From 06d8d7b608eaef74280055679fb7a03d34df2da7 Mon Sep 17 00:00:00 2001
From: Yuntao Liu <liuyuntao12@huawei.com>
Date: Thu, 31 Jul 2025 09:01:53 +0000
Subject: [PATCH] fd/proc: modify xcall proc file permissions to 640

hulk inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/ICMGLX

--------------------------------

To meet the principle of least privilege for file permissions,
modify xcall proc file permission from 644 to 640.

Fixes: 5c3cf2289298 ("arm64: Introduce xcall a faster svc exception handling")
Signed-off-by: Yuntao Liu <liuyuntao12@huawei.com>
---
 fs/proc/base.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 62ec367d7f94..7a89f1f0c8f0 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -3481,7 +3481,7 @@ static const struct pid_entry tgid_base_stuff[] = {
 	REG("smart_grid_level", 0640, proc_pid_sg_level_operations),
 #endif
 #ifdef CONFIG_FAST_SYSCALL
-	REG("xcall", 0644, proc_pid_xcall_operations),
+	REG("xcall", 0640, proc_pid_xcall_operations),
 #endif
 #ifdef CONFIG_SCHED_AUTOGROUP
 	REG("autogroup",  S_IRUGO|S_IWUSR, proc_pid_sched_autogroup_operations),
-- 
Gitee