tracing: Do not create tracefs files if tracefs lockdown is in effect

If on boot up, lockdown is activated for tracefs, don't even bother creating
the files. This can also prevent instances from being created if lockdown is
in effect.

Link: http://lkml.kernel.org/r/CAHk-=whC6Ji=fWnjh2+eS4b15TnbsS4VPVtvBOwCy1jjEG_JHQ@mail.gmail.com

Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
This commit is contained in:
Steven Rostedt (VMware) 2019-10-11 20:41:41 -04:00
parent 17911ff38a
commit bf8e602186

View File

@ -16,6 +16,7 @@
#include <linux/namei.h> #include <linux/namei.h>
#include <linux/tracefs.h> #include <linux/tracefs.h>
#include <linux/fsnotify.h> #include <linux/fsnotify.h>
#include <linux/security.h>
#include <linux/seq_file.h> #include <linux/seq_file.h>
#include <linux/parser.h> #include <linux/parser.h>
#include <linux/magic.h> #include <linux/magic.h>
@ -390,6 +391,9 @@ struct dentry *tracefs_create_file(const char *name, umode_t mode,
struct dentry *dentry; struct dentry *dentry;
struct inode *inode; struct inode *inode;
if (security_locked_down(LOCKDOWN_TRACEFS))
return NULL;
if (!(mode & S_IFMT)) if (!(mode & S_IFMT))
mode |= S_IFREG; mode |= S_IFREG;
BUG_ON(!S_ISREG(mode)); BUG_ON(!S_ISREG(mode));