diff options
| author | Alessandro Zummo <alessandro.zummo@towertech.it> | 2006-06-25 08:48:20 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-25 13:01:14 -0400 |
| commit | 110d693d5898649da606cd6e5f6af4d7f70a405f (patch) | |
| tree | a46b06a383d8a9eda59d7c7e17e8694798769800 /drivers/rtc/rtc-dev.c | |
| parent | 56f10c634e145d75e45b56a73f59fb6dff1caa8e (diff) | |
[PATCH] rtc subsystem: add capability checks
Centralize CAP_SYS_XXX checks to avoid duplicate code and missing checks in
the drivers.
Signed-off-by: Alessandro Zummo <a.zummo@towertech.it>
Cc: Richard Purdie <rpurdie@rpsys.net>
Cc: Yoichi Yuasa <yoichi_yuasa@tripeaks.co.jp>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'drivers/rtc/rtc-dev.c')
| -rw-r--r-- | drivers/rtc/rtc-dev.c | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/drivers/rtc/rtc-dev.c b/drivers/rtc/rtc-dev.c index 07387c99df0d..61a58259c93f 100644 --- a/drivers/rtc/rtc-dev.c +++ b/drivers/rtc/rtc-dev.c | |||
| @@ -214,6 +214,28 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, | |||
| 214 | struct rtc_wkalrm alarm; | 214 | struct rtc_wkalrm alarm; |
| 215 | void __user *uarg = (void __user *) arg; | 215 | void __user *uarg = (void __user *) arg; |
| 216 | 216 | ||
| 217 | /* check that the calles has appropriate permissions | ||
| 218 | * for certain ioctls. doing this check here is useful | ||
| 219 | * to avoid duplicate code in each driver. | ||
| 220 | */ | ||
| 221 | switch (cmd) { | ||
| 222 | case RTC_EPOCH_SET: | ||
| 223 | case RTC_SET_TIME: | ||
| 224 | if (!capable(CAP_SYS_TIME)) | ||
| 225 | return -EACCES; | ||
| 226 | break; | ||
| 227 | |||
| 228 | case RTC_IRQP_SET: | ||
| 229 | if (arg > rtc->max_user_freq && !capable(CAP_SYS_RESOURCE)) | ||
| 230 | return -EACCES; | ||
| 231 | break; | ||
| 232 | |||
| 233 | case RTC_PIE_ON: | ||
| 234 | if (!capable(CAP_SYS_RESOURCE)) | ||
| 235 | return -EACCES; | ||
| 236 | break; | ||
| 237 | } | ||
| 238 | |||
| 217 | /* avoid conflicting IRQ users */ | 239 | /* avoid conflicting IRQ users */ |
| 218 | if (cmd == RTC_PIE_ON || cmd == RTC_PIE_OFF || cmd == RTC_IRQP_SET) { | 240 | if (cmd == RTC_PIE_ON || cmd == RTC_PIE_OFF || cmd == RTC_IRQP_SET) { |
| 219 | spin_lock(&rtc->irq_task_lock); | 241 | spin_lock(&rtc->irq_task_lock); |
| @@ -272,9 +294,6 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, | |||
| 272 | break; | 294 | break; |
| 273 | 295 | ||
| 274 | case RTC_SET_TIME: | 296 | case RTC_SET_TIME: |
| 275 | if (!capable(CAP_SYS_TIME)) | ||
| 276 | return -EACCES; | ||
| 277 | |||
| 278 | if (copy_from_user(&tm, uarg, sizeof(tm))) | 297 | if (copy_from_user(&tm, uarg, sizeof(tm))) |
| 279 | return -EFAULT; | 298 | return -EFAULT; |
| 280 | 299 | ||
| @@ -290,10 +309,6 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, | |||
| 290 | err = -EINVAL; | 309 | err = -EINVAL; |
| 291 | break; | 310 | break; |
| 292 | } | 311 | } |
| 293 | if (!capable(CAP_SYS_TIME)) { | ||
| 294 | err = -EACCES; | ||
| 295 | break; | ||
| 296 | } | ||
| 297 | rtc_epoch = arg; | 312 | rtc_epoch = arg; |
| 298 | err = 0; | 313 | err = 0; |
| 299 | #endif | 314 | #endif |