diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2019-05-07 20:04:04 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-05-16 19:45:05 +0200 |
| commit | a9bdfbd494daa400b46f364498a9d35f932840fd (patch) | |
| tree | 2ca368a8835662c424845f889f9fa46aba12f9fd /kernel | |
| parent | e212945fe5258efb2bd316500e5132df7521069e (diff) | |
| download | linux-stable-a9bdfbd494daa400b46f364498a9d35f932840fd.tar.gz linux-stable-a9bdfbd494daa400b46f364498a9d35f932840fd.tar.bz2 linux-stable-a9bdfbd494daa400b46f364498a9d35f932840fd.zip | |
timer/debug: Change /proc/timer_stats from 0644 to 0600
The timer_stats facility should filter and translate PIDs if opened
from a non-initial PID namespace, to avoid leaking information about
the wider system. It should also not show kernel virtual addresses.
Unfortunately it has now been removed upstream (as redundant)
instead of being fixed.
For stable, fix the leak by restricting access to root only. A
similar change was already made for the /proc/timer_list file.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/time/timer_stats.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/time/timer_stats.c b/kernel/time/timer_stats.c index 1adecb4b87c8..7e4d715f9c22 100644 --- a/kernel/time/timer_stats.c +++ b/kernel/time/timer_stats.c @@ -417,7 +417,7 @@ static int __init init_tstats_procfs(void) { struct proc_dir_entry *pe; - pe = proc_create("timer_stats", 0644, NULL, &tstats_fops); + pe = proc_create("timer_stats", 0600, NULL, &tstats_fops); if (!pe) return -ENOMEM; return 0; |