lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <64de5996-1120-4c06-9782-a172e83f9eb3@lunn.ch>
Date: Wed, 14 May 2025 16:54:36 +0200
From: Andrew Lunn <andrew@...n.ch>
To: Wojtek Wasko <wwasko@...dia.com>
Cc: richardcochran@...il.com, vadim.fedorenko@...ux.dev,
	netdev@...r.kernel.org
Subject: Re: [PATCH] ptp: Add sysfs attribute to show clock is safe to open RO

On Wed, May 14, 2025 at 05:36:21PM +0300, Wojtek Wasko wrote:
> Recent patches introduced in 6.15 implement permissions checks for PTP
> clocks. Prior to those, a process with readonly access could modify the
> state of PTP devices, in particular the generation and consumption of
> PPS signals.
> 
> Userspace (e.g. udev) managing the ownership and permissions of device
> nodes lacks information as to whether kernel implements the necessary
> security checks and whether it is safe to expose readonly access to
> PTP devices to unprivileged users. Kernel version checks are cumbersome
> and prone to failure, especially if backports are considered [1].
> 
> Add a readonly sysfs attribute to PTP clocks, "ro_safe", backed by a
> static string.

~/linux$ grep -r "ro_safe"
~/linux$ 

At minimum, this needs documentation.

But is this really the first time an issue like this has come up?

Also, what was the argument for adding permission checks, and how was
it argued it was not an ABI change?

   Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ