Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 088ab0b4 authored by Ludwig Nussel's avatar Ludwig Nussel Committed by Greg Kroah-Hartman
Browse files

kernel/ksysfs.c: expose file_caps_enabled in sysfs 



A kernel booted with no_file_caps allows to install fscaps on a binary
but doesn't actually honor the fscaps when running the binary. Userspace
currently has no sane way to determine whether installing fscaps
actually has any effect. Since parsing /proc/cmdline is fragile this
patch exposes the current setting (1 or 0) via /sys/kernel/fscaps

Signed-off-by: default avatarLudwig Nussel <ludwig.nussel@suse.de>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent aed65af1

Documentation/ABI/testing/sysfs-kernel-fscaps

0 → 100644
+8 −0
Original line number Diff line number Diff line 
What:		/sys/kernel/fscaps

Date:		February 2011

KernelVersion:	2.6.38

Contact:	Ludwig Nussel <ludwig.nussel@suse.de>

Description

		Shows whether file system capabilities are honored

		when executing a binary

kernel/ksysfs.c

+10 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 
#include <linux/kexec.h>

#include <linux/profile.h>

#include <linux/sched.h>

#include <linux/capability.h>



#define KERNEL_ATTR_RO(_name) \

static struct kobj_attribute _name##_attr = __ATTR_RO(_name)
@@ -131,6 +132,14 @@ KERNEL_ATTR_RO(vmcoreinfo); 


#endif /* CONFIG_KEXEC */



/* whether file capabilities are enabled */

static ssize_t fscaps_show(struct kobject *kobj,

				  struct kobj_attribute *attr, char *buf)

{

	return sprintf(buf, "%d\n", file_caps_enabled);

}

KERNEL_ATTR_RO(fscaps);



/*

 * Make /sys/kernel/notes give the raw contents of our kernel .notes section.

 */
@@ -158,6 +167,7 @@ struct kobject *kernel_kobj; 
EXPORT_SYMBOL_GPL(kernel_kobj);



static struct attribute * kernel_attrs[] = {

	&fscaps_attr.attr,

#if defined(CONFIG_HOTPLUG)

	&uevent_seqnum_attr.attr,

	&uevent_helper_attr.attr,