[PATCH] debugfs: whitelisted relay file for lockdown

From: Junxiao Bi
Date: Tue Apr 04 2023 - 22:13:21 EST

Next message: Zqiang: "[PATCH] rcu/kvfree: Invoke debug_rcu_bhead_unqueue() with check bnode->snap is done"
Previous message: Zqiang: "[PATCH] rcu/kvfree: Delay the execution of drain_page_cache()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relay files in debugfs are used for sending data from kernel to userspace,
the permission of these files are 0444, looks safe to skip lockdown.

Signed-off-by: Junxiao Bi <junxiao.bi@xxxxxxxxxx>
---
fs/debugfs/file.c | 17 +++++++++++++++++
fs/debugfs/internal.h | 5 +++++
2 files changed, 22 insertions(+)

diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
index d574bda24e21..93ab719d8c7b 100644
--- a/fs/debugfs/file.c
+++ b/fs/debugfs/file.c
@@ -20,6 +20,7 @@
#include <linux/device.h>
#include <linux/poll.h>
#include <linux/security.h>
+#include <linux/relay.h>

#include "internal.h"

@@ -137,6 +138,22 @@ void debugfs_file_put(struct dentry *dentry)
}
EXPORT_SYMBOL_GPL(debugfs_file_put);

+bool debugfs_file_is_relay(struct dentry *dentry)
+{
+ struct debugfs_fsdata *fsd;
+ void *d_fsd;
+ void *fops;
+
+ d_fsd = READ_ONCE(dentry->d_fsdata);
+ if (!((unsigned long)d_fsd & DEBUGFS_FSDATA_IS_REAL_FOPS_BIT)) {
+ fsd = d_fsd;
+ fops = (void *)fsd->real_fops;
+ } else
+ fops = (void *)((unsigned long)d_fsd &
+ ~DEBUGFS_FSDATA_IS_REAL_FOPS_BIT);
+ return fops == (void *)&relay_file_operations;
+}
+
/*
* Only permit access to world-readable files when the kernel is locked down.
* We also need to exclude any file that has ways to write or alter it as root
diff --git a/fs/debugfs/internal.h b/fs/debugfs/internal.h
index 6bcedb3f90b3..392bb1972226 100644
--- a/fs/debugfs/internal.h
+++ b/fs/debugfs/internal.h
@@ -37,6 +37,7 @@ static const char * const arch_whitelist[] = {
"mds_user_clear"
};

+extern bool debugfs_file_is_relay(struct dentry *dentry);
struct dentry *__attribute__((weak))get_arch_debugfs_dir(void) {return NULL; }

static bool debugfs_lockdown_whitelisted(struct dentry *dentry)
@@ -51,6 +52,10 @@ static bool debugfs_lockdown_whitelisted(struct dentry *dentry)
}
}

+ /* relay file is used for userspace/kernel communicate.*/
+ if (debugfs_file_is_relay(dentry))
+ return true;
+
return false;
}

--
2.24.3 (Apple Git-128)

--5iavvndJv1wOMM1M--

Next message: Zqiang: "[PATCH] rcu/kvfree: Invoke debug_rcu_bhead_unqueue() with check bnode->snap is done"
Previous message: Zqiang: "[PATCH] rcu/kvfree: Delay the execution of drain_page_cache()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]