- Kernel - mailweb.openeuler.org

Re: [PATCH openEuler-21.03] NFSv4: Fix second deadlock in nfs4_evict_inode()
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 20:55, smilezhangs 写道: > From: Trond Myklebust <trond.myklebust(a)hammerspace.com> > > stable inclusion > from stable-v5.10.44 > commit d973bd0d6e7f9b4ea976cc619e8d6e0d235b9056 > bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=462 > CVE: NA > > ------------------------------------------------- > > commit c3aba897c6e67fa464ec02b1f17911577d619713 upstream. > > If the inode is being evicted but has to return a layout first, then > that too can cause a deadlock in the corner case where the server > reboots. > > Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: Hang <haihangyiyuan(a)163.com> > Reviewed-by: Jian Cheng <cj.chengjian(a)huawei.com> > Signed-off-by: Wang ShaoBo <bobo.shaobowang(a)huawei.com> > --- > fs/nfs/nfs4proc.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > > diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c > index c92d6ff0fcea..eedcbe6832fb 100644 > --- a/fs/nfs/nfs4proc.c > +++ b/fs/nfs/nfs4proc.c > @@ -9619,15 +9619,20 @@ int nfs4_proc_layoutreturn(struct nfs4_layoutreturn *lrp, bool sync) > &task_setup_data.rpc_client, &msg); > > dprintk("--> %s\n", __func__); > + lrp->inode = nfs_igrab_and_active(lrp->args.inode); > if (!sync) { > - lrp->inode = nfs_igrab_and_active(lrp->args.inode); > if (!lrp->inode) { > nfs4_layoutreturn_release(lrp); > return -EAGAIN; > } > task_setup_data.flags |= RPC_TASK_ASYNC; > } > - nfs4_init_sequence(&lrp->args.seq_args, &lrp->res.seq_res, 1, 0); > + if (!lrp->inode) > + nfs4_init_sequence(&lrp->args.seq_args, &lrp->res.seq_res, 1, > + 1); > + else > + nfs4_init_sequence(&lrp->args.seq_args, &lrp->res.seq_res, 1, > + 0); > task = rpc_run_task(&task_setup_data); > if (IS_ERR(task)) > return PTR_ERR(task);

1 0

Re: [PATCH openEuler-21.03] net/nfc/rawsock.c: fix a permission check bug
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:10, lf 写道: > From: Jeimon <jjjinmeng.zhou(a)gmail.com> > > stable inclusion > from stable-v5.10.44 > commit 1e5cab50208c8fb7351b798cb1d569debfeb994a > bugzilla:https://bugzilla.openeuler.org/show_bug.cgi?id=371 > CVE: NA > > ------------------------------------------------- > > [ Upstream commit 8ab78863e9eff11910e1ac8bcf478060c29b379e ] > > The function rawsock_create() calls a privileged function sk_alloc(), which requires a ns-aware check to check net->user_ns, i.e., ns_capable(). However, the original code checks the init_user_ns using capable(). So we replace the capable() with ns_capable(). > > Signed-off-by: Jeimon <jjjinmeng.zhou(a)gmail.com> > Signed-off-by: David S. Miller <davem(a)davemloft.net> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > Signed-off-by: lf <15042944259(a)163.com> > --- > net/nfc/rawsock.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c > index 9c7eb8455ba8..5f1d438a0a23 100644 > --- a/net/nfc/rawsock.c > +++ b/net/nfc/rawsock.c > @@ -329,7 +329,7 @@ static int rawsock_create(struct net *net, struct socket *sock, > return -ESOCKTNOSUPPORT; > > if (sock->type == SOCK_RAW) { > - if (!capable(CAP_NET_RAW)) > + if (!ns_capable(net->user_ns, CAP_NET_RAW)) > return -EPERM; > sock->ops = &rawsock_raw_ops; > } else {

1 0

Re: [PATCH openEuler-21.03] net: mdiobus: get rid of a BUG_ON()
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:09, lf 写道: > From: Dan Carpenter <dan.carpenter(a)oracle.com> > > stable inclusion > from stable-v5.10.44 > commit be23c4af3d8a1b986fe9b43b8966797653a76ca4 > bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=341 > CVE: NA > > -------------------------------- > > [ Upstream commit 1dde47a66d4fb181830d6fa000e5ea86907b639e ] > > We spotted a bug recently during a review where a driver was > unregistering a bus that wasn't registered, which would trigger this > BUG_ON(). Let's handle that situation more gracefully, and just print > a warning and return. > > Reported-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> > Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> > Reviewed-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> > Reviewed-by: Andrew Lunn <andrew(a)lunn.ch> > Signed-off-by: David S. Miller <davem(a)davemloft.net> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > Signed-off-by: wangqing <wangqing(a)uniontech.com> > Reviewed-by: Xie XiuQi <xiexiuqi(a)huawei.com> > Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com> > --- > drivers/net/phy/mdio_bus.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/net/phy/mdio_bus.c b/drivers/net/phy/mdio_bus.c > index 757e950fb745..b848439fa837 100644 > --- a/drivers/net/phy/mdio_bus.c > +++ b/drivers/net/phy/mdio_bus.c > @@ -608,7 +608,8 @@ void mdiobus_unregister(struct mii_bus *bus) > struct mdio_device *mdiodev; > int i; > > - BUG_ON(bus->state != MDIOBUS_REGISTERED); > + if (WARN_ON_ONCE(bus->state != MDIOBUS_REGISTERED)) > + return; > bus->state = MDIOBUS_UNREGISTERED; > > for (i = 0; i < PHY_MAX_ADDR; i++) {

1 0

Re: [PATCH openEuler-21.03] Revert "ACPI: sleep: Put the FACS table after using it"
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:18, ws 写道: > From: Zhang Rui <rui.zhang(a)intel.com> > > stable inclusion > from stable-v5.10.44 > commit afd87792db355282c4608356b98bb2dd650a6885 > Bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=438 > CVE: NA > > ------------------------------------------------- > > commit f1ffa9d4cccc8fdf6c03fb1b3429154d22037988 upstream. > > Commit 95722237cb2a ("ACPI: sleep: Put the FACS table after using it") > puts the FACS table during initialization. > > But the hardware signature bits in the FACS table need to be accessed, > after every hibernation, to compare with the original hardware > signature. > > So there is no reason to release the FACS table mapping after > initialization. > > This reverts commit 95722237cb2ae4f7b73471058cdb19e8f4057c93. > > An alternative solution is to use acpi_gbl_FACS variable instead, which > is mapped by the ACPICA core and never released. > > Link: https://bugzilla.kernel.org/show_bug.cgi?id=212277 > Reported-by: Stephan Hohe <sth.dev(a)tejp.de> > Signed-off-by: Zhang Rui <rui.zhang(a)intel.com> > Cc: 5.8+ <stable(a)vger.kernel.org> # 5.8+ > Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: ws <3045672234(a)qq.com> > --- > drivers/acpi/sleep.c | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c > index aff13bf4d947..31c9d0c8ae11 100644 > --- a/drivers/acpi/sleep.c > +++ b/drivers/acpi/sleep.c > @@ -1290,10 +1290,8 @@ static void acpi_sleep_hibernate_setup(void) > return; > > acpi_get_table(ACPI_SIG_FACS, 1, (struct acpi_table_header **)&facs); > - if (facs) { > + if (facs) > s4_hardware_signature = facs->hardware_signature; > - acpi_put_table((struct acpi_table_header *)facs); > - } > } > #else /* !CONFIG_HIBERNATION */ > static inline void acpi_sleep_hibernate_setup(void) {}

1 0

Re: [PATCH openEuler-21.03] net: mdiobus: get rid of a BUG_ON()
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:27, lcr 写道: > From: Dan Carpenter <dan.carpenter(a)oracle.com> > > stable inclusion > from stable-v5.10.44 > commit be23c4af3d8a1b986fe9b43b8966797653a76ca4 > bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=341 > CVE: NA > > -------------------------------- > > [ Upstream commit 1dde47a66d4fb181830d6fa000e5ea86907b639e ] > > We spotted a bug recently during a review where a driver was > unregistering a bus that wasn't registered, which would trigger this > BUG_ON(). Let's handle that situation more gracefully, and just print > a warning and return. > > Reported-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> > Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> > Reviewed-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> > Reviewed-by: Andrew Lunn <andrew(a)lunn.ch> > Signed-off-by: David S. Miller <davem(a)davemloft.net> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > Signed-off-by: wangqing <wangqing(a)uniontech.com> > Reviewed-by: Xie XiuQi <xiexiuqi(a)huawei.com> > Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com> > --- > drivers/net/phy/mdio_bus.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/net/phy/mdio_bus.c b/drivers/net/phy/mdio_bus.c > index 757e950fb745..b848439fa837 100644 > --- a/drivers/net/phy/mdio_bus.c > +++ b/drivers/net/phy/mdio_bus.c > @@ -608,7 +608,8 @@ void mdiobus_unregister(struct mii_bus *bus) > struct mdio_device *mdiodev; > int i; > > - BUG_ON(bus->state != MDIOBUS_REGISTERED); > + if (WARN_ON_ONCE(bus->state != MDIOBUS_REGISTERED)) > + return; > bus->state = MDIOBUS_UNREGISTERED; > > for (i = 0; i < PHY_MAX_ADDR; i++) {

1 0

Re: [PATCH openEuler-21.03] RDMA/mlx4: Do not map the core_clock page to user space unless enabled
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:27, gaodawei 写道: > From: Shay Drory <shayd(a)nvidia.com> > > stable inclusion > from stable-v5.10.44 > commit cb1aa1da04882d1860f733e24aeebdbbc85724d7 > bugzilla:https://bugzilla.openeuler.org/show_bug.cgi?id=454 > CVE: NA > > ------------------------------------------------- > > commit 404e5a12691fe797486475fe28cc0b80cb8bef2c upstream. > > Currently when mlx4 maps the hca_core_clock page to the user space there > are read-modifiable registers, one of which is semaphore, on this page as > well as the clock counter. If user reads the wrong offset, it can modify > the semaphore and hang the device. > > Do not map the hca_core_clock page to the user space unless the device has > been put in a backwards compatibility mode to support this feature. > > After this patch, mlx4 core_clock won't be mapped to user space on the > majority of existing devices and the uverbs device time feature in > ibv_query_rt_values_ex() will be disabled. > > Fixes: 52033cfb5aab ("IB/mlx4: Add mmap call to map the hardware clock") > Link: https://lore.kernel.org/r/9632304e0d6790af84b3b706d8c18732bc0d5e27.16227263… > Signed-off-by: Shay Drory <shayd(a)nvidia.com> > Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> > Signed-off-by: Jason Gunthorpe <jgg(a)nvidia.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: gaodawei <810789471(a)qq.com> > --- > drivers/infiniband/hw/mlx4/main.c | 5 +---- > drivers/net/ethernet/mellanox/mlx4/fw.c | 3 +++ > drivers/net/ethernet/mellanox/mlx4/fw.h | 1 + > drivers/net/ethernet/mellanox/mlx4/main.c | 6 ++++++ > include/linux/mlx4/device.h | 1 + > 5 files changed, 12 insertions(+), 4 deletions(-) > > diff --git a/drivers/infiniband/hw/mlx4/main.c b/drivers/infiniband/hw/mlx4/main.c > index cd0fba6b0964..7b11aff8a5ea 100644 > --- a/drivers/infiniband/hw/mlx4/main.c > +++ b/drivers/infiniband/hw/mlx4/main.c > @@ -580,12 +580,9 @@ static int mlx4_ib_query_device(struct ib_device *ibdev, > props->cq_caps.max_cq_moderation_count = MLX4_MAX_CQ_COUNT; > props->cq_caps.max_cq_moderation_period = MLX4_MAX_CQ_PERIOD; > > - if (!mlx4_is_slave(dev->dev)) > - err = mlx4_get_internal_clock_params(dev->dev, &clock_params); > - > if (uhw->outlen >= resp.response_length + sizeof(resp.hca_core_clock_offset)) { > resp.response_length += sizeof(resp.hca_core_clock_offset); > - if (!err && !mlx4_is_slave(dev->dev)) { > + if (!mlx4_get_internal_clock_params(dev->dev, &clock_params)) { > resp.comp_mask |= MLX4_IB_QUERY_DEV_RESP_MASK_CORE_CLOCK_OFFSET; > resp.hca_core_clock_offset = clock_params.offset % PAGE_SIZE; > } > diff --git a/drivers/net/ethernet/mellanox/mlx4/fw.c b/drivers/net/ethernet/mellanox/mlx4/fw.c > index f6cfec81ccc3..dc4ac1a2b6b6 100644 > --- a/drivers/net/ethernet/mellanox/mlx4/fw.c > +++ b/drivers/net/ethernet/mellanox/mlx4/fw.c > @@ -823,6 +823,7 @@ int mlx4_QUERY_DEV_CAP(struct mlx4_dev *dev, struct mlx4_dev_cap *dev_cap) > #define QUERY_DEV_CAP_MAD_DEMUX_OFFSET 0xb0 > #define QUERY_DEV_CAP_DMFS_HIGH_RATE_QPN_BASE_OFFSET 0xa8 > #define QUERY_DEV_CAP_DMFS_HIGH_RATE_QPN_RANGE_OFFSET 0xac > +#define QUERY_DEV_CAP_MAP_CLOCK_TO_USER 0xc1 > #define QUERY_DEV_CAP_QP_RATE_LIMIT_NUM_OFFSET 0xcc > #define QUERY_DEV_CAP_QP_RATE_LIMIT_MAX_OFFSET 0xd0 > #define QUERY_DEV_CAP_QP_RATE_LIMIT_MIN_OFFSET 0xd2 > @@ -841,6 +842,8 @@ int mlx4_QUERY_DEV_CAP(struct mlx4_dev *dev, struct mlx4_dev_cap *dev_cap) > > if (mlx4_is_mfunc(dev)) > disable_unsupported_roce_caps(outbox); > + MLX4_GET(field, outbox, QUERY_DEV_CAP_MAP_CLOCK_TO_USER); > + dev_cap->map_clock_to_user = field & 0x80; > MLX4_GET(field, outbox, QUERY_DEV_CAP_RSVD_QP_OFFSET); > dev_cap->reserved_qps = 1 << (field & 0xf); > MLX4_GET(field, outbox, QUERY_DEV_CAP_MAX_QP_OFFSET); > diff --git a/drivers/net/ethernet/mellanox/mlx4/fw.h b/drivers/net/ethernet/mellanox/mlx4/fw.h > index 8f020f26ebf5..cf64e54eecb0 100644 > --- a/drivers/net/ethernet/mellanox/mlx4/fw.h > +++ b/drivers/net/ethernet/mellanox/mlx4/fw.h > @@ -131,6 +131,7 @@ struct mlx4_dev_cap { > u32 health_buffer_addrs; > struct mlx4_port_cap port_cap[MLX4_MAX_PORTS + 1]; > bool wol_port[MLX4_MAX_PORTS + 1]; > + bool map_clock_to_user; > }; > > struct mlx4_func_cap { > diff --git a/drivers/net/ethernet/mellanox/mlx4/main.c b/drivers/net/ethernet/mellanox/mlx4/main.c > index c326b434734e..00c84656b2e7 100644 > --- a/drivers/net/ethernet/mellanox/mlx4/main.c > +++ b/drivers/net/ethernet/mellanox/mlx4/main.c > @@ -498,6 +498,7 @@ static int mlx4_dev_cap(struct mlx4_dev *dev, struct mlx4_dev_cap *dev_cap) > } > } > > + dev->caps.map_clock_to_user = dev_cap->map_clock_to_user; > dev->caps.uar_page_size = PAGE_SIZE; > dev->caps.num_uars = dev_cap->uar_size / PAGE_SIZE; > dev->caps.local_ca_ack_delay = dev_cap->local_ca_ack_delay; > @@ -1948,6 +1949,11 @@ int mlx4_get_internal_clock_params(struct mlx4_dev *dev, > if (mlx4_is_slave(dev)) > return -EOPNOTSUPP; > > + if (!dev->caps.map_clock_to_user) { > + mlx4_dbg(dev, "Map clock to user is not supported.\n"); > + return -EOPNOTSUPP; > + } > + > if (!params) > return -EINVAL; > > diff --git a/include/linux/mlx4/device.h b/include/linux/mlx4/device.h > index 06e066e04a4b..eb8169c03d89 100644 > --- a/include/linux/mlx4/device.h > +++ b/include/linux/mlx4/device.h > @@ -631,6 +631,7 @@ struct mlx4_caps { > bool wol_port[MLX4_MAX_PORTS + 1]; > struct mlx4_rate_limit_caps rl_caps; > u32 health_buffer_addrs; > + bool map_clock_to_user; > }; > > struct mlx4_buf_list {

1 0

Re: [PATCH openEuler-21.03] NFSv4: Fix second deadlock in nfs4_evict_inode()
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:31, smilezhangs 写道: > From: Trond Myklebust <trond.myklebust(a)hammerspace.com> > > stable inclusion > from stable-v5.10.44 > commit d973bd0d6e7f9b4ea976cc619e8d6e0d235b9056 > bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=462 > CVE: NA > > ------------------------------------------------- > > commit c3aba897c6e67fa464ec02b1f17911577d619713 upstream. > > If the inode is being evicted but has to return a layout first, then > that too can cause a deadlock in the corner case where the server > reboots. > > Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: Hang <haihangyiyuan(a)163.com> > Reviewed-by: Jian Cheng <cj.chengjian(a)huawei.com> > Signed-off-by: Wang ShaoBo <bobo.shaobowang(a)huawei.com> > --- > fs/nfs/nfs4proc.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > > diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c > index c92d6ff0fcea..eedcbe6832fb 100644 > --- a/fs/nfs/nfs4proc.c > +++ b/fs/nfs/nfs4proc.c > @@ -9619,15 +9619,20 @@ int nfs4_proc_layoutreturn(struct nfs4_layoutreturn *lrp, bool sync) > &task_setup_data.rpc_client, &msg); > > dprintk("--> %s\n", __func__); > + lrp->inode = nfs_igrab_and_active(lrp->args.inode); > if (!sync) { > - lrp->inode = nfs_igrab_and_active(lrp->args.inode); > if (!lrp->inode) { > nfs4_layoutreturn_release(lrp); > return -EAGAIN; > } > task_setup_data.flags |= RPC_TASK_ASYNC; > } > - nfs4_init_sequence(&lrp->args.seq_args, &lrp->res.seq_res, 1, 0); > + if (!lrp->inode) > + nfs4_init_sequence(&lrp->args.seq_args, &lrp->res.seq_res, 1, > + 1); > + else > + nfs4_init_sequence(&lrp->args.seq_args, &lrp->res.seq_res, 1, > + 0); > task = rpc_run_task(&task_setup_data); > if (IS_ERR(task)) > return PTR_ERR(task);

1 0

Re: [PATCH openEuler-21.03] scsi: core: Only put parent device if host state differs from SHOST_CREATED
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 21:37, yangshuo 写道: > From: Ming Lei <ming.lei(a)redhat.com> > > stable inclusion > from stable-v5.10.44 > commit 5b537408f2733d510060e72596befa44c3435cb6 > bugzilla:https://bugzilla.openeuler.org/show_bug.cgi?id=403 > CVE: NA > > ------------------------------------------------- > > commit 1e0d4e6225996f05271de1ebcb1a7c9381af0b27 upstream. > > get_device(shost->shost_gendev.parent) is called after host state has > switched to SHOST_RUNNING. scsi_host_dev_release() shouldn't release the > parent device if host state is still SHOST_CREATED. > > Link: https://lore.kernel.org/r/20210602133029.2864069-5-ming.lei@redhat.com > Cc: Bart Van Assche <bvanassche(a)acm.org> > Cc: John Garry <john.garry(a)huawei.com> > Cc: Hannes Reinecke <hare(a)suse.de> > Tested-by: John Garry <john.garry(a)huawei.com> > Reviewed-by: John Garry <john.garry(a)huawei.com> > Signed-off-by: Ming Lei <ming.lei(a)redhat.com> > Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: yangshuo <look4polaris(a)163.com> > --- > drivers/scsi/hosts.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/scsi/hosts.c b/drivers/scsi/hosts.c > index 2f162603876f..f1b7061aa0d9 100644 > --- a/drivers/scsi/hosts.c > +++ b/drivers/scsi/hosts.c > @@ -345,7 +345,7 @@ static void scsi_host_dev_release(struct device *dev) > > ida_simple_remove(&host_index_ida, shost->host_no); > > - if (parent) > + if (shost->shost_state != SHOST_CREATED) > put_device(parent); > kfree(shost); > }

1 0

Re: [PATCH openEuler-21.03] dm verity: fix require_signatures module_param permissions
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 22:40, huangzhuoli 写道: > From: John Keeping <john(a)metanate.com> > > stable inclusion > from stable-v5.10.44 > commit 90547d5db50bcb2705709e420e0af51535109113 > bugzilla:https://bugzilla.openeuler.org/show_bug.cgi?id=426 > CVE: NA > > ------------------------------------------------- > > [ Upstream commit 0c1f3193b1cdd21e7182f97dc9bca7d284d18a15 ] > > The third parameter of module_param() is permissions for the sysfs node > but it looks like it is being used as the initial value of the parameter > here. In fact, false here equates to omitting the file from sysfs and > does not affect the value of require_signatures. > > Making the parameter writable is not simple because going from > false->true is fine but it should not be possible to remove the > requirement to verify a signature. But it can be useful to inspect the > value of this parameter from userspace, so change the permissions to > make a read-only file in sysfs. > > Signed-off-by: John Keeping <john(a)metanate.com> > Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > Signed-off-by: huangzhuoli <bioagr_huangzl(a)163.com> > --- > drivers/md/dm-verity-verify-sig.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/md/dm-verity-verify-sig.c b/drivers/md/dm-verity-verify-sig.c > index 614e43db93aa..919154ae4cae 100644 > --- a/drivers/md/dm-verity-verify-sig.c > +++ b/drivers/md/dm-verity-verify-sig.c > @@ -15,7 +15,7 @@ > #define DM_VERITY_VERIFY_ERR(s) DM_VERITY_ROOT_HASH_VERIFICATION " " s > > static bool require_signatures; > -module_param(require_signatures, bool, false); > +module_param(require_signatures, bool, 0444); > MODULE_PARM_DESC(require_signatures, > "Verify the roothash of dm-verity hash tree"); >

1 0

Re: [PATCH openEuler-21.03] dm verity: fix require_signatures module_param permissions
by chengjian (D) 26 Oct '21

26 Oct '21

Reviewed-by: Cheng Jian <cj.chengjian(a)huawei.com> 在 2021/10/23 22:40, huangzhuoli 写道: > From: John Keeping <john(a)metanate.com> > > stable inclusion > from stable-v5.10.44 > commit 90547d5db50bcb2705709e420e0af51535109113 > bugzilla:https://bugzilla.openeuler.org/show_bug.cgi?id=426 > CVE: NA > > ------------------------------------------------- > > [ Upstream commit 0c1f3193b1cdd21e7182f97dc9bca7d284d18a15 ] > > The third parameter of module_param() is permissions for the sysfs node > but it looks like it is being used as the initial value of the parameter > here. In fact, false here equates to omitting the file from sysfs and > does not affect the value of require_signatures. > > Making the parameter writable is not simple because going from > false->true is fine but it should not be possible to remove the > requirement to verify a signature. But it can be useful to inspect the > value of this parameter from userspace, so change the permissions to > make a read-only file in sysfs. > > Signed-off-by: John Keeping <john(a)metanate.com> > Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > Signed-off-by: huangzhuoli <bioagr_huangzl(a)163.com> > --- > drivers/md/dm-verity-verify-sig.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/md/dm-verity-verify-sig.c b/drivers/md/dm-verity-verify-sig.c > index 614e43db93aa..919154ae4cae 100644 > --- a/drivers/md/dm-verity-verify-sig.c > +++ b/drivers/md/dm-verity-verify-sig.c > @@ -15,7 +15,7 @@ > #define DM_VERITY_VERIFY_ERR(s) DM_VERITY_ROOT_HASH_VERIFICATION " " s > > static bool require_signatures; > -module_param(require_signatures, bool, false); > +module_param(require_signatures, bool, 0444); > MODULE_PARM_DESC(require_signatures, > "Verify the roothash of dm-verity hash tree"); >

1 0

2025

2024

2023

2022

2021

2020

2019

Kernel