| Message ID | 20211210014237.2130300-1-sboyd@kernel.org (mailing list archive) |
|---|---|
| State | Accepted, archived |
| Headers | show |
| Series | clk: Emit a stern warning with writable debugfs enabled | expand |
Hi Stephen, On Fri, Dec 10, 2021 at 2:42 AM Stephen Boyd <sboyd@kernel.org> wrote: > We don't want vendors to be enabling this part of the clk code and > shipping it to customers. Exposing the ability to change clk frequencies > and parents via debugfs is potentially damaging to the system if folks > don't know what they're doing. Emit a strong warning so that the message > is clear: don't enable this outside of development systems. > > Fixes: 37215da5553e ("clk: Add support for setting clk_rate via debugfs") > Cc: Geert Uytterhoeven <geert+renesas@glider.be> > Signed-off-by: Stephen Boyd <sboyd@kernel.org> Thanks for your patch! > --- a/drivers/clk/clk.c > +++ b/drivers/clk/clk.c > @@ -3383,6 +3383,24 @@ static int __init clk_debug_init(void) > { > struct clk_core *core; > > +#ifdef CLOCK_ALLOW_WRITE_DEBUGFS > + pr_warn("\n"); > + pr_warn("********************************************************************\n"); > + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n"); > + pr_warn("** **\n"); > + pr_warn("** WRITEABLE clk DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL **\n"); > + pr_warn("** **\n"); > + pr_warn("** This means that this kernel is built to expose clk operations **\n"); > + pr_warn("** such as parent or rate setting, enabling, disabling, etc. **\n"); > + pr_warn("** to userspace, which may compromise security on your system. **\n"); > + pr_warn("** **\n"); > + pr_warn("** If you see this message and you are not debugging the **\n"); > + pr_warn("** kernel, report this immediately to your vendor! **\n"); > + pr_warn("** **\n"); > + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n"); > + pr_warn("********************************************************************\n"); So how many variants of such blocks do we have now in the kernel? > +#endif > + > rootdir = debugfs_create_dir("clk", NULL); > > debugfs_create_file("clk_summary", 0444, rootdir, &all_lists, > > base-commit: fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf > prerequisite-patch-id: e0d3f8e3fa43b55e55d7c4cee7c4902ae06ea4e0 > -- > https://git.kernel.org/pub/scm/linux/kernel/git/clk/linux.git/ > https://git.kernel.org/pub/scm/linux/kernel/git/sboyd/spmi.git Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds
Quoting Geert Uytterhoeven (2021-12-09 23:57:25) > Hi Stephen, > > On Fri, Dec 10, 2021 at 2:42 AM Stephen Boyd <sboyd@kernel.org> wrote: > > We don't want vendors to be enabling this part of the clk code and > > shipping it to customers. Exposing the ability to change clk frequencies > > and parents via debugfs is potentially damaging to the system if folks > > don't know what they're doing. Emit a strong warning so that the message > > is clear: don't enable this outside of development systems. > > > > Fixes: 37215da5553e ("clk: Add support for setting clk_rate via debugfs") > > Cc: Geert Uytterhoeven <geert+renesas@glider.be> > > Signed-off-by: Stephen Boyd <sboyd@kernel.org> > > Thanks for your patch! > > > --- a/drivers/clk/clk.c > > +++ b/drivers/clk/clk.c > > @@ -3383,6 +3383,24 @@ static int __init clk_debug_init(void) > > { > > struct clk_core *core; > > > > +#ifdef CLOCK_ALLOW_WRITE_DEBUGFS > > + pr_warn("\n"); > > + pr_warn("********************************************************************\n"); > > + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n"); > > + pr_warn("** **\n"); > > + pr_warn("** WRITEABLE clk DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL **\n"); > > + pr_warn("** **\n"); > > + pr_warn("** This means that this kernel is built to expose clk operations **\n"); > > + pr_warn("** such as parent or rate setting, enabling, disabling, etc. **\n"); > > + pr_warn("** to userspace, which may compromise security on your system. **\n"); > > + pr_warn("** **\n"); > > + pr_warn("** If you see this message and you are not debugging the **\n"); > > + pr_warn("** kernel, report this immediately to your vendor! **\n"); > > + pr_warn("** **\n"); > > + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n"); > > + pr_warn("********************************************************************\n"); > > So how many variants of such blocks do we have now in the kernel? > Quite a few!
diff --git a/drivers/clk/clk.c b/drivers/clk/clk.c index 8ccedec2cc9d..ecb2a732a20d 100644 --- a/drivers/clk/clk.c +++ b/drivers/clk/clk.c @@ -3383,6 +3383,24 @@ static int __init clk_debug_init(void) { struct clk_core *core; +#ifdef CLOCK_ALLOW_WRITE_DEBUGFS + pr_warn("\n"); + pr_warn("********************************************************************\n"); + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n"); + pr_warn("** **\n"); + pr_warn("** WRITEABLE clk DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL **\n"); + pr_warn("** **\n"); + pr_warn("** This means that this kernel is built to expose clk operations **\n"); + pr_warn("** such as parent or rate setting, enabling, disabling, etc. **\n"); + pr_warn("** to userspace, which may compromise security on your system. **\n"); + pr_warn("** **\n"); + pr_warn("** If you see this message and you are not debugging the **\n"); + pr_warn("** kernel, report this immediately to your vendor! **\n"); + pr_warn("** **\n"); + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n"); + pr_warn("********************************************************************\n"); +#endif + rootdir = debugfs_create_dir("clk", NULL); debugfs_create_file("clk_summary", 0444, rootdir, &all_lists,
We don't want vendors to be enabling this part of the clk code and shipping it to customers. Exposing the ability to change clk frequencies and parents via debugfs is potentially damaging to the system if folks don't know what they're doing. Emit a strong warning so that the message is clear: don't enable this outside of development systems. Fixes: 37215da5553e ("clk: Add support for setting clk_rate via debugfs") Cc: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Stephen Boyd <sboyd@kernel.org> --- drivers/clk/clk.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) base-commit: fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf prerequisite-patch-id: e0d3f8e3fa43b55e55d7c4cee7c4902ae06ea4e0