lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 19 Jul 2022 17:39:04 +0100
From:   Jonathan Cameron <Jonathan.Cameron@...wei.com>
To:     <ira.weiny@...el.com>
CC:     Dan Williams <dan.j.williams@...el.com>,
        Bjorn Helgaas <bhelgaas@...gle.com>,
        Krzysztof Wilczyński <kw@...ux.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Lukas Wunner <lukas@...ner.de>,
        Alison Schofield <alison.schofield@...el.com>,
        "Vishal Verma" <vishal.l.verma@...el.com>,
        Dave Jiang <dave.jiang@...el.com>,
        "Ben Widawsky" <bwidawsk@...nel.org>,
        <linux-kernel@...r.kernel.org>, <linux-cxl@...r.kernel.org>,
        <linux-pci@...r.kernel.org>
Subject: Re: [PATCH V14 5/7] driver-core: Introduce BIN_ATTR_ADMIN_{RO,RW}

On Thu, 14 Jul 2022 20:04:22 -0700
ira.weiny@...el.com wrote:

> From: Ira Weiny <ira.weiny@...el.com>
> 
> Many binary attributes need to limit access to CAP_SYS_ADMIN only; ie
> many binary attributes specify is_visible with 0400 or 0600.
> 
> Make setting the permissions of such attributes more explicit by
> defining BIN_ATTR_ADMIN_{RO,RW}.
> 
> Cc: Bjorn Helgaas <bhelgaas@...gle.com>
> Suggested-by: Dan Williams <dan.j.williams@...el.com>
> Suggested-by: Krzysztof Wilczyński <kw@...ux.com>
> Reviewed-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Signed-off-by: Ira Weiny <ira.weiny@...el.com>
Seems sensible.

Reviewed-by: Jonathan Cameron <Jonathan.Cameron@...wei.com>

> 
> ---
> Changes from V12:
> 	Pick up review tag
> 	Bjorn:
> 		NOTE: this has a lot of similarities to
> 		https://lore.kernel.org/all/20210416205856.3234481-7-kw@linux.com/
> 		I'm not sure why that patch was not picked up.  But I've
> 		added Krzysztof as a suggested by if that is ok?
> 
> Changes from V11:
> 	New Patch
> ---
>  include/linux/sysfs.h | 16 ++++++++++++++++
>  1 file changed, 16 insertions(+)
> 
> diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h
> index e3f1e8ac1f85..fd3fe5c8c17f 100644
> --- a/include/linux/sysfs.h
> +++ b/include/linux/sysfs.h
> @@ -235,6 +235,22 @@ struct bin_attribute bin_attr_##_name = __BIN_ATTR_WO(_name, _size)
>  #define BIN_ATTR_RW(_name, _size)					\
>  struct bin_attribute bin_attr_##_name = __BIN_ATTR_RW(_name, _size)
>  
> +
> +#define __BIN_ATTR_ADMIN_RO(_name, _size) {					\
> +	.attr	= { .name = __stringify(_name), .mode = 0400 },		\
> +	.read	= _name##_read,						\
> +	.size	= _size,						\
> +}
> +
> +#define __BIN_ATTR_ADMIN_RW(_name, _size)					\
> +	__BIN_ATTR(_name, 0600, _name##_read, _name##_write, _size)
> +
> +#define BIN_ATTR_ADMIN_RO(_name, _size)					\
> +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RO(_name, _size)
> +
> +#define BIN_ATTR_ADMIN_RW(_name, _size)					\
> +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RW(_name, _size)
> +
>  struct sysfs_ops {
>  	ssize_t	(*show)(struct kobject *, struct attribute *, char *);
>  	ssize_t	(*store)(struct kobject *, struct attribute *, const char *, size_t);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ