Received: by 10.192.165.148 with SMTP id m20csp597566imm; Fri, 27 Apr 2018 04:32:29 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrQ5LA0/yD0o5/2XKbe2WDQNwmNgFKL57kvANJUpHkbBLC0a59sKmJcWs6wmmYe2cG9D9Dk X-Received: by 2002:a63:a06a:: with SMTP id u42-v6mr1752753pgn.389.1524828749138; Fri, 27 Apr 2018 04:32:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524828749; cv=none; d=google.com; s=arc-20160816; b=WI0W0FfYAwT8ANISzuwZghnHQSK4bFSUD8DL+bYJvP5HtOXVgakGMs46P02DER5OEj SfETxumo47DDGcu84RUg9L20h0RzQ3kuYZXC/yx2pxb9oOLpka7eMri8ZEJTeNoIgcrf 9kekvXSDeRwNcWGCtxPW/YjNaOVpSHqEXKVnmYjrI8WyJLVGNneKQxg4nwsIipB4+tMR CoaRex8PxTdmxi501OU7xN8LUsExWtsnAvdo5N6/LQOR4BhOoUZijcB4S4GUlNtzv4Bf yXaxLPzlv8eEWhzoQ0sT65KGlKa/ZwrtVbkbqBVDfJatMqXOFZil3BwifcRE7yISkDuL PjDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-language:in-reply-to :mime-version:user-agent:date:organization:from:references:cc:to :subject:arc-authentication-results; bh=GE2Rl67/VbiqKV84WKH2FM56WT/O8UqNAex/EdL2Bzc=; b=KH6nzZ/1HIQXJzRfnaqQhHwuVMzFKYP2/+FzEnhcSXFZJnneuqidj0qUImEVA9/3Z0 37lggPhpxPc+c0cRrolgFkZ8jjnSijgtN1eoObQ7Nid2bEaVk7m118W+LfW57sDHWAQh 2FTaEjMqLzX09rUB0whlzOnb2NOP2qZKeUxRuqCIejjgJCngrRLIo1p1VcZuGD/eruEy DjN2HREIkwhFpH8KoYFpXX3EvY6J3S5G1OJ+nKekFWF3zlWX0Ri3Z6MIK6g+GBglFkO4 xmDcko/pYXs1WFkDIAkfdmpUtBLM0HdBF+r+oZd5Iv+P0cY4NlcZ1l5ryrUKW8ETAFco FyKg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v123si1092268pfc.273.2018.04.27.04.32.15; Fri, 27 Apr 2018 04:32:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757479AbeD0LbA (ORCPT + 99 others); Fri, 27 Apr 2018 07:31:00 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:35288 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1757373AbeD0La7 (ORCPT ); Fri, 27 Apr 2018 07:30:59 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w3RBOfnR056495 for ; Fri, 27 Apr 2018 07:30:58 -0400 Received: from e06smtp13.uk.ibm.com (e06smtp13.uk.ibm.com [195.75.94.109]) by mx0b-001b2d01.pphosted.com with ESMTP id 2hm252jefk-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Apr 2018 07:30:57 -0400 Received: from localhost by e06smtp13.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 27 Apr 2018 12:30:56 +0100 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp13.uk.ibm.com (192.168.101.143) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Fri, 27 Apr 2018 12:30:54 +0100 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w3RBUs0A2228686; Fri, 27 Apr 2018 11:30:54 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 37E805204B; Fri, 27 Apr 2018 11:21:29 +0100 (BST) Received: from oc3784624756.ibm.com (unknown [9.152.212.151]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id CED535204D; Fri, 27 Apr 2018 11:21:28 +0100 (BST) Subject: Re: [PATCH] inode: debugfs_create_dir uses mode permission from parent To: Greg KH Cc: brueckner@linux.vnet.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, linux-kernel@vger.kernel.org References: <20180427080712.2380-1-tmricht@linux.ibm.com> <20180427082737.GA25242@kroah.com> <504bade7-7b06-c9d4-e4e2-736b9ee5a313@linux.ibm.com> <20180427100600.GB12941@kroah.com> From: Thomas-Mich Richter Organization: IBM LTC Date: Fri, 27 Apr 2018 13:30:53 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <20180427100600.GB12941@kroah.com> Content-Type: multipart/mixed; boundary="------------5395A79255F6AB5325A9A42F" Content-Language: en-US X-TM-AS-GCONF: 00 x-cbid: 18042711-0012-0000-0000-000005CFAFE8 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18042711-0013-0000-0000-0000194CBC7E Message-Id: <82a7c2a7-f8f4-0e59-a770-c3e191f9d3de@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-04-27_03:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1804270111 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This is a multi-part message in MIME format. --------------5395A79255F6AB5325A9A42F Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit On 04/27/2018 12:06 PM, Greg KH wrote: > On Fri, Apr 27, 2018 at 11:14:26AM +0200, Thomas-Mich Richter wrote: >> On 04/27/2018 10:27 AM, Greg KH wrote: >>> On Fri, Apr 27, 2018 at 10:07:12AM +0200, Thomas Richter wrote: >>>> Currently function debugfs_create_dir() creates a new >>>> directory in the debugfs (usually mounted /sys/kernel/debug) >>>> with permission rwxr-xr-x. This is hard coded. >>>> >>>> Change this to use the parent directory permission. >>>> >>>> Fixes: edac65eaf8d5c ("debugfs: take mode-dependent parts of debugfs_get_inode() into callers") >>>> Signed-off-by: Thomas Richter >>>> Cc: Greg Kroah-Hartman >>>> --- >>>> fs/debugfs/inode.c | 5 ++++- >>>> 1 file changed, 4 insertions(+), 1 deletion(-) >>>> >>>> diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c >>>> index 13b01351dd1c..80618330d86a 100644 >>>> --- a/fs/debugfs/inode.c >>>> +++ b/fs/debugfs/inode.c >>>> @@ -512,7 +512,10 @@ struct dentry *debugfs_create_dir(const char *name, struct dentry *parent) >>>> if (unlikely(!inode)) >>>> return failed_creating(dentry); >>>> >>>> - inode->i_mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO; >>>> + if(!parent) >>>> + parent = debugfs_mount->mnt_root; >>>> + inode->i_mode = S_IFDIR | (d_inode(parent)->i_mode >>>> + & (S_IRWXU | S_IRWXG)); >>>> inode->i_op = &simple_dir_inode_operations; >>>> inode->i_fop = &simple_dir_operations; >>>> >>> >>> This looks ok, but is it going to change the permissions of existing >>> stuff in ways that might breaks things, right? >> >> Right, but debugfs is usually mounted on /sys/kernel/debug with >> permissions rwx to root owner. It can be changed after the mount, of course. >> Unless this is done, the directory permissions for /sys/kernel/debug >> will stop any descend regardless of the subdirectory permissions. >> >>> >>> Have you done a before/after comparison? >> >> I have tested this patch on my Linux 4.17.0rc2 kernel on s390. >> That worked well, I have not tested other systems. > > What do you mean by "worked well"? What were the full tree differences > between before and after? You should be able to get this by using: > tree -dp /sys/kernel/debug/ > and then doing a diff on the two files. > > thanks, > > greg k-h > Ok, this is the tree output Before the patch: root@s8360047 ~]# tree -dp -L 1 /sys/kernel/debug/ /sys/kernel/debug/ ├── [drwxr-xr-x] bdi ├── [drwxr-xr-x] block ├── [drwxr-xr-x] dasd ├── [drwxr-xr-x] device_component ├── [drwxr-xr-x] extfrag ├── [drwxr-xr-x] hid ├── [drwxr-xr-x] kprobes ├── [drwxr-xr-x] kvm ├── [drwxr-xr-x] memblock ├── [drwxr-xr-x] pm_qos ├── [drwxr-xr-x] qdio ├── [drwxr-xr-x] s390 ├── [drwxr-xr-x] s390dbf └── [drwx------] tracing 14 directories After the patch: [root@s8360047 ~]# tree -dp -L 1 /sys/kernel/debug/ sys/kernel/debug/ ├── [drwx------] bdi ├── [drwx------] block ├── [drwx------] dasd ├── [drwx------] device_component ├── [drwx------] extfrag ├── [drwx------] hid ├── [drwx------] kprobes ├── [drwx------] kvm ├── [drwx------] memblock ├── [drwx------] pm_qos ├── [drwx------] qdio ├── [drwx------] s390 ├── [drwx------] s390dbf └── [drwx------] tracing 14 directories [root@s8360047 ~]# I attached the diff of the full tree before and after the patch. -- Thomas Richter, Dept 3303, IBM s390 Linux Development, Boeblingen, Germany -- Vorsitzende des Aufsichtsrats: Martina Koederitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294 --------------5395A79255F6AB5325A9A42F Content-Type: text/x-patch; name="treefull.diff" Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="treefull.diff" 2,52c2,52 < ├── [drwxr-xr-x] bdi < │   ├── [drwxr-xr-x] 1:0 < │   ├── [drwxr-xr-x] 1:1 < │   ├── [drwxr-xr-x] 1:10 < │   ├── [drwxr-xr-x] 1:11 < │   ├── [drwxr-xr-x] 1:12 < │   ├── [drwxr-xr-x] 1:13 < │   ├── [drwxr-xr-x] 1:14 < │   ├── [drwxr-xr-x] 1:15 < │   ├── [drwxr-xr-x] 1:2 < │   ├── [drwxr-xr-x] 1:3 < │   ├── [drwxr-xr-x] 1:4 < │   ├── [drwxr-xr-x] 1:5 < │   ├── [drwxr-xr-x] 1:6 < │   ├── [drwxr-xr-x] 1:7 < │   ├── [drwxr-xr-x] 1:8 < │   ├── [drwxr-xr-x] 1:9 < │   └── [drwxr-xr-x] 94:0 < ├── [drwxr-xr-x] block < ├── [drwxr-xr-x] dasd < │   ├── [drwxr-xr-x] 0.0.e18a < │   ├── [drwxr-xr-x] dasda < │   └── [drwxr-xr-x] global < ├── [drwxr-xr-x] device_component < ├── [drwxr-xr-x] extfrag < ├── [drwxr-xr-x] hid < ├── [drwxr-xr-x] kprobes < ├── [drwxr-xr-x] kvm < ├── [drwxr-xr-x] memblock < ├── [drwxr-xr-x] pm_qos < ├── [drwxr-xr-x] qdio < │   └── [drwxr-xr-x] 0.0.f5f2 < ├── [drwxr-xr-x] s390 < │   └── [drwxr-xr-x] stsi < ├── [drwxr-xr-x] s390dbf < │   ├── [drwxr-xr-x] 0.0.e18a < │   ├── [drwxr-xr-x] cio_crw < │   ├── [drwxr-xr-x] cio_msg < │   ├── [drwxr-xr-x] cio_trace < │   ├── [drwxr-xr-x] dasd < │   ├── [drwxr-xr-x] kvm-trace < │   ├── [drwxr-xr-x] lgr < │   ├── [drwxr-xr-x] qdio_0.0.f5f2 < │   ├── [drwxr-xr-x] qdio_error < │   ├── [drwxr-xr-x] qdio_setup < │   ├── [drwxr-xr-x] qeth_card_0.0.f5f0 < │   ├── [drwxr-xr-x] qeth_control < │   ├── [drwxr-xr-x] qeth_msg < │   ├── [drwxr-xr-x] qeth_setup < │   ├── [drwxr-xr-x] vmcp < │   └── [drwxr-xr-x] vmur --- > ├── [drwx------] bdi > │   ├── [drwx------] 1:0 > │   ├── [drwx------] 1:1 > │   ├── [drwx------] 1:10 > │   ├── [drwx------] 1:11 > │   ├── [drwx------] 1:12 > │   ├── [drwx------] 1:13 > │   ├── [drwx------] 1:14 > │   ├── [drwx------] 1:15 > │   ├── [drwx------] 1:2 > │   ├── [drwx------] 1:3 > │   ├── [drwx------] 1:4 > │   ├── [drwx------] 1:5 > │   ├── [drwx------] 1:6 > │   ├── [drwx------] 1:7 > │   ├── [drwx------] 1:8 > │   ├── [drwx------] 1:9 > │   └── [drwx------] 94:0 > ├── [drwx------] block > ├── [drwx------] dasd > │   ├── [drwx------] 0.0.e18a > │   ├── [drwx------] dasda > │   └── [drwx------] global > ├── [drwx------] device_component > ├── [drwx------] extfrag > ├── [drwx------] hid > ├── [drwx------] kprobes > ├── [drwx------] kvm > ├── [drwx------] memblock > ├── [drwx------] pm_qos > ├── [drwx------] qdio > │   └── [drwx------] 0.0.f5f2 > ├── [drwx------] s390 > │   └── [drwx------] stsi > ├── [drwx------] s390dbf > │   ├── [drwx------] 0.0.e18a > │   ├── [drwx------] cio_crw > │   ├── [drwx------] cio_msg > │   ├── [drwx------] cio_trace > │   ├── [drwx------] dasd > │   ├── [drwx------] kvm-trace > │   ├── [drwx------] lgr > │   ├── [drwx------] qdio_0.0.f5f2 > │   ├── [drwx------] qdio_error > │   ├── [drwx------] qdio_setup > │   ├── [drwx------] qeth_card_0.0.f5f0 > │   ├── [drwx------] qeth_control > │   ├── [drwx------] qeth_msg > │   ├── [drwx------] qeth_setup > │   ├── [drwx------] vmcp > │   └── [drwx------] vmur --------------5395A79255F6AB5325A9A42F--