lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CACVxJT_qZP-AKUzf5sXfp2h+qJ+L0BZit3pgi-aGCuXk4Kmzuw@mail.gmail.com>
Date: Tue, 1 Apr 2025 14:14:10 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: Mateusz Guzik <mjguzik@...il.com>
Cc: Christian Brauner <brauner@...nel.org>, Al Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>, 
	Linux Kernel <linux-kernel@...r.kernel.org>, 
	linux-fsdevel <linux-fsdevel@...r.kernel.org>
Subject: Re: [PATCH 1/2] proc: add a helper for marking files as permanent by
 external consumers

> +void proc_make_permanent(struct proc_dir_entry *de)
> +{
> + pde_make_permanent(de);
> +}
> +EXPORT_SYMBOL(proc_make_permanent);

no, no, no, no

this is wrong!

marking should be done in the context of a module!

the reason it is not exported is because the aren't safeguards against
module misuse

the flag is supposed to be used in case where
a) PDE itself is never removed and,
b) all the code supporting is never removed,
so that locking can be skipped

this it fine to mark /proc/filesystems because kernel controls it

this is fine to mark /proc/aaa if all module does is to write some
info to it and deletes it during rmmod

but it is not fine to mark /proc/aaa/bbb if "bbb" is created/deleted
while module is running,
locking _must_ be done in this case

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ