lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240503225013.519028385@goodmis.org>
Date: Fri, 03 May 2024 18:50:13 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: linux-kernel@...r.kernel.org
Cc: Masami Hiramatsu <mhiramat@...nel.org>,
 Mark Rutland <mark.rutland@....com>,
 Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
 Andrew Morton <akpm@...ux-foundation.org>
Subject: [for-linus][PATCH 0/9] tracing/tracefs: Fixes for v6.9

tracing and tracefs fixes for v6.9

- Minor fix for user_events interface
  The ABI of creating a user event states that the fields
  are separated by semicolons, and spaces should be ignored.
  But the parsing expected at least one space to be there (which was incorrect).
  Fix the reading of the string to handle fields separated by
  semicolons but no space between them.

- Add test to user event selftests for no spaces between fields.

- Fix RCU callback of freeing an eventfs_inode.
  The freeing of the eventfs_inode from the kref going to zero
  freed the contents of the eventfs_inode and then used kfree_rcu()
  to free the inode itself. But the contents should also be protected
  by RCU. Switch to a call_rcu() that calls a function to free all
  of the eventfs_inode after the RCU synchronization.

- The tracefs maps its own descriptor to a file represented by
  eventfs. The freeing of this descriptor needs to know when the
  last reference of an eventfs_inode is released, but currently
  there is no interface for that. Add a "release" callback to
  the eventfs_inode entry array that allows for freeing of data
  that can be referenced by the eventfs_inode being opened.
  Then increment the ref counter for this descriptor when the
  eventfs_inode file is created, and decrement/free it when the
  last reference to the eventfs_inode is released and the file
  is removed.

- Fix the permission processing of eventfs.
  The change to make the permissions of eventfs default to the mount
  point but keep track of when changes were made had a side effect
  that could cause security concerns. When the tracefs is remounted
  with a given gid or uid, all the files within it should inherit
  that gid or uid. But if the admin had changed the permission of
  some file within the tracefs file system, it would not get updated
  by the remount. This caused the kselftest of file permissions
  to fail the second time it is run. The first time, all changes
  would look fine, but the second time, because the changes were
  "saved", the remount did not reset them.

  Create a link list of all existing tracefs inodes, and clear the
  saved flags on them on a remount if the remount changes the
  corresponding gid or uid fields.

  This also simplifies the code by removing the distinction between the
  toplevel eventfs and an instance eventfs. They should both act the
  same. They were different because of a misconception due to the
  remount not resetting the flags. Now that remount resets all the
  files and directories to default to the root node if a uid/gid is
  specified, it makes the logic simpler to implement.


Beau Belgrave (2):
      tracing/user_events: Fix non-spaced field matching
      selftests/user_events: Add non-spacing separator check

Steven Rostedt (Google) (7):
      eventfs/tracing: Add callback for release of an eventfs_inode
      eventfs: Free all of the eventfs_inode after RCU
      tracefs: Reset permissions on remount if permissions are options
      tracefs: Still use mount point as default permissions for instances
      eventfs: Do not differentiate the toplevel events directory
      eventfs: Do not treat events directory different than other directories
      eventfs: Have "events" directory get permissions from its parent

----
 fs/tracefs/event_inode.c                          | 148 ++++++++++++++--------
 fs/tracefs/inode.c                                |  92 +++++++++++++-
 fs/tracefs/internal.h                             |  14 +-
 include/linux/tracefs.h                           |   3 +
 kernel/trace/trace_events.c                       |  12 ++
 kernel/trace/trace_events_user.c                  |  76 ++++++++++-
 tools/testing/selftests/user_events/ftrace_test.c |   8 ++
 7 files changed, 293 insertions(+), 60 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ