Received: by 10.192.165.148 with SMTP id m20csp3850071imm; Mon, 30 Apr 2018 07:27:31 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoifs13H6kbClgTva0U2VD2AhzpY4rEvUhWVWgf1z1thFQ4ZV61AFWH9mGeov2dljhDU4xn X-Received: by 2002:a17:902:52ed:: with SMTP id a100-v6mr12667592pli.131.1525098451667; Mon, 30 Apr 2018 07:27:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525098451; cv=none; d=google.com; s=arc-20160816; b=g+ePho36NXlEQqY53Tmak6xWKIJIrv9UjfBJYKruvjysAxIrC1mFp4sTH1qAGNZy4C oyvclZa10gMVed+rhF/vvMug8dOr7QFyVmeX+XfbCBAf3ZlDGjhDpfzDjDbSsw+67D2T XwbovrKDthsfyDXMOTzSy2gHYT5mQIVZvwn1K7Gqh3aemJpu7Xg9HB3Va30y20f7YNm8 fOLrEyGSHQmtux0pmhuUfi5LEFft4XbIAEjkLZ6+wZG7BO22Z0P31/xy4w0HmA8u+0Qn V0hrss8r4CKJpC8XJnBzDzasnbBdGN4qz9yNoPkBlsJuXdGBbjmyPc327W8LZAA0wRo6 Sa4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dmarc-filter:arc-authentication-results; bh=CLiYImclTORKV21R8hkCpbNaigg7uoaGtUxE/OuvAts=; b=LlnsuZU2FbBoMT4vvlxeoI+Z/7jz3fuQeS8XX1VIGJwhS2csMFZRIB0YnN/OeUJPRq RDMulPxuAbGP+9AaCEYXxP12ZL/DDLWTI/A4EQV933dIWiHPK3Y9yl9H7VdcvYYViRJQ v9OY48Fvw8Y/verW41eVchXYvchaJ3pYsTBwT7fQp+a83IlW6EN971VN4HvxSmrKAMC3 Tch0fSau2vXojMLLlUSbImx+4eqZ7rXqvGN9BwjUVJiU4tUJJovXgPkD+BdfOBSsKp9y zp2Xn8ltIUJWhLdjHjDZ7dZupbV51XUVRiq/eoUM8gHzV50HAFqytsQEOxno88FbUdyL SQlw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g6-v6si7831035plt.580.2018.04.30.07.27.17; Mon, 30 Apr 2018 07:27:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754483AbeD3O0z (ORCPT + 99 others); Mon, 30 Apr 2018 10:26:55 -0400 Received: from mail.kernel.org ([198.145.29.99]:57720 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753878AbeD3O0x (ORCPT ); Mon, 30 Apr 2018 10:26:53 -0400 Received: from localhost (unknown [104.132.1.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 85D6C22C94; Mon, 30 Apr 2018 14:26:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 85D6C22C94 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: mail.kernel.org; spf=fail smtp.mailfrom=gregkh@linuxfoundation.org Date: Mon, 30 Apr 2018 07:26:43 -0700 From: Greg KH To: Jann Horn Cc: Kees Cook , Thomas Richter , Kernel Hardening , brueckner@linux.vnet.ibm.com, Martin Schwidefsky , Heiko Carstens , kernel list Subject: Re: [PATCH v2] inode: debugfs_create_dir uses mode permission from parent Message-ID: <20180430142643.GA18468@kroah.com> References: <20180427123547.15727-1-tmricht@linux.ibm.com> <20180427134936.GA31171@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.5 (2018-04-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 30, 2018 at 04:15:58PM +0200, Jann Horn wrote: > On Fri, Apr 27, 2018 at 3:49 PM, Greg KH wrote: > > I'm going to add Kees and the kernel-hardning list here, as I'd like > > their opinions for the patch below. > > > > Kees, do you have any problems with this patch? I know you worked on > > making debugfs more "secure" from non-root users, this should still keep > > the intial mount permissions all fine, right? Anything I'm not > > considering here? > > > > thanks, > > > > greg k-h > > > > On Fri, Apr 27, 2018 at 02:35:47PM +0200, Thomas Richter wrote: > >> Currently function debugfs_create_dir() creates a new > >> directory in the debugfs (usually mounted /sys/kernel/debug) > >> with permission rwxr-xr-x. This is hard coded. > >> > >> Change this to use the parent directory permission. > > AFAICS no inodes in debugfs have handlers for the ->rename, ->mkdir, > ->create inode ops. What is write permission on debugfs directories > useful for? I doubt anything :)