| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7c045f1e-4d20-b798-bd74-8e8b9d8ea7e6@kernel.org>
Date: Sat, 12 Aug 2023 16:25:21 +0300
From: Georgi Djakov <djakov@...nel.org>
To: Greg KH <gregkh@...uxfoundation.org>,
Mike Tipton <quic_mdtipton@...cinc.com>
Cc: rafael@...nel.org, corbet@....net, linux-pm@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-arm-msm@...r.kernel.org, quic_okukatla@...cinc.com,
quic_viveka@...cinc.com, peterz@...radead.org,
quic_pkondeti@...cinc.com
Subject: Re: [PATCH v3 1/3] debugfs: Add write support to debugfs_create_str()
Hi Greg,
Thanks for the comments!
On 12.08.23 13:40, Greg KH wrote:
> On Mon, Aug 07, 2023 at 07:29:12AM -0700, Mike Tipton wrote:
>> Currently, debugfs_create_str() only supports reading strings from
>> debugfs. Add support for writing them as well.
>>
>> Based on original implementation by Peter Zijlstra [0]. Write support
>> was present in the initial patch version, but dropped in v2 due to lack
>> of users. We have a user now, so reintroduce it.
>>
>> [0] https://lore.kernel.org/all/YF3Hv5zXb%2F6lauzs@hirez.programming.kicks-ass.net/
>>
>> Signed-off-by: Mike Tipton <quic_mdtipton@...cinc.com>
>> ---
>> fs/debugfs/file.c | 48 +++++++++++++++++++++++++++++++++++++++++++++--
>> 1 file changed, 46 insertions(+), 2 deletions(-)
>>
>> diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
>> index b7711888dd17..87b3753aa4b1 100644
>> --- a/fs/debugfs/file.c
>> +++ b/fs/debugfs/file.c
>> @@ -904,8 +904,52 @@ EXPORT_SYMBOL_GPL(debugfs_create_str);
>> static ssize_t debugfs_write_file_str(struct file *file, const char __user *user_buf,
>> size_t count, loff_t *ppos)
>> {
>> - /* This is really only for read-only strings */
>> - return -EINVAL;
>> + struct dentry *dentry = F_DENTRY(file);
>> + char *old, *new = NULL;
>> + int pos = *ppos;
>> + int r;
>> +
>> + r = debugfs_file_get(dentry);
>> + if (unlikely(r))
>> + return r;
>> +
>> + old = *(char **)file->private_data;
>> +
>> + /* only allow strict concatenation */
>> + r = -EINVAL;
>> + if (pos && pos != strlen(old))
>> + goto error;
>> +
>> + r = -E2BIG;
>> + if (pos + count + 1 > PAGE_SIZE)
>> + goto error;
>> +
>> + r = -ENOMEM;
>> + new = kmalloc(pos + count + 1, GFP_KERNEL);
>> + if (!new)
>> + goto error;
>> +
>> + if (pos)
>> + memcpy(new, old, pos);
>> +
>> + r = -EFAULT;
>> + if (copy_from_user(new + pos, user_buf, count))
>> + goto error;
>> +
>> + new[pos + count] = '\0';
>> + strim(new);
>> +
>> + rcu_assign_pointer(*(char **)file->private_data, new);
>> + synchronize_rcu();
>> + kfree(old);
>> +
>> + debugfs_file_put(dentry);
>> + return count;
>> +
>> +error:
>> + kfree(new);
>> + debugfs_file_put(dentry);
>> + return r;
>> }
>
> So you just added write support for ALL debugfs files that use the
> string interface, what did you just allow to break?
Not really. According to the existing code, the write support for strings
is enabled only when the file is created with +w permissions. For read-only
files, we use fops_str_ro, which is the case for all existing string files:
$ git grep -w debugfs_create_str | egrep -v "fs/debugfs/file.c|include/linux/debugfs.h"
drivers/firmware/arm_scmi/driver.c: debugfs_create_str("instance_name", 0400, top_dentry,
drivers/firmware/arm_scmi/driver.c: debugfs_create_str("type", 0400, trans, (char **)&dbg->type);
drivers/opp/debugfs.c: debugfs_create_str("of_name", S_IRUGO, d, (char **)&opp->of_name);
For fops_str_ro, the .write function is not implemented, so nothing should break?
> I recommend just using your own debugfs file function instead, as this
> could cause bad problems, right?
Agree, and that should be exactly what this patch does.
> Are you sure that all string calls can
> handle the variable be freed underneath it like this call will allow to
> happen?
Looks fine, at least for this patch-set.
Thanks,
Georgi
Powered by blists - more mailing lists