From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932445AbcFNVTd (ORCPT ); Tue, 14 Jun 2016 17:19:33 -0400 Received: from userp1040.oracle.com ([156.151.31.81]:33529 "EHLO userp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752779AbcFNVTb (ORCPT ); Tue, 14 Jun 2016 17:19:31 -0400 Subject: Re: [PATCH v2] kernel/kcov: unproxify debugfs file's fops To: Greg Kroah-Hartman , Nicolai Stange References: <1464091505-20943-1-git-send-email-nicstange@gmail.com> <20160524143955.GA28161@kroah.com> Cc: Andrew Morton , Dmitry Vyukov , Kees Cook , Andrey Ryabinin , James Morse , linux-kernel@vger.kernel.org From: Sasha Levin Message-ID: <576074D1.5000803@oracle.com> Date: Tue, 14 Jun 2016 17:19:13 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <20160524143955.GA28161@kroah.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Source-IP: userv0021.oracle.com [156.151.31.71] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 05/24/2016 10:39 AM, Greg Kroah-Hartman wrote: > On Tue, May 24, 2016 at 02:05:05PM +0200, Nicolai Stange wrote: >> > Since commit 49d200deaa68 ("debugfs: prevent access to removed files' >> > private data"), a debugfs file's file_operations methods get proxied >> > through lifetime aware wrappers. >> > >> > However, only a certain subset of the file_operations members is supported >> > by debugfs and ->mmap isn't among them -- it appears to be NULL from the >> > VFS layer's perspective. >> > >> > This behaviour breaks the /sys/kernel/debug/kcov file introduced >> > concurrently with commit 5c9a8750a640 ("kernel: add kcov code coverage"). >> > >> > Since that file never gets removed, there is no file removal race and thus, >> > a lifetime checking proxy isn't needed. >> > >> > Avoid the proxying for /sys/kernel/debug/kcov by creating it via >> > debugfs_create_file_unsafe() rather than debugfs_create_file(). >> > >> > Fixes: 49d200deaa68 ("debugfs: prevent access to removed files' private >> > data") >> > Fixes: 5c9a8750a640 ("kernel: add kcov code coverage") >> > Signed-off-by: Nicolai Stange >> > --- >> > The v1 thread can be found at >> > http://lkml.kernel.org/g/1464011147-31836-1-git-send-email-nicstange@gmail.com >> > >> > Changes to v1: >> > - Following the suggestion of Kees Cook, a comment explaining why the use >> > of debugfs_create_file_unsafe() is actually safe there has been added. >> > >> > This issue has been debugged and reported by >> > Sasha Levin : >> > http://lkml.kernel.org/g/573F4200.3080208@oracle.com >> > >> > Applicable to linux-next 20160524. >> > In particular, it depends on >> > - c64688081490 ("debugfs: add support for self-protecting attribute file >> > fops") >> > - 5c9a8750a640 ("kernel: add kcov code coverage") >> > >> > kernel/kcov.c | 7 ++++++- >> > 1 file changed, 6 insertions(+), 1 deletion(-) >> > >> > diff --git a/kernel/kcov.c b/kernel/kcov.c >> > index a02f2dd..8d44b3f 100644 >> > --- a/kernel/kcov.c >> > +++ b/kernel/kcov.c >> > @@ -264,7 +264,12 @@ static const struct file_operations kcov_fops = { >> > >> > static int __init kcov_init(void) >> > { >> > - if (!debugfs_create_file("kcov", 0600, NULL, NULL, &kcov_fops)) { >> > + /* >> > + * The kcov debugfs file won't ever get removed and thus, >> > + * there is no need to protect it against removal races. The >> > + * use of debugfs_create_file_unsafe() is actually safe here. >> > + */ >> > + if (!debugfs_create_file_unsafe("kcov", 0600, NULL, NULL, &kcov_fops)) { >> > pr_err("failed to create kcov in debugfs\n"); >> > return -ENOMEM; >> > } > Thanks, I'll queue this up after 4.7-rc1 is out. Hey Greg, Just wanted to remind you about this one. Thanks, Sasha