lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150312100151.GD3682@kroah.com>
Date:	Thu, 12 Mar 2015 11:01:51 +0100
From:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:	Vivien Didelot <vivien.didelot@...oirfairelinux.com>
Cc:	linux-kernel@...r.kernel.org, Guenter Roeck <linux@...ck-us.net>,
	kernel@...oirfairelinux.com
Subject: Re: [PATCH v2 2/3] sysfs: Only accept read/write permissions for
 file attributes

On Wed, Mar 11, 2015 at 02:22:10PM -0400, Vivien Didelot wrote:
> For sysfs file attributes, only read and write permissions make sense.
> Mask provided attribute permissions accordingly and send a warning
> to the console if invalid permission bits are set.
> 
> This patch is originally from Guenter [1] and includes the fixup
> explained in the thread, that is printing permissions in octal format
> and limiting the scope of attributes to SYSFS_PREALLOC | 0664.
> 
> [1] https://lkml.org/lkml/2015/1/19/599
> 
> Cc: Guenter Roeck <linux@...ck-us.net>
> Signed-off-by: Vivien Didelot <vivien.didelot@...oirfairelinux.com>
> ---
>  fs/sysfs/group.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
> index 3fdccd9..b400c04 100644
> --- a/fs/sysfs/group.c
> +++ b/fs/sysfs/group.c
> @@ -55,6 +55,12 @@ static int create_files(struct kernfs_node *parent, struct kobject *kobj,
>  				if (!mode)
>  					continue;
>  			}
> +
> +			WARN(mode & ~(SYSFS_PREALLOC | 0664),
> +			     "Attribute %s: Invalid permissions 0%o\n",
> +			     (*attr)->name, mode);
> +
> +			mode &= SYSFS_PREALLOC | 0664;

How does a "normal" boot look with this warning in place?  There still
seem to be a number of files in sysfs that might trigger this.

Also, we have a build-time warning if a sysfs file is this type of
attribute, shouldn't we just rely on that instead of this run-time
warning?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ