Revert "Grants system server access to /proc/<pid>/oom_adj for Android applications." (6f9f6c4d) · Commits · e / devices / android_kernel_xiaomi_markw

fs/proc/base.c

+1 −38

Original line number	Diff line number	Diff line
		@@ -135,12 +135,6 @@ struct pid_entry {
		NULL, &proc_single_file_operations, \
		{ .proc_show = show } )

		/* ANDROID is for special files in /proc. */
		#define ANDROID(NAME, MODE, OTYPE) \
		NOD(NAME, (S_IFREG\|(MODE)), \
		&proc_##OTYPE##_inode_operations, \
		&proc_##OTYPE##_operations, {})

		/*
		* Count the number of hardlinks for the pid_entry table, excluding the .
		* and .. links.
		@@ -914,37 +908,6 @@ out:
		return err < 0 ? err : count;
		}

		static int oom_adjust_permission(struct inode *inode, int mask)
		{
		kuid_t uid;
		struct task_struct *p;
		kuid_t system_server_uid = KUIDT_INIT(1000);

		p = get_proc_task(inode);
		if(p) {
		uid = task_uid(p);
		put_task_struct(p);
		}

		/*
		* System Server (uid == 1000) is granted access to oom_adj of all
		* android applications (uid > 10000) as and services (uid >= 1000)
		*/
		if (p && (uid_eq(current_fsuid(), system_server_uid) &&
		uid_gt(uid, system_server_uid))) {
		if (inode->i_mode >> 6 & mask) {
		return 0;
		}
		}

		/* Fall back to default. */
		return generic_permission(inode, mask);
		}

		static const struct inode_operations proc_oom_adj_inode_operations = {
		.permission = oom_adjust_permission,
		};

		static const struct file_operations proc_oom_adj_operations = {
		.read = oom_adj_read,
		.write = oom_adj_write,
		@@ -2587,7 +2550,7 @@ static const struct pid_entry tgid_base_stuff[] = {
		ONE("cgroup", S_IRUGO, proc_cgroup_show),
		#endif
		ONE("oom_score", S_IRUGO, proc_oom_score),
		ANDROID("oom_adj", S_IRUGO\|S_IWUSR, oom_adj),
		REG("oom_adj", S_IRUGO\|S_IWUSR, proc_oom_adj_operations),
		REG("oom_score_adj", S_IRUGO\|S_IWUSR, proc_oom_score_adj_operations),
		#ifdef CONFIG_AUDITSYSCALL
		REG("loginuid", S_IWUSR\|S_IRUGO, proc_loginuid_operations),