| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 10 Oct 2020 11:38:24 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Johannes Berg <johannes@...solutions.net>
Cc: linux-kernel@...r.kernel.org, nstange@...e.de, ap420073@...il.com,
David.Laight@...lab.com, netdev@...r.kernel.org,
linux-wireless@...r.kernel.org, rafael@...nel.org
Subject: Re: [CRAZY-RFF] debugfs: track open files and release on remove
On Fri, Oct 09, 2020 at 10:48:09AM +0200, Johannes Berg wrote:
> On Fri, 2020-10-09 at 10:47 +0200, Greg KH wrote:
>
> > > I think adding the .owner everywhere would be good, and perhaps we can
> > > somehow put a check somewhere like
> > >
> > > WARN_ON(is_module_address((unsigned long)fops) && !fops->owner);
> > >
> > > to prevent the issue in the future?
> >
> > That will fail for all of the debugfs_create_* operations, as there is
> > only one set of file operations for all of the different files created
> > with these calls.
>
> Why would it fail? Those have their fops in the core debugfs code, which
> might have a .owner assigned but is probably built-in anyway?
Bad choice of terms, it would "fail" in that this type of check would
never actually work because the debugfs code is built into the kernel,
and there is no module owner for it. But the value it is referencing is
an address in a module.
> > Which, now that I remember it, is why we went down the proxy "solution"
> > in the first place :(
>
> Not sure I understand. That was related more to (arbitrary) files having
> to be disappeared rather than anything else?
Isn't this the same issue?
thanks,
greg k-h
Powered by blists - more mailing lists