Re: [PATCH] Add user taint flag

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 21 May 2006 19:04:32 -0400 Theodore Ts'o wrote:

> 
> Allow taint flags to be set from userspace by writing to
> /proc/sys/kernel/tainted, and add a new taint flag, TAINT_USER, to be
> used when userspace is potentially doing something naughty that might
> compromise the kernel.  This will allow support personnel to ask further
> questions about what may have caused the user taint flag to have been
> set.  (For example, by examining the logs of the JVM to determine what
> evil things might have been lurking in the hearts of Java programs.  :-)
> 
> Signed-off-by: "Theodore Ts'o" <[email protected]>
> 
> 
> Index: linux-2.6/kernel/sysctl.c
> ===================================================================
> --- linux-2.6.orig/kernel/sysctl.c	2006-03-25 21:26:38.000000000 -0500
> +++ linux-2.6/kernel/sysctl.c	2006-05-21 19:00:15.000000000 -0400
> @@ -1835,6 +1835,23 @@
>  				do_proc_dointvec_bset_conv,&op);
>  }
>  
> +/*
> + *	Taint values can only be increased
> + */
> +int proc_dointvec_taint(ctl_table *table, int write, struct file *filp,
> +			void __user *buffer, size_t *lenp, loff_t *ppos)
> +{
> +	int op;
> +
> +	if (!capable(CAP_SYS_ADMIN)) {
> +		return -EPERM;
> +	}

no braces.

> +
> +	op = OP_OR;
> +	return do_proc_dointvec(table,write,filp,buffer,lenp,ppos,
> +				do_proc_dointvec_bset_conv,&op);

find/use that spacebar (after commas).

> +}
> +
>  struct do_proc_dointvec_minmax_conv_param {
>  	int *min;
>  	int *max;


---
~Randy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux