From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by galois.linutronix.de (Postfix) with ESMTPS id 5B1F340340 for ; Tue, 14 Jul 2020 08:01:31 +0200 (CEST) Date: Tue, 14 Jul 2020 08:01:28 +0200 From: Greg KH Subject: [MODERATED] Re: [PATCH] Raffle 0 Message-ID: <20200714060128.GA656691@kroah.com> References: <5f0cf7c5.1c69fb81.99805.3f5fSMTPIN_ADDED_BROKEN@mx.google.com> MIME-Version: 1.0 In-Reply-To: <5f0cf7c5.1c69fb81.99805.3f5fSMTPIN_ADDED_BROKEN@mx.google.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Mon, Jul 13, 2020 at 05:03:44PM -0700, speck for Pawan Gupta wrote: > From: Pawan Gupta > Subject: [PATCH] powercap: restrict energy meter to root access > > From: Len Brown > > Remove non-privileged user access to power data contained in > /sys/class/powercap/intel_rapl/*/energy_uj > > Non-privileged users currently have read access to power data and can > use this data to form a security attack. Some privileged > drivers/applications need read access to this data but don't expose it > to non-privileged users. > > For example, thermald uses this data to ensure that power management > works correctly. Thus removing non-privileged access is preferred over > completely disabling this power reporting capability with > CONFIG_INTEL_RAPL=n. > > Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") > Signed-off-by: Len Brown > --- > drivers/powercap/powercap_sys.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c > index f808c5fa9838..3f0b8e2ef3d4 100644 > --- a/drivers/powercap/powercap_sys.c > +++ b/drivers/powercap/powercap_sys.c > @@ -367,9 +367,9 @@ static void create_power_zone_common_attributes( > &dev_attr_max_energy_range_uj.attr; > if (power_zone->ops->get_energy_uj) { > if (power_zone->ops->reset_energy_uj) > - dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; > + dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; > else > - dev_attr_energy_uj.attr.mode = S_IRUGO; > + dev_attr_energy_uj.attr.mode = S_IRUSR; > power_zone->zone_dev_attrs[count++] = > &dev_attr_energy_uj.attr; > } On a meta-level, this function is all wrong. The list of attributes should always be fixed, and the "is_visable" callback should be the thing that both sets the mode, and determines if the specific attribute should be present or not for that specific device. So fixing that all up to work "properly" would make a lot more sense. thanks, greg k-h