fix: /dev/mem 及 /proc/fs_cache 权限漏洞修复

/dev/mem 和 /proc/fs_cache 存在多余的读写权限，有被低权限者利用进行攻击的风险，现予以修复。 Signed-off-by: yinjiaming <yinjiaming@huawei.com> Change-Id: Ie6b537e8cb1de7353dfc357411eba4920a539b4f
2023-10-11 16:43:15 +08:00 · 2023-10-11 16:43:15 +08:00 · 6daecc8d26
parent 173cdeb077
commit 6daecc8d26
2 changed files with 2 additions and 2 deletions
--- a/drivers/char/mem/src/mem.c
+++ b/drivers/char/mem/src/mem.c
@ -97,5 +97,5 @@ static const struct file_operations_vfs g_memDevOps = {

 int DevMemRegister(void)
 {
-    return register_driver("/dev/mem", &g_memDevOps, 0666, 0); /* 0666: file mode */
+    return register_driver("/dev/mem", &g_memDevOps, 0644, 0); /* 0644: file mode */
 }
--- a/fs/proc/os_adapt/fs_cache_proc.c
+++ b/fs/proc/os_adapt/fs_cache_proc.c
@ -207,7 +207,7 @@ static const struct ProcFileOperations FS_CACHE_PROC_FOPS = {

 void ProcFsCacheInit(void)
 {
-    struct ProcDirEntry *pde = CreateProcEntry("fs_cache", 0, NULL);
+    struct ProcDirEntry *pde = CreateProcEntry("fs_cache", 0400, NULL);
    if (pde == NULL) {
        PRINT_ERR("create fs_cache error!\n");
        return;