Commit f00eaeea authored by Linus Torvalds's avatar Linus Torvalds

Revert "pci: use security_capable() when checking capablities during config space read"

This reverts commit 47970b1b.

It turns out it breaks several distributions.  Looks like the stricter
selinux checks fail due to selinux policies not being set to allow the
access - breaking X, but also lspci.

So while the change was clearly the RightThing(tm) to do in theory, in
practice we have backwards compatibility issues making it not work.
Reported-by: default avatarDave Young <hidave.darkstar@gmail.com>
Acked-by: default avatarDavid Airlie <airlied@linux.ie>
Acked-by: default avatarAlex Riesen <raa.lkml@gmail.com>
Cc: Eric Paris <eparis@redhat.com>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent a0dc00b4
...@@ -23,7 +23,6 @@ ...@@ -23,7 +23,6 @@
#include <linux/mm.h> #include <linux/mm.h>
#include <linux/fs.h> #include <linux/fs.h>
#include <linux/capability.h> #include <linux/capability.h>
#include <linux/security.h>
#include <linux/pci-aspm.h> #include <linux/pci-aspm.h>
#include <linux/slab.h> #include <linux/slab.h>
#include "pci.h" #include "pci.h"
...@@ -369,7 +368,7 @@ pci_read_config(struct file *filp, struct kobject *kobj, ...@@ -369,7 +368,7 @@ pci_read_config(struct file *filp, struct kobject *kobj,
u8 *data = (u8*) buf; u8 *data = (u8*) buf;
/* Several chips lock up trying to read undefined config space */ /* Several chips lock up trying to read undefined config space */
if (security_capable(filp->f_cred, CAP_SYS_ADMIN)) { if (cap_raised(filp->f_cred->cap_effective, CAP_SYS_ADMIN)) {
size = dev->cfg_size; size = dev->cfg_size;
} else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) { } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) {
size = 128; size = 128;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment