[PATCH] debugfs: only accept read attributes for blobs

From: Wolfram Sang
Date: Tue May 04 2021 - 08:17:40 EST


Blobs can only be read. So, keep only 'read' file attributes because the
others will not work and only confuse users.

Signed-off-by: Wolfram Sang <wsa+renesas@xxxxxxxxxxxxxxxxxxxx>
---

I was confused for a second, thinking blobs can be written to. I will
fix the few in-kernel users doing it wrong seperately.

fs/debugfs/file.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
index 686e0ad28788..d6aa6e04b7af 100644
--- a/fs/debugfs/file.c
+++ b/fs/debugfs/file.c
@@ -890,7 +890,8 @@ static const struct file_operations fops_blob = {
/**
* debugfs_create_blob - create a debugfs file that is used to read a binary blob
* @name: a pointer to a string containing the name of the file to create.
- * @mode: the permission that the file should have
+ * @mode: the read permission that the file should have (other permissions are
+ * masked out)
* @parent: a pointer to the parent dentry for this file. This should be a
* directory dentry if set. If this parameter is %NULL, then the
* file will be created in the root of the debugfs filesystem.
@@ -914,7 +915,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode,
struct dentry *parent,
struct debugfs_blob_wrapper *blob)
{
- return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob);
+ return debugfs_create_file_unsafe(name, mode & S_IRUGO, parent, blob, &fops_blob);
}
EXPORT_SYMBOL_GPL(debugfs_create_blob);

--
2.30.0