[PATCH] powerpc/papr_scm: Limit the readability of 'perf_stats' sysfs attribute
Vaibhav Jain
vaibhav at linux.ibm.com
Wed Aug 19 19:19:25 AEST 2020
Thanks Aneesh and Mpe for reviewing this patch.
Michael Ellerman <mpe at ellerman.id.au> writes:
> "Aneesh Kumar K.V" <aneesh.kumar at linux.ibm.com> writes:
[snip]
>>>
>>> + /* Allow access only to perfmon capable users */
>>> + if (!perfmon_capable())
>>> + return -EACCES;
>>> +
>>
>> An access check is usually done in open(). This is the read callback IIUC.
>
> Yes. Otherwise an unprivileged user can open the file, and then trick a
> suid program into reading from it.
Agree, but since the 'open()' for this sysfs attribute is handled
by kern-fs, AFAIK dont see any direct way to enforce this policy.
Only other way it seems to me is to convert the 'perf_stats' DEVICE_ATTR_RO
to DEVICE_ATTR_ADMIN_RO.
>
> cheers
--
Cheers
~ Vaibhav
More information about the Linuxppc-dev
mailing list