Thanks Aneesh and Mpe for reviewing this patch. Michael Ellerman <[email protected]> writes:
> "Aneesh Kumar K.V" <[email protected]> writes: [snip] >>> >>> + /* Allow access only to perfmon capable users */ >>> + if (!perfmon_capable()) >>> + return -EACCES; >>> + >> >> An access check is usually done in open(). This is the read callback IIUC. > > Yes. Otherwise an unprivileged user can open the file, and then trick a > suid program into reading from it. Agree, but since the 'open()' for this sysfs attribute is handled by kern-fs, AFAIK dont see any direct way to enforce this policy. Only other way it seems to me is to convert the 'perf_stats' DEVICE_ATTR_RO to DEVICE_ATTR_ADMIN_RO. > > cheers -- Cheers ~ Vaibhav _______________________________________________ Linux-nvdimm mailing list -- [email protected] To unsubscribe send an email to [email protected]
