Re: [PATCH v2 2/3] sysfs: Only accept read/write permissions for file attributes

From: Guenter Roeck
Date: Thu Mar 12 2015 - 06:39:29 EST

On 03/12/2015 03:01 AM, Greg Kroah-Hartman wrote:
On Wed, Mar 11, 2015 at 02:22:10PM -0400, Vivien Didelot wrote:
For sysfs file attributes, only read and write permissions make sense.
Mask provided attribute permissions accordingly and send a warning
to the console if invalid permission bits are set.

This patch is originally from Guenter [1] and includes the fixup
explained in the thread, that is printing permissions in octal format
and limiting the scope of attributes to SYSFS_PREALLOC | 0664.


Cc: Guenter Roeck <linux@xxxxxxxxxxxx>
Signed-off-by: Vivien Didelot <vivien.didelot@xxxxxxxxxxxxxxxxxxxx>
fs/sysfs/group.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
index 3fdccd9..b400c04 100644
--- a/fs/sysfs/group.c
+++ b/fs/sysfs/group.c
@@ -55,6 +55,12 @@ static int create_files(struct kernfs_node *parent, struct kobject *kobj,
if (!mode)
+ WARN(mode & ~(SYSFS_PREALLOC | 0664),
+ "Attribute %s: Invalid permissions 0%o\n",
+ (*attr)->name, mode);
+ mode &= SYSFS_PREALLOC | 0664;

How does a "normal" boot look with this warning in place? There still
seem to be a number of files in sysfs that might trigger this.

I was under the impression that they all were addressed, but I may have
missed some pattern(s). Can you point me to an example, by any chance ?

Also, we have a build-time warning if a sysfs file is this type of
attribute, shouldn't we just rely on that instead of this run-time

The mode value can be returned from an is_visible function, and even if not
there is no guarantee that the build-time warning triggers (attribute lists
can be generated manually, for example).


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at