-
由 Kees Cook 提交于
Commit bfdc0b49 adds code to restrict access to dmesg_restrict, however, it incorrectly alters kptr_restrict rather than dmesg_restrict. The original patch from Richard Weinberger (https://lkml.org/lkml/2011/3/14/362) alters dmesg_restrict as expected, and so the patch seems to have been misapplied. This adds the CAP_SYS_ADMIN check to both dmesg_restrict and kptr_restrict, since both are sensitive. Reported-by: NPhillip Lougher <plougher@redhat.com> Signed-off-by: NKees Cook <keescook@chromium.org> Acked-by: NSerge Hallyn <serge.hallyn@canonical.com> Acked-by: NRichard Weinberger <richard@nod.at> Cc: stable@vger.kernel.org Signed-off-by: NJames Morris <james.l.morris@oracle.com>
620f6e8e