agp: remove uid comparison as security check

In the face of containers and user namespaces, a uid==0 check for security is not safe. Switch to a capability check. I'm not sure I picked the right capability, but this being AGP CAP_SYS_RAWIO seemed to make sense. Signed-off-by: N Serge Hallyn <serue@us.ibm.com> Signed-off-by: N Dave Airlie <airlied@linux.ie>

agp: remove uid comparison as security check
In the face of containers and user namespaces, a uid==0 check for security is not safe. Switch to a capability check. I'm not sure I picked the right capability, but this being AGP CAP_SYS_RAWIO seemed to make sense. Signed-off-by: N Serge Hallyn <serue@us.ibm.com> Signed-off-by: N Dave Airlie <airlied@linux.ie>
62f29bab · serue@us.ibm.com · Dave Airlie · 1fa4db7d · 62f29bab
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

drivers/char/agp/frontend.c drivers/char/agp/frontend.c +1 -1

未找到文件。
--- a/drivers/char/agp/frontend.c
+++ b/drivers/char/agp/frontend.c
@@ -689,7 +689,7 @@ static int agp_open(struct inode *inode, struct file *file)
 	set_bit(AGP_FF_ALLOW_CLIENT, &priv->access_flags);
 	priv->my_pid = current->pid;

-	if ((current->uid == 0) || (current->suid == 0)) {
+	if (capable(CAP_SYS_RAWIO)) {
 		/* Root priv, can be controller */
 		set_bit(AGP_FF_ALLOW_CONTROLLER, &priv->access_flags);
 	}