lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2023061329-splinter-rundown-a61a@gregkh>
Date:   Tue, 13 Jun 2023 12:22:05 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Alexey Kardashevskiy <aik@....com>
Cc:     Avadhut Naik <Avadhut.Naik@....com>, rafael@...nel.org,
        lenb@...nel.org, linux-acpi@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, avadnaik@....com,
        yazen.ghannam@....com, alexey.kardashevskiy@....com,
        linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v3 2/3] fs: debugfs: Add write functionality to
 debugfs blobs

On Tue, Jun 13, 2023 at 08:05:41PM +1000, Alexey Kardashevskiy wrote:
> 
> 
> On 13/6/23 17:59, Greg KH wrote:
> > On Mon, Jun 12, 2023 at 09:51:38PM +0000, Avadhut Naik wrote:
> > >   /**
> > > - * debugfs_create_blob - create a debugfs file that is used to read a binary blob
> > > + * debugfs_create_blob - create a debugfs file that is used to read and write
> > > + * a binary blob
> > >    * @name: a pointer to a string containing the name of the file to create.
> > > - * @mode: the read permission that the file should have (other permissions are
> > > - *	  masked out)
> > > + * @mode: the permission that the file should have
> > >    * @parent: a pointer to the parent dentry for this file.  This should be a
> > >    *          directory dentry if set.  If this parameter is %NULL, then the
> > >    *          file will be created in the root of the debugfs filesystem.
> > > @@ -992,7 +1010,7 @@ static const struct file_operations fops_blob = {
> > >    *
> > >    * This function creates a file in debugfs with the given name that exports
> > >    * @blob->data as a binary blob. If the @mode variable is so set it can be
> > > - * read from. Writing is not supported.
> > > + * read from and written to.
> > >    *
> > >    * This function will return a pointer to a dentry if it succeeds.  This
> > >    * pointer must be passed to the debugfs_remove() function when the file is
> > > @@ -1007,7 +1025,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode,
> > >   				   struct dentry *parent,
> > >   				   struct debugfs_blob_wrapper *blob)
> > >   {
> > > -	return debugfs_create_file_unsafe(name, mode & 0444, parent, blob, &fops_blob);
> > > +	return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob);
> > 
> > Have you audited all calls to this function to verify that you haven't
> > just turned on write access to some debugfs files?
> 
> I just did, it is one of S_IRUGO/S_IRUSR/0444/0400/(S_IFREG | 0444). So we
> are quite safe here. Except (S_IFREG | 0444) in
> drivers/platform/chrome/cros_ec_debugfs.c which seems wrong as debugfs files
> are not regular files.
> 
> > Why not rename this to debugfs_create_blob_wo() and then make a new
> > debugfs_create_blob_rw() call to ensure that it all is ok?
> 
> It is already taking the mode for this purpose. imho just
> cros_ec_create_panicinfo()'s debugfs_create_blob("panicinfo", S_IFREG |
> 0444,...) needs fixing.

Yes, well it's taking the mode, but silently modifying it :)

Ok, thanks for the audit, respin this with that fix and then I don't
have a problem with it (other than binary debugfs files fill me with
dread, what could go wrong...)

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ