Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp62714ybi; Tue, 16 Jul 2019 16:15:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqx9BqKfsgVKiRPxgK0uo7tHHlzQ8WBA93F9mWfMCwIv3Lv7TX3fLasmLfwzjV+1Ju7wPIbB X-Received: by 2002:a63:c24d:: with SMTP id l13mr37414965pgg.330.1563318946089; Tue, 16 Jul 2019 16:15:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563318946; cv=none; d=google.com; s=arc-20160816; b=RZoMV3CzpdpXP1M5lyXkFmkdJkHTsieD07WI6qUspRWwKDS7MPVlxOElK9fhLM/VRh RERkJHlJLs0cMLpFINvI7wrzt5Rkp5YV2mhirfJV6tcSxe4+YMiH9vWF+1jrdi0YjQ9Z eYKmVhyBBIOaBxfgB3P0zYaP5odMwk1TQwxB8ABVsPiCHZQ1ToCWambxOI0pvqJjHV4w ee3D7vvkUOO7LF52twh0URFzNIkWdLU1mnhSJpotEPwy4ZHW7pqgdtpOsL+JQNZxdKds J8GSIgLFjUgmtrGgTB5CVWRYkXBjKllQKyXg1QNdy/PTEWcGstX39gr4vNO3ExXHSyzO h58g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=nMOEq5k9LwHg5YaRH9wmFiFUlxyYi8/MO1Uq7XLVhXA=; b=VeUtRqfoKloaL8t/COxaGMTiK7GmG4Stu/XKUZK+/Ei6vnGp5idrT45K6gwLb6NNla TskepZDXuANl0pLErMSdz9ioWwCZghC7o0qGq2Jv1RkwEFuLFJA7QFDAq/4V/rAa2uDX qxwm44zlnLbZO3bBiyUjRNS6h+GR89T9QZOKQ/QFunhh0HThFfPQPwh6PPb+qt2Kvqgz fVE1bCPHg2xvW4wg7KfCLXquvMJSopaHJzUUpuzB3IjR5YRUqVw9+SGT+NJPmLpeFC74 GFqcJ5zrS6VVEMwJu8Y+GEylBuk4rV4+BPWpWtN6zT8HONswGtp+pmGO18JRj+Z+qbMq 0Cnw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s62si20434444pjc.75.2019.07.16.16.15.29; Tue, 16 Jul 2019 16:15:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388917AbfGPXOn (ORCPT + 99 others); Tue, 16 Jul 2019 19:14:43 -0400 Received: from mail.kernel.org ([198.145.29.99]:43770 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728601AbfGPXOn (ORCPT ); Tue, 16 Jul 2019 19:14:43 -0400 Received: from gandalf.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7A64B20880; Tue, 16 Jul 2019 23:14:41 +0000 (UTC) Date: Tue, 16 Jul 2019 19:14:39 -0400 From: Steven Rostedt To: Matthew Garrett Cc: jmorris@namei.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, Matthew Garrett Subject: Re: [PATCH V35 27/29] tracefs: Restrict tracefs when the kernel is locked down Message-ID: <20190716191439.59a1ac32@gandalf.local.home> In-Reply-To: <20190715195946.223443-28-matthewgarrett@google.com> References: <20190715195946.223443-1-matthewgarrett@google.com> <20190715195946.223443-28-matthewgarrett@google.com> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 15 Jul 2019 12:59:44 -0700 Matthew Garrett wrote: > Tracefs may release more information about the kernel than desirable, so > restrict it when the kernel is locked down in confidentiality mode by > preventing open(). > > Signed-off-by: Matthew Garrett > Cc: Steven Rostedt > --- > > @@ -389,6 +414,7 @@ struct dentry *tracefs_create_file(const char *name, umode_t mode, > { > struct dentry *dentry; > struct inode *inode; > + struct file_operations *proxy_fops; Small nit, but please add this as the first declaration, to keep the "upside-down x-mas tree" look. I know some of the other functions in this file don't follow that (which should be cleaned up some day), but I'd like to avoid adding more that breaks the aesthetic of the code. > > if (!(mode & S_IFMT)) > mode |= S_IFREG; > @@ -402,8 +428,18 @@ struct dentry *tracefs_create_file(const char *name, umode_t mode, > if (unlikely(!inode)) > return failed_creating(dentry); > > + proxy_fops = kzalloc(sizeof(struct file_operations), GFP_KERNEL); > + if (!proxy_fops) > + return failed_creating(dentry); > + > + if (fops) I think you meant "if (!fops)". -- Steve > + fops = &tracefs_file_operations; > + > + dentry->d_fsdata = (void *)fops; > + memcpy(proxy_fops, fops, sizeof(*proxy_fops)); > + proxy_fops->open = default_open_file; > inode->i_mode = mode; > - inode->i_fop = fops ? fops : &tracefs_file_operations; > + inode->i_fop = proxy_fops; > inode->i_private = data; > d_instantiate(dentry, inode); > fsnotify_create(dentry->d_parent->d_inode, dentry);