Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp4174954ybg; Fri, 25 Oct 2019 14:33:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqwHrR8YPQvCVudfkVsEL5d8Ed+A5E/SiO+gGNMMlpYwO/Y4vItWLZZAjrXxbag9ChW47lMf X-Received: by 2002:a17:906:894:: with SMTP id n20mr5693637eje.34.1572039200346; Fri, 25 Oct 2019 14:33:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1572039200; cv=none; d=google.com; s=arc-20160816; b=fWp7NqwTzOVufo6WxEi4XkNfO+G/FTgQFGXqeRkuCbqG+6T9SO6tN2V9JKhcfR0iEE ja1IG5KPWOBYG4gqdU9QKZTEDbmGecMg8ZjQUz0XCivsE5foRb6shy8UvlJ120j+uVU0 wjW0ZxaUhf6+8X6IKUFUcxzBhyYYN/YEtnjo7P+fO7JbAU4wC3EsTSeDfLUql/9h5w3K 0Kopf+3ZzLe9sT/vNqFTbzWXjyVcYFG16olgy1nw9f6/hQYSZf9wU0kLzl24Mtk46Mbx 1K+udzr+KrW0dmGm1BXKsFB5KCno+cIrnhPRout4s0o3WqpnUSettjI15/co867VVOgX HITg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=ij/Z/Vl0R+SuKXq0xcqyy3wEvImYu+tIxm5hdXWfpdo=; b=g1DCzqYLKcaZfVMvMnEuS1sFgoqa2h3HXFvN50mn6ovB0b10xpVJ6UZcXsFn10ekN5 2PDQ6e4BFVf+Xqy6WO8zCNmkFONOpYgbSweMSXkyYVhy8cNz74Ija7o9r8CXez55ot+c f1XslRnkhDN2jNlI5QjBPPHgggfeXQ3DRn825Qgpo0aAauBZhRU82oLHPorG9Bhpr0/d /36yYRrCIzjXvCcWBsP2MYpHCKu/o/fJCWq0o161xxGtOBmJSOD0S+N8OMKw73LrhsNh yiByCKnyqu8pbgkRtFPaE+N3rIqAuTYTR+USMlAUqlhjgto/+wbLO2E37tVgxSs8EJFz 352Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="T/tcBt0t"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g23si1879698ejm.398.2019.10.25.14.32.56; Fri, 25 Oct 2019 14:33:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="T/tcBt0t"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726414AbfJYVcY (ORCPT + 99 others); Fri, 25 Oct 2019 17:32:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:59924 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726369AbfJYVcY (ORCPT ); Fri, 25 Oct 2019 17:32:24 -0400 Received: from localhost.localdomain (c-73-231-172-41.hsd1.ca.comcast.net [73.231.172.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 39215222BD; Fri, 25 Oct 2019 21:32:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1572039141; bh=0ObkKRXqTP3o1EclY5QQh8rma1cY+y7OhQpJFI1TkKw=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=T/tcBt0tR0VkYhbFAjIpfIpWfv9Qp+NQh7+uphLWp5GzeftLprDvzscysNIR+1MJO yjE79XXURlFI5e9YuPWzoAty2f17HbWrwZQUwv96BaCveEFfca+ieHDbB/Py0+eu9S oOx0S/4FxsVYyn8ImQXtxj5ftwgybT9mdMcUBI/s= Date: Fri, 25 Oct 2019 14:32:20 -0700 From: Andrew Morton To: zhanglin Cc: dan.j.williams@intel.com, jgg@ziepe.ca, mingo@kernel.org, dave.hansen@linux.intel.com, namit@vmware.com, bp@suse.de, christophe.leroy@c-s.fr, rdunlap@infradead.org, osalvador@suse.de, richardw.yang@linux.intel.com, linux-kernel@vger.kernel.org, xue.zhihong@zte.com.cn, wang.yi59@zte.com.cn, jiang.xuexin@zte.com.cn, Kees Cook Subject: Re: [PATCH] kernel: Restrict permissions of /proc/iomem. Message-Id: <20191025143220.cb15a90fe95a4ebdda70f89c@linux-foundation.org> In-Reply-To: <1571993801-12665-1-git-send-email-zhang.lin16@zte.com.cn> References: <1571993801-12665-1-git-send-email-zhang.lin16@zte.com.cn> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 25 Oct 2019 16:56:41 +0800 zhanglin wrote: > The permissions of /proc/iomem currently are -r--r--r--. Everyone can > see its content. As iomem contains information about the physical memory > content of the device, restrict the information only to root. > > ... > > --- a/kernel/resource.c > +++ b/kernel/resource.c > @@ -139,7 +139,8 @@ static int __init ioresources_init(void) > { > proc_create_seq_data("ioports", 0, NULL, &resource_op, > &ioport_resource); > - proc_create_seq_data("iomem", 0, NULL, &resource_op, &iomem_resource); > + proc_create_seq_data("iomem", S_IRUSR, NULL, &resource_op, > + &iomem_resource); > return 0; > } > __initcall(ioresources_init); It's risky to change things like this - heaven knows which userspace applications might break. Possibly we could obfuscate the information if that is considered desirable. Why is this a problem anyway? What are the possible exploit scenarios? Can't the same info be obtained by running dmesg and looking at the startup info? Can't the user who is concerned about this run chmod 0400 /proc/iomem at boot? Maybe Kees has an opinion?