From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Thomas Richter <tmricht@linux.ibm.com>,
Ingo Molnar <mingo@kernel.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
Arnd Bergmann <arnd@arndb.de>,
David Howells <dhowells@redhat.com>,
"David S . Miller" <davem@davemloft.net>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Jon Medhurst <tixy@linaro.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
"Tobin C . Harding" <me@tobin.cc>,
Will Deacon <will.deacon@arm.com>,
acme@kernel.org, akpm@linux-foundation.org,
brueckner@linux.vnet.ibm.com, linux-arch@vger.kernel.org,
rostedt@goodmis.org, schwidefsky@de.ibm.com
Subject: [PATCH 4.4 74/80] kprobes: Make list and blacklist root user read only
Date: Mon, 3 Sep 2018 18:49:52 +0200 [thread overview]
Message-ID: <20180903164937.102180022@linuxfoundation.org> (raw)
In-Reply-To: <20180903164934.171677301@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Masami Hiramatsu <mhiramat@kernel.org>
commit f2a3ab36077222437b4826fc76111caa14562b7c upstream.
Since the blacklist and list files on debugfs indicates
a sensitive address information to reader, it should be
restricted to the root user.
Suggested-by: Thomas Richter <tmricht@linux.ibm.com>
Suggested-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: David Howells <dhowells@redhat.com>
Cc: David S . Miller <davem@davemloft.net>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Jon Medhurst <tixy@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tobin C . Harding <me@tobin.cc>
Cc: Will Deacon <will.deacon@arm.com>
Cc: acme@kernel.org
Cc: akpm@linux-foundation.org
Cc: brueckner@linux.vnet.ibm.com
Cc: linux-arch@vger.kernel.org
Cc: rostedt@goodmis.org
Cc: schwidefsky@de.ibm.com
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/lkml/152491890171.9916.5183693615601334087.stgit@devbox
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/kprobes.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -2441,7 +2441,7 @@ static int __init debugfs_kprobe_init(vo
if (!dir)
return -ENOMEM;
- file = debugfs_create_file("list", 0444, dir, NULL,
+ file = debugfs_create_file("list", 0400, dir, NULL,
&debugfs_kprobes_operations);
if (!file)
goto error;
@@ -2451,7 +2451,7 @@ static int __init debugfs_kprobe_init(vo
if (!file)
goto error;
- file = debugfs_create_file("blacklist", 0444, dir, NULL,
+ file = debugfs_create_file("blacklist", 0400, dir, NULL,
&debugfs_kprobe_blacklist_ops);
if (!file)
goto error;
next prev parent reply other threads:[~2018-09-03 17:02 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-03 16:48 [PATCH 4.4 00/80] 4.4.154-stable review Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 01/80] sched/sysctl: Check user input value of sysctl_sched_time_avg Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 02/80] Cipso: cipso_v4_optptr enter infinite loop Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 03/80] vti6: fix PMTU caching and reporting on xmit Greg Kroah-Hartman
2018-09-11 23:22 ` Ben Hutchings
2018-09-13 7:07 ` Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 04/80] xfrm: fix missing dst_release() after policy blocking lbcast and multicast Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 05/80] xfrm: free skb if nlsk pointer is NULL Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 06/80] mac80211: add stations tied to AP_VLANs during hw reconfig Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 07/80] nl80211: Add a missing break in parse_station_flags Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 08/80] drm/bridge: adv7511: Reset registers on hotplug Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 09/80] scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 10/80] drm/imx: imx-ldb: disable LDB on driver bind Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 11/80] drm/imx: imx-ldb: check if channel is enabled before printing warning Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 12/80] usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 13/80] usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 14/80] usb/phy: fix PPC64 build errors in phy-fsl-usb.c Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 16/80] usb: gadget: f_uac2: fix endianness of struct cntrl_*_lay3 Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 17/80] tools/power turbostat: fix -S on UP systems Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 18/80] net: caif: Add a missing rcu_read_unlock() in caif_flow_cb Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 19/80] qed: Fix possible race for the link state value Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 20/80] atl1c: reserve min skb headroom Greg Kroah-Hartman
2018-09-03 16:48 ` [PATCH 4.4 21/80] net: prevent ISA drivers from building on PPC32 Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 22/80] can: mpc5xxx_can: check of_iomap return before use Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 23/80] i2c: davinci: Avoid zero value of CLKH Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 24/80] media: staging: omap4iss: Include asm/cacheflush.h after generic includes Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 25/80] bnx2x: Fix invalid memory access in rss hash config path Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 26/80] net: axienet: Fix double deregister of mdio Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 27/80] fscache: Allow cancelled operations to be enqueued Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 28/80] cachefiles: Fix refcounting bug in backing-file read monitoring Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 29/80] cachefiles: Wait rather than BUGing on "Unexpected object collision" Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 30/80] selftests/ftrace: Add snapshot and tracing_on test case Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 31/80] zswap: re-check zswap_is_full() after do zswap_shrink() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 32/80] tools/power turbostat: Read extended processor family from CPUID Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 34/80] enic: handle mtu change for vf properly Greg Kroah-Hartman
2018-09-12 1:03 ` Ben Hutchings
2018-09-13 7:10 ` Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 35/80] arc: fix build errors in arc/include/asm/delay.h Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 36/80] arc: fix type warnings in arc/mm/cache.c Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 37/80] drivers: net: lmc: fix case value for target abort error Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 38/80] scsi: fcoe: drop frames in ELS LOGO error path Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 39/80] scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 40/80] mm/memory.c: check return value of ioremap_prot Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 41/80] cifs: add missing debug entries for kconfig options Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 42/80] cifs: check kmalloc before use Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 43/80] smb3: Do not send SMB3 SET_INFO if nothing changed Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 44/80] smb3: dont request leases in symlink creation and query Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 45/80] btrfs: dont leak ret from do_chunk_alloc Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 46/80] s390/kvm: fix deadlock when killed by oom Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 47/80] ext4: check for NUL characters in extended attributes name Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 48/80] ext4: sysfs: print ext4_super_block fields as little-endian Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 49/80] ext4: reset error code in ext4_find_entry in fallback Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 50/80] arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 51/80] KVM: arm/arm64: Skip updating PTE entry if no change Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 52/80] KVM: arm/arm64: Skip updating PMD " Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 53/80] x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 54/80] x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 55/80] x86/speculation/l1tf: Suggest what to do on systems with " Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 56/80] x86/process: Re-export start_thread() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 57/80] fuse: Dont access pipe->buffers without pipe_lock() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 58/80] fuse: fix double request_end() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 59/80] fuse: fix unlocked access to processing queue Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 60/80] fuse: umount should wait for all requests Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 61/80] fuse: Fix oops at process_init_reply() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 62/80] fuse: Add missed unlock_page() to fuse_readpages_fill() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 63/80] udl-kms: change down_interruptible to down Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 64/80] udl-kms: handle allocation failure Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 65/80] udl-kms: fix crash due to uninitialized memory Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 66/80] ASoC: dpcm: dont merge format from invalid codec dai Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 67/80] ASoC: sirf: Fix potential NULL pointer dereference Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 69/80] x86/irqflags: Mark native_restore_fl extern inline Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 70/80] x86/spectre: Add missing family 6 check to microcode check Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 71/80] s390: fix br_r1_trampoline for machines without exrl Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 72/80] s390/qdio: reset old sbal_state flags Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 73/80] s390/pci: fix out of bounds access during irq setup Greg Kroah-Hartman
2018-09-03 16:49 ` Greg Kroah-Hartman [this message]
2018-09-03 16:49 ` [PATCH 4.4 75/80] MIPS: Correct the 64-bit DSP accumulator register size Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 76/80] MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 77/80] scsi: sysfs: Introduce sysfs_{un,}break_active_protection() Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 78/80] scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 79/80] iscsi target: fix session creation failure handling Greg Kroah-Hartman
2018-09-03 16:49 ` [PATCH 4.4 80/80] cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Greg Kroah-Hartman
2018-09-04 0:42 ` [PATCH 4.4 00/80] 4.4.154-stable review Nathan Chancellor
2018-09-04 5:25 ` Greg Kroah-Hartman
2018-09-04 8:23 ` Naresh Kamboju
2018-09-04 19:26 ` Shuah Khan
2018-09-04 22:51 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180903164937.102180022@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=acme@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=ananth@in.ibm.com \
--cc=anil.s.keshavamurthy@intel.com \
--cc=arnd@arndb.de \
--cc=brueckner@linux.vnet.ibm.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=heiko.carstens@de.ibm.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=me@tobin.cc \
--cc=mhiramat@kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=schwidefsky@de.ibm.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=tixy@linaro.org \
--cc=tmricht@linux.ibm.com \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).