historical-speck.lore.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Greg KH <gregkh@linuxfoundation.org>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH] Raffle 0
Date: Tue, 14 Jul 2020 08:01:28 +0200	[thread overview]
Message-ID: <20200714060128.GA656691@kroah.com> (raw)
In-Reply-To: <5f0cf7c5.1c69fb81.99805.3f5fSMTPIN_ADDED_BROKEN@mx.google.com>

On Mon, Jul 13, 2020 at 05:03:44PM -0700, speck for Pawan Gupta wrote:
> From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> Subject: [PATCH] powercap: restrict energy meter to root access
> 
> From: Len Brown <len.brown@intel.com>
> 
> Remove non-privileged user access to power data contained in
> /sys/class/powercap/intel_rapl/*/energy_uj
> 
> Non-privileged users currently have read access to power data and can
> use this data to form a security attack.  Some privileged
> drivers/applications need read access to this data but don't expose it
> to non-privileged users.
> 
> For example, thermald uses this data to ensure that power management
> works correctly.  Thus removing non-privileged access is preferred over
> completely disabling this power reporting capability with
> CONFIG_INTEL_RAPL=n.
> 
> Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter")
> Signed-off-by: Len Brown <len.brown@intel.com>
> ---
>  drivers/powercap/powercap_sys.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c
> index f808c5fa9838..3f0b8e2ef3d4 100644
> --- a/drivers/powercap/powercap_sys.c
> +++ b/drivers/powercap/powercap_sys.c
> @@ -367,9 +367,9 @@ static void create_power_zone_common_attributes(
>  					&dev_attr_max_energy_range_uj.attr;
>  	if (power_zone->ops->get_energy_uj) {
>  		if (power_zone->ops->reset_energy_uj)
> -			dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO;
> +			dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR;
>  		else
> -			dev_attr_energy_uj.attr.mode = S_IRUGO;
> +			dev_attr_energy_uj.attr.mode = S_IRUSR;
>  		power_zone->zone_dev_attrs[count++] =
>  					&dev_attr_energy_uj.attr;
>  	}

On a meta-level, this function is all wrong.  The list of attributes
should always be fixed, and the "is_visable" callback should be the
thing that both sets the mode, and determines if the specific attribute
should be present or not for that specific device.

So fixing that all up to work "properly" would make a lot more sense.

thanks,

greg k-h

  parent reply	other threads:[~2020-07-14  6:01 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <5f0cf7c5.1c69fb81.99805.3f5fSMTPIN_ADDED_BROKEN@mx.google.com>
2020-07-14  5:57 ` Greg KH
2020-07-14  8:03   ` Andrew Cooper
2020-07-14  8:14     ` Greg KH
2020-07-14  8:20       ` Greg KH
2020-07-14  8:36         ` Andrew Cooper
2020-07-14  8:44           ` Greg KH
2020-07-14 11:00     ` [MODERATED] Do we need this list anymore? (was Re: [PATCH] Raffle 0) Greg KH
2020-07-14 15:34       ` Thomas Gleixner
2020-07-14 22:47         ` [MODERATED] " Gomez Iglesias, Antonio
2020-07-15 13:16           ` Thomas Gleixner
2020-07-14  5:58 ` [MODERATED] Re: [PATCH] Raffle 0 Greg KH
2020-07-14  6:01 ` Greg KH [this message]
2020-07-14 22:39   ` Pawan Gupta

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200714060128.GA656691@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=speck@linutronix.de \
    --subject='[MODERATED] Re: [PATCH] Raffle 0' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).