3.2.146.gca209
In-Reply-To: <1331157503-3413-1-git-send-email-john.stultz@linaro.org>
References: <1331157503-3413-1-git-send-email-john.stultz@linaro.org>
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 12030721-7408-0000-0000-000003491E30
X-Gm-Message-State: ALoCoQmjMYlPJlt0iCfoBjPYGayZnJohzqMl/mv9BK3RvCBAaT3vl++jeiGLj2sng7J4ht/KBKd6

From: Nick Kralevich <nnk@google.com>

The Linux kernel has a setting called dmesg_restrict. When true,
only processes with CAP_SYSLOG can view the kernel dmesg logs. This
helps prevent leaking of kernel information into user space.

On Android, it's possible to bypass these restrictions by viewing
/proc/last_kmsg.

This change makes /proc/last_kmsg require the same permissions as
dmesg.

Bug: 5555691
CC: Greg KH <gregkh@linuxfoundation.org>
CC: Android Kernel Team <kernel-team@android.com>
Change-Id: I50ecb74012ef2ac0a3cff7325192634341fddae9
Signed-off-by: Nick Kralevich <nnk@google.com>
Signed-off-by: John Stultz <john.stultz@linaro.org>
---
 drivers/staging/android/ram_console.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/drivers/staging/android/ram_console.c b/drivers/staging/android/ram_console.c
index d956b84..b242be2 100644
--- a/drivers/staging/android/ram_console.c
+++ b/drivers/staging/android/ram_console.c
@@ -99,6 +99,9 @@ static ssize_t ram_console_read_old(struct file *file, char __user *buf,
 	char *str;
 	int ret;
 
+	if (dmesg_restrict && !capable(CAP_SYSLOG))
+		return -EPERM;
+
 	/* Main last_kmsg log */
 	if (pos < old_log_size) {
 		count = min(len, (size_t)(old_log_size - pos));