From: Andre Przywara <andre.przywara@amd.com>
Date: Thu, 23 Apr 2009 22:29:53 +0000 (+0200)
Subject: rules: create /dev/cpu/<n>/cpuid world readable
X-Git-Tag: 174~1072
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=57ec3a57f1caa0e325e5ac8a7f54761148b36b1b;ds=sidebyside

rules: create /dev/cpu/<n>/cpuid world readable

I don't see any security implications, to be actually useful,
/dev/cpu/<n>/cpuid should be world readable. The cpuid instruction
can be called from userspace anyway, so there is nothing to hide.
The device does not support any write operation, so 0444 should
suffice.

Signed-off-by: Andre Przywara <andre.przywara@amd.com>
---

diff --git a/rules/rules.d/50-udev-default.rules b/rules/rules.d/50-udev-default.rules
index abc5113cf..6bf45cce9 100644
--- a/rules/rules.d/50-udev-default.rules
+++ b/rules/rules.d/50-udev-default.rules
@@ -94,7 +94,7 @@ SUBSYSTEM=="aoe", KERNEL=="err", MODE="0440"
 KERNEL=="tun",			NAME="net/%k", MODE="0666"
 
 # CPU
-KERNEL=="cpu[0-9]*",		NAME="cpu/%n/cpuid"
+KERNEL=="cpu[0-9]*",		NAME="cpu/%n/cpuid", MODE="0444"
 KERNEL=="msr[0-9]*",		NAME="cpu/%n/msr"
 KERNEL=="microcode",		NAME="cpu/microcode", MODE="0600"