Re: [PATCH] zram: restrict add/remove attributes to root only

From: Greg KH
Date: Sun Dec 04 2016 - 06:28:30 EST


On Sun, Dec 04, 2016 at 07:52:08PM +0900, Sergey Senozhatsky wrote:
> On (12/04/16 11:28), Greg KH wrote:
> > On Sun, Dec 04, 2016 at 11:35:15AM +0900, Sergey Senozhatsky wrote:
> [..]
>
> > Why can't a normal user read the attribute? Does a read actually modify
> > something?
>
> yes, it does.

Oh that's totally and completely broken then.

Reading from a sysfs file should NEVER cause side affects to the system.
Please fix up this api.

> reading from a hot_add file creates a new zram device and returns a new
> device's device_id. not initialized device (so it does not eat the memory
> for handle table, etc.), but with its own set of sysfs attrs, etc. which
> consumes memory after all. so a 'normal' user, doing a simple read from a
> hot_add file in a loop just for fun, can create a lot of devices and,
> quite likely, cause some troubles (as reported by Steven Allen).

Please switch this to be a char device node if you wish to "write and
get a device handle back". I don't know how I missed that in the
original api review, sorry about that.

For now, you need to document the heck out of this in the attribute
declaration that this is what is going on. Otherwise someone like me
will come along and "fix up" the file to use ATTR_RO again in the
future and you will have the same problem again.

thanks,

greg k-h