From: Christoph Hellwig <hch@lst.de>

It's the only abuse of proc_iops left (except the totally b0rked comx
driver).  The patch is from Al, I just forward-ported it from 2.4.

Background: struct proc_dir_entry has a struct inode_operations *proc_iops
member, it's from Linux's stoneage and used internally by procfs to assign
either the link or directory inode ops.

Unfortunately some drivers started to abuse it do do bad things like create
on lookup (that's the comx thingy which relies on unexported symbols and thus
is broken for modular builds since mid-2.3) or various ->permission tricks
(all gone by now).

After this patch is gone I have another one that kills proc_iops and just
uses a normal conditional inside procfs to assign the right one directly.



 25-akpm/kernel/sysctl.c |   30 +++++++++++++++++-------------
 1 files changed, 17 insertions(+), 13 deletions(-)

diff -puN kernel/sysctl.c~proc-sys-permission-checking kernel/sysctl.c
--- 25/kernel/sysctl.c~proc-sys-permission-checking	Tue Sep 23 14:14:28 2003
+++ 25-akpm/kernel/sysctl.c	Tue Sep 23 14:14:28 2003
@@ -136,17 +136,14 @@ extern ctl_table random_table[];
 
 static ssize_t proc_readsys(struct file *, char __user *, size_t, loff_t *);
 static ssize_t proc_writesys(struct file *, const char __user *, size_t, loff_t *);
-static int proc_sys_permission(struct inode *, int, struct nameidata *);
+static int proc_opensys(struct inode *, struct file *);
 
 struct file_operations proc_sys_file_operations = {
+	.open		= proc_opensys,
 	.read		= proc_readsys,
 	.write		= proc_writesys,
 };
 
-static struct inode_operations proc_sys_inode_operations = {
-	.permission	= proc_sys_permission,
-};
-
 extern struct proc_dir_entry *proc_sys_root;
 
 static void register_proc_table(ctl_table *, struct proc_dir_entry *);
@@ -1140,10 +1137,8 @@ static void register_proc_table(ctl_tabl
 			if (!de)
 				continue;
 			de->data = (void *) table;
-			if (table->proc_handler) {
+			if (table->proc_handler)
 				de->proc_fops = &proc_sys_file_operations;
-				de->proc_iops = &proc_sys_inode_operations;
-			}
 		}
 		table->de = de;
 		if (de->mode & S_IFDIR)
@@ -1212,6 +1207,20 @@ static ssize_t do_rw_proc(int write, str
 	return res;
 }
 
+static int proc_opensys(struct inode *inode, struct file *file)
+{
+	if (file->f_mode & FMODE_WRITE) {
+		/*
+		 * sysctl entries that are not writable,
+		 * are _NOT_ writable, capabilities or not.
+		 */
+		if (!(inode->i_mode & S_IWUSR))
+			return -EPERM;
+	}
+
+	return 0;
+}
+
 static ssize_t proc_readsys(struct file * file, char __user * buf,
 			    size_t count, loff_t *ppos)
 {
@@ -1224,11 +1233,6 @@ static ssize_t proc_writesys(struct file
 	return do_rw_proc(1, file, (char __user *) buf, count, ppos);
 }
 
-static int proc_sys_permission(struct inode *inode, int op, struct nameidata *nd)
-{
-	return test_perm(inode->i_mode, op);
-}
-
 /**
  * proc_dostring - read a string sysctl
  * @table: the sysctl table

_