Displaying 5 results from an estimated 5 matches for "do_usermodehelper_file".
2012 May 29
0
[klibc:master] capabilities: Use fflush() instead of fseek ()
...ilian attems <max at stro.at>
AuthorDate: Tue, 29 May 2012 18:58:31 +0200
Committer: maximilian attems <max at stro.at>
CommitDate: Tue, 29 May 2012 19:03:08 +0200
[klibc] capabilities: Use fflush() instead of fseek()
It shouldn't use stream I/O against a control device at all
in do_usermodehelper_file(), as noted by hpa.
Stylistically rewind seems cleaner, but fflush() has error checking.
Reported-by: H. Peter Anvin <hpa at zytor.com>
Signed-off-by: maximilian attems <max at stro.at>
---
usr/kinit/capabilities.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff -...
2011 Aug 03
1
[PATCH v2] kinit: Add drop_capabilities support.
...1) {
+ ret = prctl(PR_CAPBSET_DROP, cap_ordinal);
+ if (ret != 0)
+ fail("Error dropping capability %s from bset\n",
+ capabilities[cap_ordinal].cap_name);
+ } else if (ret < 0)
+ fail("Kernel doesn't recognize capability %d\n", cap_ordinal);
+}
+
+static void do_usermodehelper_file(const char *filename, int cap_ordinal)
+{
+ uint32_t lo32, hi32;
+ FILE *file;
+ static const size_t buf_size = 80;
+ char buf[buf_size];
+ char tail;
+ size_t bytes_read;
+ int ret;
+
+ /* Try and open the file */
+ file = fopen(filename, "r+");
+ if (!file && errno == ENOENT)
+...
2012 May 27
1
[klibc:master] kinit: Fix capabilities alternate read/ write io without flush
...ax at stro.at>
---
usr/kinit/capabilities.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/usr/kinit/capabilities.c b/usr/kinit/capabilities.c
index eab4d93..c606144 100644
--- a/usr/kinit/capabilities.c
+++ b/usr/kinit/capabilities.c
@@ -167,6 +167,9 @@ static void do_usermodehelper_file(const char *filename, int cap_ordinal)
hi32 &= ~(1 << (cap_ordinal - 32));
/* Commit the new bit masks to the kernel */
+ ret = fseek(file, 0L, SEEK_SET);
+ if (ret != 0)
+ fail("Failed on file %s to seek %d\n", filename, ret);
sprintf(buf, "%u %u", lo32, hi3...
2013 May 29
1
[PATCH] klibc: fix capability dropping
...0701f6209
---
usr/kinit/capabilities.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/usr/kinit/capabilities.c b/usr/kinit/capabilities.c
index e743a70fec0f..4e0456ee7407 100644
--- a/usr/kinit/capabilities.c
+++ b/usr/kinit/capabilities.c
@@ -172,9 +172,9 @@ static void do_usermodehelper_file(const char *filename, int cap_ordinal)
ret = fflush(file);
if (ret != 0)
fail("Failed on file %s to fflush %d\n", filename, ret);
- sprintf(buf, "%u %u", lo32, hi32);
- ret = fwrite(buf, 1, strlen(buf) + 1, file);
- if (ret != 0)
+ sprintf(buf, "%u %u\n", lo32,...
2011 Jul 19
4
[PATCH v1 0/2] Support dropping of capabilities from early userspace.
This patchset applies to klibc mainline. As is it will probably collide
with Maximilian's recent patch to rename run-init to switch_root posted
last week.
To boot an untrusted environment with certain capabilities locked out,
we'd like to be able to drop the capabilities up front from early
userspace, before we actually transition onto the root volume.
This patchset implements this by