[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <202507310952.7255AA30@keescook>
Date: Thu, 31 Jul 2025 09:54:21 -0700
From: Kees Cook <kees@...nel.org>
To: Jeff Layton <jlayton@...nel.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
Simon Horman <horms@...nel.org>,
Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
Maxime Ripard <mripard@...nel.org>,
Thomas Zimmermann <tzimmermann@...e.de>,
David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>,
Jani Nikula <jani.nikula@...ux.intel.com>,
Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>,
Rodrigo Vivi <rodrigo.vivi@...el.com>,
Tvrtko Ursulin <tursulin@...ulin.net>,
Krzysztof Karas <krzysztof.karas@...el.com>,
Kuniyuki Iwashima <kuniyu@...zon.com>,
Qasim Ijaz <qasdev00@...il.com>,
Nathan Chancellor <nathan@...nel.org>, Andrew Lunn <andrew@...n.ch>,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
dri-devel@...ts.freedesktop.org, intel-gfx@...ts.freedesktop.org
Subject: Re: [PATCH v15 6/9] ref_tracker: automatically register a file in
debugfs for a ref_tracker_dir
On Thu, Jul 31, 2025 at 06:29:00AM -0400, Jeff Layton wrote:
> "If you think you can justify it (in comments and commit log) well
> enough to stand up to Linus’s scrutiny, maybe you can use “%px”, along
> with making sure you have sensible permissions."
>
> Is making it only accessible by root not sensible enough? What are
> "sensible permissions" in this instance?
Yes, I should have been more clear (or probably should update the
document), but root (uid==0) isn't a sufficient permission check, as
address exposure is supposed to be bounded by capabilities. Putting a
filename into the tree exposes the address to anything that can get a
file listing, and DAC access control isn't granular enough.
(Thank you again for the fix patch I saw in the other thread!)
--
Kees Cook
Powered by blists - more mailing lists