Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1707520imm; Sat, 16 Jun 2018 01:10:30 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKU7K2NeaM+9c2gJdSUkK/RoTznwG96WqS9SiRbwqQMNX7H9V1Lg6rp4B7nzvgzkJxOjASn X-Received: by 2002:a62:4255:: with SMTP id p82-v6mr5463160pfa.227.1529136630545; Sat, 16 Jun 2018 01:10:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529136630; cv=none; d=google.com; s=arc-20160816; b=JJ/1Rx1Wf0Yqb8bEKdbQVHTvoFuBfH962qPACI5TjIuiqi+qVziNYQpbaZUP5tcMQP x8AuRilSTsMB1UPRdt/2du59ntgNe+Gwcey3wmVZBcvEVlp8jt08evOIXSK1FRqF4XGK 2QocAxrKIVeHh3yT187AmJPjTNbG2KmD7GfVYoZ+KFOLuhWy9tGEXQr335XHuk21b4Km nlPDVlQN2bro5NPhxAzZbQgieywp27sJqLIVyFxoUhIaLZZMkGssRqjkblHWXtri51BG 1pE+yHADEvZ7Q8/KBl/jfHWwRXEzIdyenM0vGbdKb6JJUzv79VwRh2aBlBay0XcE9KFK 6Rbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:reply-to:mime-version:dkim-signature :arc-authentication-results; bh=RQNVUFk5wBRArzV/fdrwoI0x5mEfVxwFCUI/F4yjT8g=; b=bWdWd6CAHP0XIIxKVTOJLj8chvxye7h9WO8m57C6F++iwSdpX+Ee/5k/A2uDqNMJ5k M7wWisszryPhseVDW9M8VjTgOnpP5GAG5+XmGLBz2aZySZyyVoy0BYhD5YVvpD8HfuT4 vr1w8nYw2f/FPj4jEcLaedMjszQLv6x2hfZOdmxuKm7SHzZen9t7z8pIh/aKdavEIYjJ rmTZUNYAem0A41m64PEptLFqDSyKH1vG4PJFpBU0NN4MgmULlKayHopjCYydmPqEnORY jPCvcxRx9N+yP1X6sdCB0Ybhk+3fD/8bnVZB2uZfLTU0xcF5Kqt9X6mBF4kPXAUCJtmN S2nA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=DAQGLY4U; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j10-v6si9290990pff.269.2018.06.16.01.10.15; Sat, 16 Jun 2018 01:10:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=DAQGLY4U; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932385AbeFPIJr (ORCPT + 99 others); Sat, 16 Jun 2018 04:09:47 -0400 Received: from mail-ua0-f195.google.com ([209.85.217.195]:40513 "EHLO mail-ua0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753949AbeFPIJo (ORCPT ); Sat, 16 Jun 2018 04:09:44 -0400 Received: by mail-ua0-f195.google.com with SMTP id l11-v6so7868350uak.7 for ; Sat, 16 Jun 2018 01:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=RQNVUFk5wBRArzV/fdrwoI0x5mEfVxwFCUI/F4yjT8g=; b=DAQGLY4UzDtvufcY8yM13dIVM6hpSWAdmRMDq1IZGExn9h3JI3E1jeOSNdcN8vZ+61 TtbgBL8boUJYCtKrpBiPCp+2H/WvUxQQCE2cswpu37hboIhjkI81JswTXXTWOMf97T4d gtufYpSlh2F06udC+Jtpt0L9FsKZqSgkeiSMS/oRezYcdTlUDONpvFlDyY7bskM0pP/c NKkF/FKDxmxFIExvy4vr1SwmNMYtQ9v2Si55Drbtgeo5yQrqMgVrCaY1As1KuPNbBsWZ MqSHUUeygPnT7DlXrxgRuFX2NHXnrMgtJgm0I38eDlstGitgd0T/qJFULyFlTV61o+pd 9eUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=RQNVUFk5wBRArzV/fdrwoI0x5mEfVxwFCUI/F4yjT8g=; b=rFKvu39dppEzzdvuFmIyrN57TeCjVpJH/uIYSMhtELxojNuttwyOcSPIcpNl2w+KoK ECzZbcEf1UoaakjriJhSmnNs0V1BUYc+7lX+3szlnEYcy8rT8g+EDuwmcJKbextbkpku mDaJ3FWogcUooGhcDP9z0CGENtjolyZEtzAMl/Bvoha3a3aiMAwhAwICC+ynrD9M3/pO vl23YroxanAc2GJZqocNS20q3ME5MGUZ7STthWiVmOO86tLaTGA82oJ6Uk2uHbBhe3uY +d56SgceZO+O8SIYQ4urEhwCXxmcaKh7nwlA8t502dENrgJwXph9aNqoCVNY4UfmMoce xEyQ== X-Gm-Message-State: APt69E2IyQsG+/ad0Ebms5UCeSQNZD+QQlSrBob6zbifW8Tv6+leZYoO lV9HTfKW2EOVHwsi9mk520nmTtCHFJssxk0JXnc= X-Received: by 2002:ab0:1571:: with SMTP id p46-v6mr2965857uae.129.1529136583033; Sat, 16 Jun 2018 01:09:43 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a67:3593:0:0:0:0:0 with HTTP; Sat, 16 Jun 2018 01:09:42 -0700 (PDT) Reply-To: rajatxjain@gmail.com In-Reply-To: <20180616071108.GB30558@kroah.com> References: <20180616012910.152694-1-rajatja@google.com> <20180616071108.GB30558@kroah.com> From: Rajat Jain Date: Sat, 16 Jun 2018 01:09:42 -0700 Message-ID: Subject: Re: [PATCH] sysfs: Fix internal_create_group() for named group updates To: Greg Kroah-Hartman Cc: Rajat Jain , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Greg, Thanks for your review. On Sat, Jun 16, 2018 at 12:11 AM, Greg Kroah-Hartman wrote: > On Fri, Jun 15, 2018 at 06:29:10PM -0700, Rajat Jain wrote: >> There are a couple of problems with named group updates in the code >> today: >> >> * sysfs_update_group() will always fail for a named group, because >> internal_create_group() will try to create a new sysfs directory >> unconditionally, which will ofcourse fail with -EEXIST. >> >> * We can leak the kernfs_node for grp->name if some one tries to: >> - rename a group (change grp->name), or >> - update a named group, to an unnamed group >> >> It appears that the whole purpose of sysfs_update_group() was to >> allow changing the permissions or visibility of attributes and not >> the names. So make it clear in the comments, and allow it to update >> an existing named group. > > Who uses sysfs_update_group() today that has these problems? Or do you > want to use it in new code? How can it be broken today so badly that it > does not work? Sorry, my bad, I need to provide more clarification: None of the existing users of this API use it on a named attribute group, thus will not see this issue. I hit this issue while writing new code (However, since then my code logic has changed so that it does not need to use this API anymore). I'm just trying to fix an issue with this API, that I stumbled upon, which might be seen in future by any new code that uses this API with named attribute groups. At the minimum, I think we should clarify in comments (or better yet, ensure) that this API cannot be misused. > >> Signed-off-by: Rajat Jain >> --- >> fs/sysfs/group.c | 26 +++++++++++++++++++------- >> 1 file changed, 19 insertions(+), 7 deletions(-) >> >> diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c >> index 4802ec0e1e3a..8bd10dc730ae 100644 >> --- a/fs/sysfs/group.c >> +++ b/fs/sysfs/group.c >> @@ -119,12 +119,23 @@ static int internal_create_group(struct kobject *kobj, int update, >> return -EINVAL; >> } >> if (grp->name) { >> - kn = kernfs_create_dir(kobj->sd, grp->name, >> - S_IRWXU | S_IRUGO | S_IXUGO, kobj); >> - if (IS_ERR(kn)) { >> - if (PTR_ERR(kn) == -EEXIST) >> - sysfs_warn_dup(kobj->sd, grp->name); >> - return PTR_ERR(kn); >> + if (update) { >> + kn = kernfs_find_and_get(kobj->sd, grp->name); >> + if (!kn) { >> + WARN(1, >> + "Can't update unknown attr grp name: %s/%s\n", >> + kobj->name, grp->name); >> + return -EINVAL; > > This is going to cause the syzbot to bug the heck out of us, as people > do run with panic-on-warning. Just make this a "normal" error message > and dump the stack if you want that. Agreed, I will turn into a normal error. > > But maybe we should just get rid of this function entirely, it feels > very ackward and I can't remember why we added it... There are a couple of existing in-tree users of this API, and I do not understand a lot about that code. Thanks & Best Regards, Rajat > > thanks, > > greg k-h