lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 5 Jan 2009 21:57:07 -0500
From:	Robin Getz <rgetz@...ckfin.uclinux.org>
To:	"Greg KH" <gregkh@...e.de>, viro@...iv.linux.org.uk
Cc:	linux-kernel@...r.kernel.org
Subject: debugfs & vfs file permission issue?

On 2.6.28-rc2, If I create a debugfs file with

    debugfs_create_x16("SPORT1_TX", 0200 , parent, 0xFFC00910);

Although the file shows up as write only (no read):

root:/> ls -l /sys/kernel/debug/blackfin/SPORT/SPORT1_TX
--w-------    1 root     root            0 Jan  1  
2007 /sys/kernel/debug/blackfin/SPORT/SPORT1_TX

root:/> cat /sys/kernel/debug/blackfin/SPORT/SPORT1_TX

Still works - and causes the read to occur, which crashes :(

System MMR Error
.....

I can do the same to any file by hand too.

root:/> ls -l /sys/kernel/debug/blackfin/RTC/RTC_STAT
-rw-------    1 root     root            0 Jan  1  
2007 /sys/kernel/debug/blackfin/RTC/RTC_STAT
root:/> cat /sys/kernel/debug/blackfin/RTC/RTC_STAT
0xb81d3181
root:/> chmod 0000 /sys/kernel/debug/blackfin/RTC/RTC_STAT
root:/> ls -l /sys/kernel/debug/blackfin/RTC/RTC_STAT
----------    1 root     root            0 Jan  1  
2007 /sys/kernel/debug/blackfin/RTC/RTC_STAT
root:/> cat /sys/kernel/debug/blackfin/RTC/RTC_STAT
0xb81d31a5

?

>From what I can tell from the call trace:

cat (userspace)
  system_call (into kernel)
    sys_read
      vfs_read
        simple_attr_read
          debugfs_u16_get
            crash


I would think that vfs_read should fail....

./fs/read_write.c:vfs_read()

        if (!(file->f_mode & FMODE_READ))
                return -EBADF; 

I don't understand while the inode that is created 

fs/debugfs/inode.c:debugfs_get_inode()

     inode->i_mode = mode; 

isn't setting the f_mode properly.

Any suggestions?

Thanks
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ