From: Wade Mealing <[email protected]>
Turns out that the permissions for 0400 really are what we want here,
otherwise any user can write to this file.
[fixed formatting and made static - gregkh]
Reported-by: Wade Mealing <[email protected]>
Cc: stable <[email protected]>
Fixes: f40609d1591f ("zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()")
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1847832
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/block/zram/zram_drv.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index 6e2ad90b17a3..270dd810be54 100644
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -2021,7 +2021,8 @@ static ssize_t hot_add_show(struct class *class,
return ret;
return scnprintf(buf, PAGE_SIZE, "%d\n", ret);
}
-static CLASS_ATTR_RO(hot_add);
+static struct class_attribute class_attr_hot_add =
+ __ATTR(hot_add, 0400, hot_add_show, NULL);
static ssize_t hot_remove_store(struct class *class,
struct class_attribute *attr,
--
2.27.0
On 6/17/20 12:34 PM, Greg Kroah-Hartman wrote:
> From: Wade Mealing <[email protected]>
>
> Turns out that the permissions for 0400 really are what we want here,
> otherwise any user can write to this file.
Minor confusion on my side:
Did you mean "read from" instead of "write to"?
I.e. only owner may read but not group nor others.
Whereas using CLASS_ATTR_RO would resolve into 0444.
>
> [fixed formatting and made static - gregkh]
>
> Reported-by: Wade Mealing <[email protected]>
> Cc: stable <[email protected]>
> Fixes: f40609d1591f ("zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()")
> Link: https://bugzilla.redhat.com/show_bug.cgi?id=1847832
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
> ---
> drivers/block/zram/zram_drv.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
> index 6e2ad90b17a3..270dd810be54 100644
> --- a/drivers/block/zram/zram_drv.c
> +++ b/drivers/block/zram/zram_drv.c
> @@ -2021,7 +2021,8 @@ static ssize_t hot_add_show(struct class *class,
> return ret;
> return scnprintf(buf, PAGE_SIZE, "%d\n", ret);
> }
> -static CLASS_ATTR_RO(hot_add);
> +static struct class_attribute class_attr_hot_add =
> + __ATTR(hot_add, 0400, hot_add_show, NULL);
>
> static ssize_t hot_remove_store(struct class *class,
> struct class_attribute *attr,
>
--
Mit freundlichen Gruessen / Kind regards
Steffen Maier
Linux on IBM Z Development
https://www.ibm.com/privacy/us/en/
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Matthias Hartmann
Geschaeftsfuehrung: Dirk Wittkopp
Sitz der Gesellschaft: Boeblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
On Wed, Jun 17, 2020 at 01:05:54PM +0200, Steffen Maier wrote:
> On 6/17/20 12:34 PM, Greg Kroah-Hartman wrote:
> > From: Wade Mealing <[email protected]>
> >
> > Turns out that the permissions for 0400 really are what we want here,
> > otherwise any user can write to this file.
>
> Minor confusion on my side:
> Did you mean "read from" instead of "write to"?
> I.e. only owner may read but not group nor others.
> Whereas using CLASS_ATTR_RO would resolve into 0444.
Sorry, you are correct, I'll fix the changelog text and send this out
again.
It's a "fun" file, reading from it causes something to happen, not the
normal way things work :(
greg k-h
From: Wade Mealing <[email protected]>
Turns out that the permissions for 0400 really are what we want here,
otherwise any user can read from this file.
[fixed formatting, added changelog, and made attribute static - gregkh]
Reported-by: Wade Mealing <[email protected]>
Cc: stable <[email protected]>
Fixes: f40609d1591f ("zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()")
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1847832
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
v2: fix read/write confusion in the changelog, thanks to Steffen for the
review.
was more specific as to the changes I made to the original patch.
drivers/block/zram/zram_drv.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index 6e2ad90b17a3..270dd810be54 100644
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -2021,7 +2021,8 @@ static ssize_t hot_add_show(struct class *class,
return ret;
return scnprintf(buf, PAGE_SIZE, "%d\n", ret);
}
-static CLASS_ATTR_RO(hot_add);
+static struct class_attribute class_attr_hot_add =
+ __ATTR(hot_add, 0400, hot_add_show, NULL);
static ssize_t hot_remove_store(struct class *class,
struct class_attribute *attr,
--
2.27.0
On Wed, Jun 17, 2020 at 02:31:00PM +0200, Willy Tarreau wrote:
> Hi Greg,
>
> On Wed, Jun 17, 2020 at 12:34:12PM +0200, Greg Kroah-Hartman wrote:
> > From: Wade Mealing <[email protected]>
> >
> > Turns out that the permissions for 0400 really are what we want here,
> > otherwise any user can write to this file.
> ^^^^^^^^
> s/write to/read from/
>
> As Wade reported, it's sufficient to read from it to create a zram entry.
Bah I just saw your v2 now, sorry for the noise.
Willy
Hi Greg,
On Wed, Jun 17, 2020 at 12:34:12PM +0200, Greg Kroah-Hartman wrote:
> From: Wade Mealing <[email protected]>
>
> Turns out that the permissions for 0400 really are what we want here,
> otherwise any user can write to this file.
^^^^^^^^
s/write to/read from/
As Wade reported, it's sufficient to read from it to create a zram entry.
Regards,
Willy
On 6/17/20 1:49 PM, Greg Kroah-Hartman wrote:
> From: Wade Mealing <[email protected]>
>
> Turns out that the permissions for 0400 really are what we want here,
> otherwise any user can read from this file.
>
> [fixed formatting, added changelog, and made attribute static - gregkh]
>
> Reported-by: Wade Mealing <[email protected]>
> Cc: stable <[email protected]>
> Fixes: f40609d1591f ("zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()")
> Link: https://bugzilla.redhat.com/show_bug.cgi?id=1847832
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
Reviewed-by: Steffen Maier <[email protected]>
> ---
> v2: fix read/write confusion in the changelog, thanks to Steffen for the
> review.
> was more specific as to the changes I made to the original patch.
>
> drivers/block/zram/zram_drv.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
> index 6e2ad90b17a3..270dd810be54 100644
> --- a/drivers/block/zram/zram_drv.c
> +++ b/drivers/block/zram/zram_drv.c
> @@ -2021,7 +2021,8 @@ static ssize_t hot_add_show(struct class *class,
> return ret;
> return scnprintf(buf, PAGE_SIZE, "%d\n", ret);
> }
> -static CLASS_ATTR_RO(hot_add);
> +static struct class_attribute class_attr_hot_add =
> + __ATTR(hot_add, 0400, hot_add_show, NULL);
>
> static ssize_t hot_remove_store(struct class *class,
> struct class_attribute *attr,
>
--
Mit freundlichen Gruessen / Kind regards
Steffen Maier
Linux on IBM Z Development
https://www.ibm.com/privacy/us/en/
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Matthias Hartmann
Geschaeftsfuehrung: Dirk Wittkopp
Sitz der Gesellschaft: Boeblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
On Wed, Jun 17, 2020 at 01:49:46PM +0200, Greg Kroah-Hartman wrote:
> From: Wade Mealing <[email protected]>
>
> Turns out that the permissions for 0400 really are what we want here,
> otherwise any user can read from this file.
>
> [fixed formatting, added changelog, and made attribute static - gregkh]
>
> Reported-by: Wade Mealing <[email protected]>
> Cc: stable <[email protected]>
> Fixes: f40609d1591f ("zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()")
> Link: https://bugzilla.redhat.com/show_bug.cgi?id=1847832
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
Acked-by: Minchan Kim <[email protected]>