module_param_named(stats_perms, proc_stats_perms, uint, S_IRUGO | S_IWUSR);
static struct proc_dir_entry *xt_qtaguid_ctrl_file;
-#ifdef CONFIG_ANDROID_PARANOID_NETWORK
+
+/* Everybody can write. But proc_ctrl_write_limited is true by default which
+ * limits what can be controlled. See the can_*() functions.
+ */
static unsigned int proc_ctrl_perms = S_IRUGO | S_IWUGO;
-#else
-static unsigned int proc_ctrl_perms = S_IRUGO | S_IWUSR;
-#endif
module_param_named(ctrl_perms, proc_ctrl_perms, uint, S_IRUGO | S_IWUSR);
-#ifdef CONFIG_ANDROID_PARANOID_NETWORK
-#include <linux/android_aid.h>
-static gid_t proc_stats_readall_gid = AID_NET_BW_STATS;
-static gid_t proc_ctrl_write_gid = AID_NET_BW_ACCT;
-#else
-/* 0 means, don't limit anybody */
-static gid_t proc_stats_readall_gid;
-static gid_t proc_ctrl_write_gid;
-#endif
-module_param_named(stats_readall_gid, proc_stats_readall_gid, uint,
+/* Limited by default, so the gid of the ctrl and stats proc entries
+ * will limit what can be done. See the can_*() functions.
+ */
+static bool proc_stats_readall_limited = true;
+static bool proc_ctrl_write_limited = true;
+
+module_param_named(stats_readall_limited, proc_stats_readall_limited, bool,
S_IRUGO | S_IWUSR);
-module_param_named(ctrl_write_gid, proc_ctrl_write_gid, uint,
+module_param_named(ctrl_write_limited, proc_ctrl_write_limited, bool,
S_IRUGO | S_IWUSR);
/*
static bool can_manipulate_uids(void)
{
/* root pwnd */
- return unlikely(!current_fsuid()) || unlikely(!proc_ctrl_write_gid)
- || in_egroup_p(proc_ctrl_write_gid);
+ return in_egroup_p(xt_qtaguid_ctrl_file->gid)
+ || unlikely(!current_fsuid()) || unlikely(!proc_ctrl_write_limited)
+ || unlikely(current_fsuid() == xt_qtaguid_ctrl_file->uid);
}
static bool can_impersonate_uid(uid_t uid)
static bool can_read_other_uid_stats(uid_t uid)
{
/* root pwnd */
- return unlikely(!current_fsuid()) || uid == current_fsuid()
- || unlikely(!proc_stats_readall_gid)
- || in_egroup_p(proc_stats_readall_gid);
+ return in_egroup_p(xt_qtaguid_stats_file->gid)
+ || unlikely(!current_fsuid()) || uid == current_fsuid()
+ || unlikely(!proc_stats_readall_limited)
+ || unlikely(current_fsuid() == xt_qtaguid_ctrl_file->uid);
}
static inline void dc_add_byte_packets(struct data_counters *counters, int set,
}
CT_DEBUG("qtaguid: ctrl_tag(%s): "
"pid=%u tgid=%u uid=%u euid=%u fsuid=%u "
- "in_group=%d in_egroup=%d\n",
+ "ctrl.gid=%u in_group()=%d in_egroup()=%d\n",
input, current->pid, current->tgid, current_uid(),
current_euid(), current_fsuid(),
- in_group_p(proc_ctrl_write_gid),
- in_egroup_p(proc_ctrl_write_gid));
+ xt_qtaguid_ctrl_file->gid,
+ in_group_p(xt_qtaguid_ctrl_file->gid),
+ in_egroup_p(xt_qtaguid_ctrl_file->gid));
if (argc < 4) {
uid = current_fsuid();
} else if (!can_impersonate_uid(uid)) {
&& !can_read_other_uid_stats(stat_uid)) {
CT_DEBUG("qtaguid: stats line: "
"%s 0x%llx %u: insufficient priv "
- "from pid=%u tgid=%u uid=%u\n",
+ "from pid=%u tgid=%u uid=%u stats.gid=%u\n",
ppi->iface_entry->ifname,
get_atag_from_tag(tag), stat_uid,
- current->pid, current->tgid, current_fsuid());
+ current->pid, current->tgid, current_fsuid(),
+ xt_qtaguid_stats_file->gid);
return 0;
}
if (ppi->item_index++ < ppi->items_to_skip)
projects / GitHub / exynos8895 / android_kernel_samsung_universal8895.git / commitdiff