ACK / APPLIED[D/Unstable]: [SRU][PATCH 1/1][C, D, u] UBUNTU: SAUCE: debugfs: avoid EPERM when no open file operation defined
Seth Forshee
seth.forshee at canonical.com
Wed Jan 9 21:18:31 UTC 2019
On Wed, Jan 09, 2019 at 12:52:35PM -0800, Kamal Mostafa wrote:
> From: Vasily Gorbik <gor at linux.ibm.com>
>
> BugLink: https://bugs.launchpad.net/bugs/1807686
>
> With "debugfs: Restrict debugfs when the kernel is locked down"
> return code "r" is unconditionally set to -EPERM, which stays like that
> until function return if no "open" file operation defined, effectivelly
> resulting in "Operation not permitted" for all such files despite kernel
> lock down status or CONFIG_LOCK_DOWN_KERNEL being enabled.
>
> In particular this breaks 2 debugfs files on s390:
> /sys/kernel/debug/s390_hypfs/diag_304
> /sys/kernel/debug/s390_hypfs/diag_204
>
> To address that set EPERM return code only when debugfs_is_locked_down
> returns true.
>
> Fixes: 3fc322605158 ("debugfs: Restrict debugfs when the kernel is locked down")
> Signed-off-by: Vasily Gorbik <gor at linux.ibm.com>
> Reference: https://lore.kernel.org/patchwork/patch/1015495/
> Fixes: a1ba65da9cea ("UBUNTU: SAUCE: (efi-lockdown) debugfs: Restrict debugfs when the kernel is locked down")
> Signed-off-by: Kamal Mostafa <kamal at canonical.com>
Looks correct.
Acked-by: Seth Forshee <seth.forshee at canonical.com>
Applied to disco/master-next and unstable/master. I'll also point the
guys maintaining the lockdown patches at this to try and get it
incorporated there. Thanks!
More information about the kernel-team
mailing list