Commit fcf89d05 authored by Reinette Chatre's avatar Reinette Chatre Committed by John W. Linville

iwlwifi: fix permissions on debugfs files

debugfs files are created with 644 permissions which gives everybody
read access. This presents a security issue if a user opens the file and
holds it open at the time the driver removes the file. At this point
invalid memory will be accessed.

Fix this by only allowing root to read debugfs files.
Signed-off-by: default avatarReinette Chatre <reinette.chatre@intel.com>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent f5ad69fa
...@@ -49,7 +49,8 @@ ...@@ -49,7 +49,8 @@
#define DEBUGFS_ADD_FILE(name, parent) do { \ #define DEBUGFS_ADD_FILE(name, parent) do { \
dbgfs->dbgfs_##parent##_files.file_##name = \ dbgfs->dbgfs_##parent##_files.file_##name = \
debugfs_create_file(#name, 0644, dbgfs->dir_##parent, priv, \ debugfs_create_file(#name, S_IWUSR | S_IRUSR, \
dbgfs->dir_##parent, priv, \
&iwl_dbgfs_##name##_ops); \ &iwl_dbgfs_##name##_ops); \
if (!(dbgfs->dbgfs_##parent##_files.file_##name)) \ if (!(dbgfs->dbgfs_##parent##_files.file_##name)) \
goto err; \ goto err; \
...@@ -57,7 +58,8 @@ ...@@ -57,7 +58,8 @@
#define DEBUGFS_ADD_BOOL(name, parent, ptr) do { \ #define DEBUGFS_ADD_BOOL(name, parent, ptr) do { \
dbgfs->dbgfs_##parent##_files.file_##name = \ dbgfs->dbgfs_##parent##_files.file_##name = \
debugfs_create_bool(#name, 0644, dbgfs->dir_##parent, ptr); \ debugfs_create_bool(#name, S_IWUSR | S_IRUSR, \
dbgfs->dir_##parent, ptr); \
if (IS_ERR(dbgfs->dbgfs_##parent##_files.file_##name) \ if (IS_ERR(dbgfs->dbgfs_##parent##_files.file_##name) \
|| !dbgfs->dbgfs_##parent##_files.file_##name) \ || !dbgfs->dbgfs_##parent##_files.file_##name) \
goto err; \ goto err; \
...@@ -65,7 +67,7 @@ ...@@ -65,7 +67,7 @@
#define DEBUGFS_ADD_X32(name, parent, ptr) do { \ #define DEBUGFS_ADD_X32(name, parent, ptr) do { \
dbgfs->dbgfs_##parent##_files.file_##name = \ dbgfs->dbgfs_##parent##_files.file_##name = \
debugfs_create_x32(#name, 0444, dbgfs->dir_##parent, ptr); \ debugfs_create_x32(#name, S_IRUSR, dbgfs->dir_##parent, ptr); \
if (IS_ERR(dbgfs->dbgfs_##parent##_files.file_##name) \ if (IS_ERR(dbgfs->dbgfs_##parent##_files.file_##name) \
|| !dbgfs->dbgfs_##parent##_files.file_##name) \ || !dbgfs->dbgfs_##parent##_files.file_##name) \
goto err; \ goto err; \
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment