[RESEND,v5,3/4] platform/chrome: cros_ec_debugfs: Fix permissions for panicinfo

Commit Message

Avadhut Naik Nov. 7, 2023, 9:36 p.m. UTC

From: Avadhut Naik <Avadhut.Naik@amd.com>

The debugfs_create_blob() function has been used to create read-only binary
blobs in debugfs. The function filters out permissions, other than S_IRUSR,
S_IRGRP and S_IROTH, provided while creating the blobs.

The very behavior though is being changed through previous patch in the
series (fs: debugfs: Add write functionality to debugfs blobs) which makes
the binary blobs writable.

As such, rectify the permissions of panicinfo file to ensure it remains
read-only.

Signed-off-by: Avadhut Naik <Avadhut.Naik@amd.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 drivers/platform/chrome/cros_ec_debugfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Luck, Tony Nov. 7, 2023, 10:35 p.m. UTC | #1

> @@ -454,7 +454,7 @@ static int cros_ec_create_panicinfo(struct cros_ec_debugfs *debug_info)
>       debug_info->panicinfo_blob.data = data;
>       debug_info->panicinfo_blob.size = ret;
>
> -     debugfs_create_blob("panicinfo", S_IFREG | 0444, debug_info->dir,
> +     debugfs_create_blob("panicinfo", 0444, debug_info->dir,
>                           &debug_info->panicinfo_blob);
>

This just looks like a bug that S_IFREG was passed in the "mode" argument.

Your change in part 2 doesn't really affect much here.

  debugfs_create_blob()
    debugfs_create_file_unsafe()
      __debugfs_create_file()

which does:

	if (!(mode & S_IFMT))
                	mode |= S_IFREG;
        	BUG_ON(!S_ISREG(mode));

So this is a fine cleanup. But your patch description about ensuring that
the file remains read-only isn't accurate. Your change didn't affect the mode
of this file.

-Tony

Naik, Avadhut Nov. 8, 2023, 6:11 p.m. UTC | #2

Hi,

On 11/7/2023 16:35, Luck, Tony wrote:
>> @@ -454,7 +454,7 @@ static int cros_ec_create_panicinfo(struct cros_ec_debugfs *debug_info)
>>       debug_info->panicinfo_blob.data = data;
>>       debug_info->panicinfo_blob.size = ret;
>>
>> -     debugfs_create_blob("panicinfo", S_IFREG | 0444, debug_info->dir,
>> +     debugfs_create_blob("panicinfo", 0444, debug_info->dir,
>>                           &debug_info->panicinfo_blob);
>>
> 
> This just looks like a bug that S_IFREG was passed in the "mode" argument.
> 
> Your change in part 2 doesn't really affect much here.
> 
>   debugfs_create_blob()
>     debugfs_create_file_unsafe()
>       __debugfs_create_file()
> 
> which does:
> 
> 	if (!(mode & S_IFMT))
>                 	mode |= S_IFREG;
>         	BUG_ON(!S_ISREG(mode));
> 
> So this is a fine cleanup. But your patch description about ensuring that
> the file remains read-only isn't accurate. Your change didn't affect the mode
> of this file.
> 
Noted. Thanks for the explanation. Will change the patch description accordingly.

> -Tony
> 
>

Patch

diff --git a/drivers/platform/chrome/cros_ec_debugfs.c b/drivers/platform/chrome/cros_ec_debugfs.c
index 091fdc154d79..6bf6f0e7b597 100644
--- a/drivers/platform/chrome/cros_ec_debugfs.c
+++ b/drivers/platform/chrome/cros_ec_debugfs.c
@@ -454,7 +454,7 @@  static int cros_ec_create_panicinfo(struct cros_ec_debugfs *debug_info)
 	debug_info->panicinfo_blob.data = data;
 	debug_info->panicinfo_blob.size = ret;
 
-	debugfs_create_blob("panicinfo", S_IFREG | 0444, debug_info->dir,
+	debugfs_create_blob("panicinfo", 0444, debug_info->dir,
 			    &debug_info->panicinfo_blob);
 
 	return 0;