From da4759c73b0f1aac79f37bdb39ad2124439c30e7 Mon Sep 17 00:00:00 2001 From: Guenter Roeck Date: Thu, 12 Mar 2015 09:58:26 -0400 Subject: sysfs: Use only return value from is_visible for the file mode Up to now, is_visible can only be used to either remove visibility of a file entirely or to add permissions, but not to reduce permissions. This makes it impossible, for example, to use DEVICE_ATTR_RW to define file attributes and reduce permissions to read-only. This behavior is undesirable and unnecessarily complicates code which needs to reduce permissions; instead of just returning the desired permissions, it has to ensure that the permissions in the attribute variable declaration only reflect the minimal permissions ever needed. Change semantics of is_visible to only use the permissions returned from it instead of oring the returned value with the hard-coded permissions. Signed-off-by: Guenter Roeck Signed-off-by: Vivien Didelot Signed-off-by: Greg Kroah-Hartman --- fs/sysfs/group.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'fs') diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c index 2554d8835b48..3fdccd99a9d9 100644 --- a/fs/sysfs/group.c +++ b/fs/sysfs/group.c @@ -41,7 +41,7 @@ static int create_files(struct kernfs_node *parent, struct kobject *kobj, if (grp->attrs) { for (i = 0, attr = grp->attrs; *attr && !error; i++, attr++) { - umode_t mode = 0; + umode_t mode = (*attr)->mode; /* * In update mode, we're changing the permissions or @@ -56,8 +56,7 @@ static int create_files(struct kernfs_node *parent, struct kobject *kobj, continue; } error = sysfs_add_file_mode_ns(parent, *attr, false, - (*attr)->mode | mode, - NULL); + mode, NULL); if (unlikely(error)) break; } -- cgit v1.2.3 From d8bf8c92e80fed9119eb222c7e5cc88acf57c12c Mon Sep 17 00:00:00 2001 From: Vivien Didelot Date: Thu, 12 Mar 2015 09:58:27 -0400 Subject: sysfs: Only accept read/write permissions for file attributes For sysfs file attributes, only read and write permissions make sense. Mask provided attribute permissions accordingly and send a warning to the console if invalid permission bits are set. This patch is originally from Guenter [1] and includes the fixup explained in the thread, that is printing permissions in octal format and limiting the scope of attributes to SYSFS_PREALLOC | 0664. [1] https://lkml.org/lkml/2015/1/19/599 Signed-off-by: Vivien Didelot Reviewed-by: Guenter Roeck Signed-off-by: Greg Kroah-Hartman --- fs/sysfs/group.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'fs') diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c index 3fdccd99a9d9..b400c04371f0 100644 --- a/fs/sysfs/group.c +++ b/fs/sysfs/group.c @@ -55,6 +55,12 @@ static int create_files(struct kernfs_node *parent, struct kobject *kobj, if (!mode) continue; } + + WARN(mode & ~(SYSFS_PREALLOC | 0664), + "Attribute %s: Invalid permissions 0%o\n", + (*attr)->name, mode); + + mode &= SYSFS_PREALLOC | 0664; error = sysfs_add_file_mode_ns(parent, *attr, false, mode, NULL); if (unlikely(error)) -- cgit v1.2.3 From c9e15f25f514a76d906be01e621f400cdee94558 Mon Sep 17 00:00:00 2001 From: Greg KH Date: Mon, 30 Mar 2015 14:59:15 +0200 Subject: debugfs: allow bad parent pointers to be passed in If something went wrong with creating a debugfs file/symlink/directory, that value could be passed down into debugfs again as a parent dentry. To make caller code simpler, just error out if this happens, and don't crash the kernel. Reported-by: Alex Elder Reviewed-by: Viresh Kumar Signed-off-by: Greg Kroah-Hartman Reviewed-by: Alex Elder --- fs/debugfs/inode.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'fs') diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index 96400ab42d13..61e72d44cf94 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -254,6 +254,9 @@ static struct dentry *start_creating(const char *name, struct dentry *parent) pr_debug("debugfs: creating file '%s'\n",name); + if (IS_ERR(parent)) + return parent; + error = simple_pin_fs(&debug_fs_type, &debugfs_mount, &debugfs_mount_count); if (error) -- cgit v1.2.3