lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Oct 2020 10:47:29 +0200 From: Greg KH <gregkh@...uxfoundation.org> To: Johannes Berg <johannes@...solutions.net> Cc: linux-kernel@...r.kernel.org, nstange@...e.de, ap420073@...il.com, David.Laight@...lab.com, netdev@...r.kernel.org, linux-wireless@...r.kernel.org, rafael@...nel.org Subject: Re: [CRAZY-RFF] debugfs: track open files and release on remove On Fri, Oct 09, 2020 at 10:19:02AM +0200, Johannes Berg wrote: > On Fri, 2020-10-09 at 10:16 +0200, Greg KH wrote: > > On Fri, Oct 09, 2020 at 10:06:14AM +0200, Johannes Berg wrote: > > > We used to say the proxy_fops weren't needed and it wasn't an issue, and > > > then still implemented it. Dunno. I'm not really too concerned about it > > > myself, only root can hold the files open and remove modules ... > > > > proxy_fops were needed because devices can be removed from the system at > > any time, causing their debugfs files to want to also be removed. It > > wasn't because of unloading kernel code. > > Indeed, that's true. Still, we lived with it for years. Because no one wanted to fix the code, not because it was correct :) > Anyway, like I said, I really just did this more to see that it _could_ > be done, not to suggest that it _should_ :-) Agreed. > I think adding the .owner everywhere would be good, and perhaps we can > somehow put a check somewhere like > > WARN_ON(is_module_address((unsigned long)fops) && !fops->owner); > > to prevent the issue in the future? That will fail for all of the debugfs_create_* operations, as there is only one set of file operations for all of the different files created with these calls. Which, now that I remember it, is why we went down the proxy "solution" in the first place :( thanks, greg k-h
Powered by blists - more mailing lists