diff options
author | Alessandro Zummo <alessandro.zummo@towertech.it> | 2006-06-25 05:48:20 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-25 10:01:14 -0700 |
commit | 110d693d5898649da606cd6e5f6af4d7f70a405f (patch) | |
tree | a46b06a383d8a9eda59d7c7e17e8694798769800 /drivers/rtc/rtc-dev.c | |
parent | 56f10c634e145d75e45b56a73f59fb6dff1caa8e (diff) | |
download | lwn-110d693d5898649da606cd6e5f6af4d7f70a405f.tar.gz lwn-110d693d5898649da606cd6e5f6af4d7f70a405f.zip |
[PATCH] rtc subsystem: add capability checks
Centralize CAP_SYS_XXX checks to avoid duplicate code and missing checks in
the drivers.
Signed-off-by: Alessandro Zummo <a.zummo@towertech.it>
Cc: Richard Purdie <rpurdie@rpsys.net>
Cc: Yoichi Yuasa <yoichi_yuasa@tripeaks.co.jp>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'drivers/rtc/rtc-dev.c')
-rw-r--r-- | drivers/rtc/rtc-dev.c | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/drivers/rtc/rtc-dev.c b/drivers/rtc/rtc-dev.c index 07387c99df0d..61a58259c93f 100644 --- a/drivers/rtc/rtc-dev.c +++ b/drivers/rtc/rtc-dev.c @@ -214,6 +214,28 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, struct rtc_wkalrm alarm; void __user *uarg = (void __user *) arg; + /* check that the calles has appropriate permissions + * for certain ioctls. doing this check here is useful + * to avoid duplicate code in each driver. + */ + switch (cmd) { + case RTC_EPOCH_SET: + case RTC_SET_TIME: + if (!capable(CAP_SYS_TIME)) + return -EACCES; + break; + + case RTC_IRQP_SET: + if (arg > rtc->max_user_freq && !capable(CAP_SYS_RESOURCE)) + return -EACCES; + break; + + case RTC_PIE_ON: + if (!capable(CAP_SYS_RESOURCE)) + return -EACCES; + break; + } + /* avoid conflicting IRQ users */ if (cmd == RTC_PIE_ON || cmd == RTC_PIE_OFF || cmd == RTC_IRQP_SET) { spin_lock(&rtc->irq_task_lock); @@ -272,9 +294,6 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, break; case RTC_SET_TIME: - if (!capable(CAP_SYS_TIME)) - return -EACCES; - if (copy_from_user(&tm, uarg, sizeof(tm))) return -EFAULT; @@ -290,10 +309,6 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, err = -EINVAL; break; } - if (!capable(CAP_SYS_TIME)) { - err = -EACCES; - break; - } rtc_epoch = arg; err = 0; #endif |