From: Avadhut Naik <avadnaik@amd.com>
To: "Luck, Tony" <tony.luck@intel.com>
Cc: "rafael@kernel.org" <rafael@kernel.org>,
"lenb@kernel.org" <lenb@kernel.org>,
"james.morse@arm.com" <james.morse@arm.com>,
"bp@alien8.de" <bp@alien8.de>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"alexey.kardashevskiy@amd.com" <alexey.kardashevskiy@amd.com>,
"yazen.ghannam@amd.com" <yazen.ghannam@amd.com>,
Avadhut Naik <avadhut.naik@amd.com>,
"linux-acpi@vger.kernel.org" <linux-acpi@vger.kernel.org>
Subject: Re: [RESEND v5 2/4] fs: debugfs: Add write functionality to debugfs blobs
Date: Thu, 16 Nov 2023 15:46:00 -0600 [thread overview]
Message-ID: <bfa69197-e7c0-4da8-ab1b-342aba8d6430@amd.com> (raw)
In-Reply-To: <SJ1PR11MB6083BC35F108E319B7C898DAFCB0A@SJ1PR11MB6083.namprd11.prod.outlook.com>
On 11/16/2023 12:44, Luck, Tony wrote:
>>> The minimalist change here would be to s/0444/0666/
>>>
>> Just realized that s/0444/0644/ might be an even more minimalist change since you anyways,
>> I think, need to be root for error injection through einj. Does that sound good?
>
> You need write access. I don't think you need to be root. E.g. a validation system might
> set up an "einj" group and "chmod" all these files to 0664. But that's nitpicking.
>
>>
>> In any case, using 0666 will result in the below checkpatch warning:
>>
>> [root avadnaik-linux]# ./scripts/checkpatch.pl --strict -g HEAD
>> WARNING: Exporting world writable files is usually an error. Consider more restrictive permissions.
>> #84: FILE: fs/debugfs/file.c:1063:
>> + return debugfs_create_file_unsafe(name, mode & 0666, parent, blob, &fops_blob);
>>
>> total: 0 errors, 1 warnings, 0 checks, 54 lines checked
>
> The warning is dubious. This code isn't necessarily exporting a world writeable file. But
> it does allow a caller of this routine to do that.
>
>>
>> Would you be okay with s/0444/0644/?
>
>> - return debugfs_create_file_unsafe(name, mode & 0444, parent, blob, &fops_blob);
>> + return debugfs_create_file_unsafe(name, mode & 0644, parent, blob, &fops_blob);
>
>
> Yes. This is fine (better). Make sure to mention in the commit comment that this allows
> callers to create files writeable by owner.
>
Will do. Thanks for the confirmation!
> -Tony
>
>
--
Thanks,
Avadhut Naik
next prev parent reply other threads:[~2023-11-16 21:46 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-07 21:36 [RESEND v5 0/4] Add support for Vendor Defined Error Types in Einj Module Avadhut Naik
2023-11-07 21:36 ` [RESEND v5 1/4] ACPI: APEI: EINJ: Refactor available_error_type_show() Avadhut Naik
2023-11-08 20:19 ` Borislav Petkov
2023-11-16 21:46 ` Avadhut Naik
2023-11-07 21:36 ` [RESEND v5 2/4] fs: debugfs: Add write functionality to debugfs blobs Avadhut Naik
2023-11-07 22:28 ` Luck, Tony
2023-11-08 18:09 ` Avadhut Naik
2023-11-16 17:54 ` Avadhut Naik
2023-11-16 18:44 ` Luck, Tony
2023-11-16 21:46 ` Avadhut Naik [this message]
2023-11-07 21:36 ` [RESEND v5 3/4] platform/chrome: cros_ec_debugfs: Fix permissions for panicinfo Avadhut Naik
2023-11-07 22:35 ` Luck, Tony
2023-11-08 18:11 ` Avadhut Naik
2023-11-07 21:36 ` [RESEND v5 4/4] ACPI: APEI: EINJ: Add support for vendor defined error types Avadhut Naik
2023-11-07 22:41 ` Luck, Tony
2023-11-15 12:33 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bfa69197-e7c0-4da8-ab1b-342aba8d6430@amd.com \
--to=avadnaik@amd.com \
--cc=alexey.kardashevskiy@amd.com \
--cc=avadhut.naik@amd.com \
--cc=bp@alien8.de \
--cc=gregkh@linuxfoundation.org \
--cc=james.morse@arm.com \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=tony.luck@intel.com \
--cc=yazen.ghannam@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox