[kernel] r19294 - in dists/sid/linux/debian: . patches patches/debian patches/features/all
Ben Hutchings
benh at alioth.debian.org
Thu Jul 26 03:51:02 UTC 2012
Author: benh
Date: Thu Jul 26 03:51:00 2012
New Revision: 19294
Log:
debugfs: Add mode, uid and gid mount options; set default mode to 700 (Closes: #681418)
Added:
dists/sid/linux/debian/patches/debian/debugfs-set-default-mode-to-700.patch
dists/sid/linux/debian/patches/features/all/debugfs-add-mode-uid-and-gid-options.patch
Modified:
dists/sid/linux/debian/changelog
dists/sid/linux/debian/patches/series
Modified: dists/sid/linux/debian/changelog
==============================================================================
--- dists/sid/linux/debian/changelog Thu Jul 26 01:04:02 2012 (r19293)
+++ dists/sid/linux/debian/changelog Thu Jul 26 03:51:00 2012 (r19294)
@@ -37,6 +37,8 @@
* udeb: Add snd-hda-codec-ca0132 to sound-modules (Closes: #682368)
* linux-source: Suggest pkg-config, needed to build kconfig GUIs
(Closes: #682726)
+ * debugfs: Add mode, uid and gid mount options; set default mode to 700
+ (Closes: #681418)
-- Ben Hutchings <ben at decadent.org.uk> Tue, 24 Jul 2012 02:20:37 +0100
Added: dists/sid/linux/debian/patches/debian/debugfs-set-default-mode-to-700.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/sid/linux/debian/patches/debian/debugfs-set-default-mode-to-700.patch Thu Jul 26 03:51:00 2012 (r19294)
@@ -0,0 +1,27 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Subject: debugfs: Set default mode to 700
+Bug-Debian: http://bugs.debian.org/681418
+
+As discussed here
+<http://lists.linux-foundation.org/pipermail/ksummit-2012-discuss/2012-July/000891.html>.
+
+Mounting of debugfs is a significant security liability, but there are
+applications that depend on some interfaces based on debugfs and they
+(or their packages) will mount it automatically anyway.
+
+Setting the default mode for the debugfs root to 700 (accessible
+to root only) should leave it functional, since most such applications
+will require root anyway, and users can override it to relax
+permissions if they really don't care about the security problems.
+
+--- a/fs/debugfs/inode.c
++++ b/fs/debugfs/inode.c
+@@ -28,7 +28,7 @@
+ #include <linux/magic.h>
+ #include <linux/slab.h>
+
+-#define DEBUGFS_DEFAULT_MODE 0755
++#define DEBUGFS_DEFAULT_MODE 0700
+
+ static struct vfsmount *debugfs_mount;
+ static int debugfs_mount_count;
Added: dists/sid/linux/debian/patches/features/all/debugfs-add-mode-uid-and-gid-options.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/sid/linux/debian/patches/features/all/debugfs-add-mode-uid-and-gid-options.patch Thu Jul 26 03:51:00 2012 (r19294)
@@ -0,0 +1,212 @@
+From: Ludwig Nussel <ludwig.nussel at suse.de>
+Date: Wed, 25 Jan 2012 11:52:28 +0100
+Subject: debugfs: add mode, uid and gid options
+
+commit d6e486868cde585842d55ba3b6ec57af090fc343 upstream.
+
+Cautious admins may want to restrict access to debugfs. Currently a
+manual chown/chmod e.g. in an init script is needed to achieve that.
+Distributions that want to make the mount options configurable need
+to add extra config files. By allowing to set the root inode's uid,
+gid and mode via mount options no such hacks are needed anymore.
+Instead configuration becomes straight forward via fstab.
+
+Signed-off-by: Ludwig Nussel <ludwig.nussel at suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+[bwh: Backported to 3.2: super_operations::show_options takes a
+ struct vfsmount *, not a struct dentry *]
+---
+ Documentation/filesystems/debugfs.txt | 5 +-
+ fs/debugfs/inode.c | 149 ++++++++++++++++++++++++++++++++-
+ 2 files changed, 152 insertions(+), 2 deletions(-)
+
+diff --git a/Documentation/filesystems/debugfs.txt b/Documentation/filesystems/debugfs.txt
+index 6872c91..4e25758 100644
+--- a/Documentation/filesystems/debugfs.txt
++++ b/Documentation/filesystems/debugfs.txt
+@@ -14,7 +14,10 @@ Debugfs is typically mounted with a command like:
+
+ mount -t debugfs none /sys/kernel/debug
+
+-(Or an equivalent /etc/fstab line).
++(Or an equivalent /etc/fstab line).
++The debugfs root directory is accessible by anyone by default. To
++restrict access to the tree the "uid", "gid" and "mode" mount
++options can be used.
+
+ Note that the debugfs API is exported GPL-only to modules.
+
+diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
+index 956d5dd..b80bc84 100644
+--- a/fs/debugfs/inode.c
++++ b/fs/debugfs/inode.c
+@@ -23,9 +23,13 @@
+ #include <linux/debugfs.h>
+ #include <linux/fsnotify.h>
+ #include <linux/string.h>
++#include <linux/seq_file.h>
++#include <linux/parser.h>
+ #include <linux/magic.h>
+ #include <linux/slab.h>
+
++#define DEBUGFS_DEFAULT_MODE 0755
++
+ static struct vfsmount *debugfs_mount;
+ static int debugfs_mount_count;
+ static bool debugfs_registered;
+@@ -125,11 +129,154 @@ static inline int debugfs_positive(struct dentry *dentry)
+ return dentry->d_inode && !d_unhashed(dentry);
+ }
+
++struct debugfs_mount_opts {
++ uid_t uid;
++ gid_t gid;
++ umode_t mode;
++};
++
++enum {
++ Opt_uid,
++ Opt_gid,
++ Opt_mode,
++ Opt_err
++};
++
++static const match_table_t tokens = {
++ {Opt_uid, "uid=%u"},
++ {Opt_gid, "gid=%u"},
++ {Opt_mode, "mode=%o"},
++ {Opt_err, NULL}
++};
++
++struct debugfs_fs_info {
++ struct debugfs_mount_opts mount_opts;
++};
++
++static int debugfs_parse_options(char *data, struct debugfs_mount_opts *opts)
++{
++ substring_t args[MAX_OPT_ARGS];
++ int option;
++ int token;
++ char *p;
++
++ opts->mode = DEBUGFS_DEFAULT_MODE;
++
++ while ((p = strsep(&data, ",")) != NULL) {
++ if (!*p)
++ continue;
++
++ token = match_token(p, tokens, args);
++ switch (token) {
++ case Opt_uid:
++ if (match_int(&args[0], &option))
++ return -EINVAL;
++ opts->uid = option;
++ break;
++ case Opt_gid:
++ if (match_octal(&args[0], &option))
++ return -EINVAL;
++ opts->gid = option;
++ break;
++ case Opt_mode:
++ if (match_octal(&args[0], &option))
++ return -EINVAL;
++ opts->mode = option & S_IALLUGO;
++ break;
++ /*
++ * We might like to report bad mount options here;
++ * but traditionally debugfs has ignored all mount options
++ */
++ }
++ }
++
++ return 0;
++}
++
++static int debugfs_apply_options(struct super_block *sb)
++{
++ struct debugfs_fs_info *fsi = sb->s_fs_info;
++ struct inode *inode = sb->s_root->d_inode;
++ struct debugfs_mount_opts *opts = &fsi->mount_opts;
++
++ inode->i_mode &= ~S_IALLUGO;
++ inode->i_mode |= opts->mode;
++
++ inode->i_uid = opts->uid;
++ inode->i_gid = opts->gid;
++
++ return 0;
++}
++
++static int debugfs_remount(struct super_block *sb, int *flags, char *data)
++{
++ int err;
++ struct debugfs_fs_info *fsi = sb->s_fs_info;
++
++ err = debugfs_parse_options(data, &fsi->mount_opts);
++ if (err)
++ goto fail;
++
++ debugfs_apply_options(sb);
++
++fail:
++ return err;
++}
++
++static int debugfs_show_options(struct seq_file *m, struct dentry *root)
++{
++ struct debugfs_fs_info *fsi = root->d_sb->s_fs_info;
++ struct debugfs_mount_opts *opts = &fsi->mount_opts;
++
++ if (opts->uid != 0)
++ seq_printf(m, ",uid=%u", opts->uid);
++ if (opts->gid != 0)
++ seq_printf(m, ",gid=%u", opts->gid);
++ if (opts->mode != DEBUGFS_DEFAULT_MODE)
++ seq_printf(m, ",mode=%o", opts->mode);
++
++ return 0;
++}
++
++static const struct super_operations debugfs_super_operations = {
++ .statfs = simple_statfs,
++ .remount_fs = debugfs_remount,
++ .show_options = debugfs_show_options,
++};
++
+ static int debug_fill_super(struct super_block *sb, void *data, int silent)
+ {
+ static struct tree_descr debug_files[] = {{""}};
++ struct debugfs_fs_info *fsi;
++ int err;
++
++ save_mount_options(sb, data);
++
++ fsi = kzalloc(sizeof(struct debugfs_fs_info), GFP_KERNEL);
++ sb->s_fs_info = fsi;
++ if (!fsi) {
++ err = -ENOMEM;
++ goto fail;
++ }
++
++ err = debugfs_parse_options(data, &fsi->mount_opts);
++ if (err)
++ goto fail;
++
++ err = simple_fill_super(sb, DEBUGFS_MAGIC, debug_files);
++ if (err)
++ goto fail;
++
++ sb->s_op = &debugfs_super_operations;
++
++ debugfs_apply_options(sb);
++
++ return 0;
+
+- return simple_fill_super(sb, DEBUGFS_MAGIC, debug_files);
++fail:
++ kfree(fsi);
++ sb->s_fs_info = NULL;
++ return err;
+ }
+
+ static struct dentry *debug_mount(struct file_system_type *fs_type,
Modified: dists/sid/linux/debian/patches/series
==============================================================================
--- dists/sid/linux/debian/patches/series Thu Jul 26 01:04:02 2012 (r19293)
+++ dists/sid/linux/debian/patches/series Thu Jul 26 03:51:00 2012 (r19294)
@@ -365,3 +365,6 @@
debian/net-Avoid-ABI-change-in-3.2.24.patch
debian/libsas-Avoid-ABI-change-in-3.2.24.patch
debian/powerpc-cputime-Avoid-ABI-change-in-3.2.24.patch
+
+features/all/debugfs-add-mode-uid-and-gid-options.patch
+debian/debugfs-set-default-mode-to-700.patch
More information about the Kernel-svn-changes
mailing list