lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 4 May 2021 14:59:55 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Wolfram Sang <wsa+renesas@...g-engineering.com>
Cc:     linux-kernel@...r.kernel.org, linux-renesas-soc@...r.kernel.org,
        "Rafael J. Wysocki" <rafael@...nel.org>
Subject: Re: [PATCH] debugfs: only accept read attributes for blobs

On Tue, May 04, 2021 at 02:17:20PM +0200, Wolfram Sang wrote:
> Blobs can only be read. So, keep only 'read' file attributes because the
> others will not work and only confuse users.
> 
> Signed-off-by: Wolfram Sang <wsa+renesas@...g-engineering.com>
> ---
> 
> I was confused for a second, thinking blobs can be written to. I will
> fix the few in-kernel users doing it wrong seperately.
> 
>  fs/debugfs/file.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
> index 686e0ad28788..d6aa6e04b7af 100644
> --- a/fs/debugfs/file.c
> +++ b/fs/debugfs/file.c
> @@ -890,7 +890,8 @@ static const struct file_operations fops_blob = {
>  /**
>   * debugfs_create_blob - create a debugfs file that is used to read a binary blob
>   * @name: a pointer to a string containing the name of the file to create.
> - * @mode: the permission that the file should have
> + * @mode: the read permission that the file should have (other permissions are
> + * 	  masked out)
>   * @parent: a pointer to the parent dentry for this file.  This should be a
>   *          directory dentry if set.  If this parameter is %NULL, then the
>   *          file will be created in the root of the debugfs filesystem.
> @@ -914,7 +915,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode,
>  				   struct dentry *parent,
>  				   struct debugfs_blob_wrapper *blob)
>  {
> -	return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob);
> +	return debugfs_create_file_unsafe(name, mode & S_IRUGO, parent, blob, &fops_blob);

Can you use an octal number for this?  I think checkpatch.pl will
complain here.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ