On Tue, Feb 15, 2011 at 02:21, Chris Wright chrisw@sous-sol.org wrote:
This reintroduces commit 47970b1b which was subsequently reverted as f00eaeea. The original change was broken and caused X startup failures and generally made privileged processes incapable of reading device dependent config space. The normal capable() interface returns true on success, but the LSM interface returns 0 on success. This thinko is now fixed in this patch, and has been confirmed to work properly.
So, once again...Eric Paris noted that commit de139a3 ("pci: check caps from sysfs file open to read device dependent config space") caused the capability check to bypass security modules and potentially auditing. Rectify this by calling security_capable() when checking the open file's capabilities for config space reads.
Reported-by: Eric Paris eparis@redhat.com Tested-by: Dave Young hidave.darkstar@gmail.com Acked-by: James Morris jmorris@namei.org Cc: Dave Airlie airlied@gmail.com Cc: Alex Riesen raa.lkml@gmail.com Cc: Sedat Dilek sedat.dilek@googlemail.com Cc: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Chris Wright chrisw@sous-sol.org
FWIW, I confirm the fix.