Re: [PATCH] driver core: class: mark the struct class for sysfs callbacks as constant

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: "Denis Efremov (Oracle)" <efremov@linux.com>
Cc: linux-kernel@vger.kernel.org, Jens Axboe <axboe@kernel.dk>,
	Minchan Kim <minchan@kernel.org>,
	Sergey Senozhatsky <senozhatsky@chromium.org>,
	Wade Mealing <wmealing@redhat.com>
Subject: Re: [PATCH] driver core: class: mark the struct class for sysfs callbacks as constant
Date: Mon, 17 Apr 2023 19:42:21 +0200	[thread overview]
Message-ID: <2023041746-control-lunchtime-48b1@gregkh> (raw)
In-Reply-To: <6f6e01f2-b485-40c2-30fe-7b7ebbdb4010@linux.com>

On Mon, Apr 17, 2023 at 05:53:17PM +0400, Denis Efremov (Oracle) wrote:
> Hello,
> 
> On 3/25/23 12:45, Greg Kroah-Hartman wrote:
> > struct class should never be modified in a sysfs callback as there is
> > nothing in the structure to modify, and frankly, the structure is almost
> > never used in a sysfs callback, so mark it as constant to allow struct
> > class to be moved to read-only memory.
> > 
> > While we are touching all class sysfs callbacks also mark the attribute
> > as constant as it can not be modified.  The bonding code still uses this
> > structure so it can not be removed from the function callbacks.
> >
> 
> ...
> 
> > diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
> > index b7bb52f8dfbd..3feadfb96114 100644
> > --- a/drivers/block/zram/zram_drv.c
> > +++ b/drivers/block/zram/zram_drv.c
> > @@ -2424,8 +2424,8 @@ static int zram_remove(struct zram *zram)
> >   * creates a new un-initialized zram device and returns back this device's
> >   * device_id (or an error code if it fails to create a new device).
> >   */
> > -static ssize_t hot_add_show(struct class *class,
> > -			struct class_attribute *attr,
> > +static ssize_t hot_add_show(const struct class *class,
> > +			const struct class_attribute *attr,
> >  			char *buf)
> >  {
> >  	int ret;
> > @@ -2438,11 +2438,10 @@ static ssize_t hot_add_show(struct class *class,
> >  		return ret;
> >  	return scnprintf(buf, PAGE_SIZE, "%d\n", ret);
> >  }
> > -static struct class_attribute class_attr_hot_add =
> > -	__ATTR(hot_add, 0400, hot_add_show, NULL);
> > +static CLASS_ATTR_RO(hot_add);
> >  
> > -static ssize_t hot_remove_store(struct class *class,
> > -			struct class_attribute *attr,
> > +static ssize_t hot_remove_store(const struct class *class,
> > +			const struct class_attribute *attr,
> >  			const char *buf,
> >  			size_t count)
> >  {
> 
> This looks like a security regression (CVE-2020-10781).
> Previous fix 853eab68afc80f59f36bbdeb715e5c88c501e680.

{sigh}  You would have thought I would have insisted on a big comment
here about this.  I'll do so this time, thanks for letting me know.

greg k-h

     prev parent reply	other threads:[~2023-04-17 17:42 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-25  8:45 [PATCH] driver core: class: mark the struct class for sysfs callbacks as constant Greg Kroah-Hartman
2023-03-25  8:45 ` Greg Kroah-Hartman
2023-03-25  8:45 ` Greg Kroah-Hartman
2023-03-27 16:05 ` Luis Chamberlain
2023-03-27 16:05   ` Luis Chamberlain
2023-03-27 16:05   ` Luis Chamberlain
2023-04-17 13:53 ` Denis Efremov (Oracle)
2023-04-17 17:42   ` Greg Kroah-Hartman [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2023041746-control-lunchtime-48b1@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=axboe@kernel.dk \
    --cc=efremov@linux.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=minchan@kernel.org \
    --cc=senozhatsky@chromium.org \
    --cc=wmealing@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.