lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20151007173802.GA10665@kroah.com>
Date:	Wed, 7 Oct 2015 18:38:02 +0100
From:	Greg KH <gregkh@...uxfoundation.org>
To:	Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
Cc:	maxime.ripard@...e-electrons.com, linux-kernel@...r.kernel.org,
	andrew@...n.ch, wxt@...k-chips.com, stefan.wahren@...e.com,
	pantelis.antoniou@...sulko.com, maitysanchayan@...il.com,
	p.zabel@...gutronix.de, s.hauer@...gutronix.de,
	linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH] nvmem: core: make default user binary file root-access
 only

On Wed, Oct 07, 2015 at 06:26:02PM +0100, Srinivas Kandagatla wrote:
> 
> 
> On 07/10/15 18:12, Greg KH wrote:
> >On Wed, Oct 07, 2015 at 06:01:03PM +0100, Srinivas Kandagatla wrote:
> >>
> >>
> >>On 07/10/15 17:50, Greg KH wrote:
> >>>On Wed, Oct 07, 2015 at 05:35:14PM +0100, Srinivas Kandagatla wrote:
> >>>>As required by many providers like at24/at25/mxs-ocotp/qfprom, which would
> >>>>want to allow root-only to read/write the nvmem content.
> >>>>So making the defaults to be root-only access which can prevent normal
> >>>>users from reading the nvmem data.
> >>>>
> >>>>Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
> >>>>---
> >>>>  drivers/nvmem/core.c | 4 ++--
> >>>>  1 file changed, 2 insertions(+), 2 deletions(-)
> >>>>
> >>>>diff --git a/drivers/nvmem/core.c b/drivers/nvmem/core.c
> >>>>index 6fd4e5a..4d2e476 100644
> >>>>--- a/drivers/nvmem/core.c
> >>>>+++ b/drivers/nvmem/core.c
> >>>>@@ -112,7 +112,7 @@ static ssize_t bin_attr_nvmem_write(struct file *filp, struct kobject *kobj,
> >>>>  static struct bin_attribute bin_attr_rw_nvmem = {
> >>>>  	.attr	= {
> >>>>  		.name	= "nvmem",
> >>>>-		.mode	= S_IWUSR | S_IRUGO,
> >>>>+		.mode	= S_IWUSR | S_IRUSR,
> >>>>  	},
> >>>>  	.read	= bin_attr_nvmem_read,
> >>>>  	.write	= bin_attr_nvmem_write,
> >>>>@@ -136,7 +136,7 @@ static const struct attribute_group *nvmem_rw_dev_groups[] = {
> >>>>  static struct bin_attribute bin_attr_ro_nvmem = {
> >>>>  	.attr	= {
> >>>>  		.name	= "nvmem",
> >>>>-		.mode	= S_IRUGO,
> >>>>+		.mode	= S_IRUSR,
> >>>>  	},
> >>>>  	.read	= bin_attr_nvmem_read,
> >>>>  };
> >>>
> >>>How about using BIN_ATTR_RO() and friends instead, that way I _know_ you
> >>>got the permissions correct as it's impossible to get them wrong by
> >>>using those macros.
> >>Yes, that sounds good, but there are no macros for just "S_IRUSR" or
> >>"(S_IWUSR | S_IRUSR)" in ./include/linux/sysfs.h
> >
> >Then that means you are trying to do something "odd" and you shouldn't
> >be doing that :)
> >
> The requirement originally came from a discussion regarding file permissions
> set by at24 (drivers/mis/eeprom/at24.c) vs nvmem.
> 
> at24 driver sets the permission of root-only read/write, which is different
> to what nvmem sets as default.
> 
> So this patch was primarily make nvmem framework inline with what at24/at25
> does.

Doesn't sound like a good idea, take this time to fix that lapse in
security :)

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ