[PATCH v2 57/57][X] UBUNTU: SAUCE: (efi-lockdown) debugfs: Disallow use of debugfs files when the kernel is locked down
Andrea Righi
andrea.righi at canonical.com
Mon Jun 22 08:45:53 UTC 2020
On Fri, Jun 19, 2020 at 11:50:10AM -0500, Seth Forshee wrote:
> From: David Howells <dhowells at redhat.com>
>
> BugLink: https://bugs.launchpad.net/bugs/1884159
>
> Disallow opening of debugfs files when the kernel is locked down as various
> drivers give raw access to hardware through debugfs.
I was noticing that starting from disco the policy for debugfs is to
permit access only to world-readable files when the kernel is locked
down, but in bionic (and also here in xenial) we are preventing any kind
of access to debugfs.
I guess this is fine, since we want to stick with the upstream
lockdown policy, but I just want to make sure this is what we want.
-Andrea
>
> Accesses to tracefs should use /sys/kernel/tracing/ rather than
> /sys/kernel/debug/tracing/. Possibly a symlink should be emplaced.
>
> Normal device interaction should be done through configfs or a miscdev, not
> debugfs.
>
> Note that this makes it unnecessary to specifically lock down show_dsts(),
> show_devs() and show_call() in the asus-wmi driver.
>
> Signed-off-by: David Howells <dhowells at redhat.com>
> cc: Andy Shevchenko <andy.shevchenko at gmail.com>
> cc: acpi4asus-user at lists.sourceforge.net
> cc: platform-driver-x86 at vger.kernel.org
> cc: Matthew Garrett <matthew.garrett at nebula.com>
> cc: Thomas Gleixner <tglx at linutronix.de>
> (backported from commit 125da2e1c5d0a6aca5faafba336c8e8506a4e000
> git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git)
> Signed-off-by: Seth Forshee <seth.forshee at canonical.com>
> ---
> fs/debugfs/file.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
> index 592059f88e04..98521a791504 100644
> --- a/fs/debugfs/file.c
> +++ b/fs/debugfs/file.c
> @@ -106,6 +106,9 @@ static int open_proxy_open(struct inode *inode, struct file *filp)
> const struct file_operations *real_fops = NULL;
> int srcu_idx, r;
>
> + if (secure_modules())
> + return -EPERM;
> +
> r = debugfs_use_file_start(dentry, &srcu_idx);
> if (r) {
> r = -ENOENT;
> @@ -235,6 +238,9 @@ static int full_proxy_open(struct inode *inode, struct file *filp)
> struct file_operations *proxy_fops = NULL;
> int srcu_idx, r;
>
> + if (secure_modules())
> + return -EPERM;
> +
> r = debugfs_use_file_start(dentry, &srcu_idx);
> if (r) {
> r = -ENOENT;
> --
> 2.27.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list