lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <55016CC8.3070304@roeck-us.net>
Date:	Thu, 12 Mar 2015 03:39:04 -0700
From:	Guenter Roeck <linux@...ck-us.net>
To:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Vivien Didelot <vivien.didelot@...oirfairelinux.com>
CC:	linux-kernel@...r.kernel.org, kernel@...oirfairelinux.com
Subject: Re: [PATCH v2 2/3] sysfs: Only accept read/write permissions for
 file attributes

On 03/12/2015 03:01 AM, Greg Kroah-Hartman wrote:
> On Wed, Mar 11, 2015 at 02:22:10PM -0400, Vivien Didelot wrote:
>> For sysfs file attributes, only read and write permissions make sense.
>> Mask provided attribute permissions accordingly and send a warning
>> to the console if invalid permission bits are set.
>>
>> This patch is originally from Guenter [1] and includes the fixup
>> explained in the thread, that is printing permissions in octal format
>> and limiting the scope of attributes to SYSFS_PREALLOC | 0664.
>>
>> [1] https://lkml.org/lkml/2015/1/19/599
>>
>> Cc: Guenter Roeck <linux@...ck-us.net>
>> Signed-off-by: Vivien Didelot <vivien.didelot@...oirfairelinux.com>
>> ---
>>   fs/sysfs/group.c | 6 ++++++
>>   1 file changed, 6 insertions(+)
>>
>> diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
>> index 3fdccd9..b400c04 100644
>> --- a/fs/sysfs/group.c
>> +++ b/fs/sysfs/group.c
>> @@ -55,6 +55,12 @@ static int create_files(struct kernfs_node *parent, struct kobject *kobj,
>>   				if (!mode)
>>   					continue;
>>   			}
>> +
>> +			WARN(mode & ~(SYSFS_PREALLOC | 0664),
>> +			     "Attribute %s: Invalid permissions 0%o\n",
>> +			     (*attr)->name, mode);
>> +
>> +			mode &= SYSFS_PREALLOC | 0664;
>
> How does a "normal" boot look with this warning in place?  There still
> seem to be a number of files in sysfs that might trigger this.
>
I was under the impression that they all were addressed, but I may have
missed some pattern(s). Can you point me to an example, by any chance ?

> Also, we have a build-time warning if a sysfs file is this type of
> attribute, shouldn't we just rely on that instead of this run-time
> warning?
>

The mode value can be returned from an is_visible function, and even if not
there is no guarantee that the build-time warning triggers (attribute lists
can be generated manually, for example).

Thanks,
Guenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ