Below is a patch to drivers/char/mem.c which requires
CAP_SYS_RAWIO to open /dev/mem, /dev/kmem and /dev/port.
The mem/kmem stuff should maybe consult a different
privilege, but the port stuff I consider a bug.
Comments?
Matthew.
--- mem.c.orig Mon Jul 19 17:14:18 1999
+++ mem.c Mon Jul 19 17:20:13 1999
@@ -16,6 +16,7 @@
#include <linux/init.h>
#include <linux/joystick.h>
#include <linux/i2c.h>
+#include <linux/capability.h>
#include <asm/uaccess.h>
#include <asm/io.h>
@@ -458,11 +459,19 @@
}
}
+static int open_port(struct inode * inode, struct file * filp)
+{
+ return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
+}
+
+
#define mmap_kmem mmap_mem
#define zero_lseek null_lseek
#define full_lseek null_lseek
#define write_zero write_null
#define read_full read_zero
+#define open_mem open_port /* different capability? */
+#define open_kmem open_mem
static struct file_operations mem_fops = {
memory_lseek,
@@ -472,7 +481,7 @@
NULL, /* mem_poll */
NULL, /* mem_ioctl */
mmap_mem,
- NULL, /* no special open code */
+ open_mem,
NULL, /* flush */
NULL, /* no special release code */
NULL /* fsync */
@@ -486,7 +495,7 @@
NULL, /* kmem_poll */
NULL, /* kmem_ioctl */
mmap_kmem,
- NULL, /* no special open code */
+ open_kmem,
NULL, /* flush */
NULL, /* no special release code */
NULL /* fsync */
@@ -514,7 +523,7 @@
NULL, /* port_poll */
NULL, /* port_ioctl */
NULL, /* port_mmap */
- NULL, /* no special open code */
+ open_port,
NULL, /* flush */
NULL, /* no special release code */
NULL /* fsync */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/