Re: [PATCH v8 12/12] zram: use ATTRIBUTE_GROUPS to fix sysfs deadlock module removal

From: Luis Chamberlain
Date: Mon Oct 11 2021 - 14:28:53 EST

Next message: Michael S. Tsirkin: "Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared"
Previous message: kernel test robot: "[mark:arm64/uaccess/rework 10/19] arch/arm64/mm/extable.c:40:6: warning: no previous prototype for function 'ex_handler_fixup'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 05, 2021 at 01:57:00PM -0700, Kees Cook wrote:
> On Mon, Sep 27, 2021 at 09:38:05AM -0700, Luis Chamberlain wrote:
> > The ATTRIBUTE_GROUPS is typically used to avoid boiler plate
> > code which is used in many drivers. Embracing ATTRIBUTE_GROUPS was
> > long due on the zram driver, however a recent fix for sysfs allows
> > users of ATTRIBUTE_GROUPS to also associate a module to the group
> > attribute.
>
> Does this mean that other modules using sysfs but _not_
> ATTRIBUTE_GROUPS() are still vulnerable to potential use-after-free of
> the kernfs fops?

The issue is not UAF, its the possible deadlock, but in that sense, yes.
If they don't use ATTRIBUTE_GROUPS() then there is no information being
provided to sysfs about the module owner.

Luis

Next message: Michael S. Tsirkin: "Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared"
Previous message: kernel test robot: "[mark:arm64/uaccess/rework 10/19] arch/arm64/mm/extable.c:40:6: warning: no previous prototype for function 'ex_handler_fixup'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]