Re: [RFC PATCH v3 2/3] fs: debugfs: Add write functionality to debugfs blobs

[Greg KH <gregkh@linuxfoundation.org>]

On Tue, Jun 13, 2023 at 08:05:41PM +1000, Alexey Kardashevskiy wrote:
> 
> 
> On 13/6/23 17:59, Greg KH wrote:
> > On Mon, Jun 12, 2023 at 09:51:38PM +0000, Avadhut Naik wrote:
> > >   /**
> > > - * debugfs_create_blob - create a debugfs file that is used to read a binary blob
> > > + * debugfs_create_blob - create a debugfs file that is used to read and write
> > > + * a binary blob
> > >    * @name: a pointer to a string containing the name of the file to create.
> > > - * @mode: the read permission that the file should have (other permissions are
> > > - *	  masked out)
> > > + * @mode: the permission that the file should have
> > >    * @parent: a pointer to the parent dentry for this file.  This should be a
> > >    *          directory dentry if set.  If this parameter is %NULL, then the
> > >    *          file will be created in the root of the debugfs filesystem.
> > > @@ -992,7 +1010,7 @@ static const struct file_operations fops_blob = {
> > >    *
> > >    * This function creates a file in debugfs with the given name that exports
> > >    * @blob->data as a binary blob. If the @mode variable is so set it can be
> > > - * read from. Writing is not supported.
> > > + * read from and written to.
> > >    *
> > >    * This function will return a pointer to a dentry if it succeeds.  This
> > >    * pointer must be passed to the debugfs_remove() function when the file is
> > > @@ -1007,7 +1025,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode,
> > >   				   struct dentry *parent,
> > >   				   struct debugfs_blob_wrapper *blob)
> > >   {
> > > -	return debugfs_create_file_unsafe(name, mode & 0444, parent, blob, &fops_blob);
> > > +	return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob);
> > 
> > Have you audited all calls to this function to verify that you haven't
> > just turned on write access to some debugfs files?
> 
> I just did, it is one of S_IRUGO/S_IRUSR/0444/0400/(S_IFREG | 0444). So we
> are quite safe here. Except (S_IFREG | 0444) in
> drivers/platform/chrome/cros_ec_debugfs.c which seems wrong as debugfs files
> are not regular files.
> 
> > Why not rename this to debugfs_create_blob_wo() and then make a new
> > debugfs_create_blob_rw() call to ensure that it all is ok?
> 
> It is already taking the mode for this purpose. imho just
> cros_ec_create_panicinfo()'s debugfs_create_blob("panicinfo", S_IFREG |
> 0444,...) needs fixing.

Yes, well it's taking the mode, but silently modifying it :)

Ok, thanks for the audit, respin this with that fix and then I don't
have a problem with it (other than binary debugfs files fill me with
dread, what could go wrong...)

thanks,

greg k-h