linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] clk: Emit a stern warning with writable debugfs enabled
@ 2021-12-10  1:42 Stephen Boyd
  2021-12-10  7:57 ` Geert Uytterhoeven
  0 siblings, 1 reply; 3+ messages in thread
From: Stephen Boyd @ 2021-12-10  1:42 UTC (permalink / raw)
  To: Michael Turquette, Stephen Boyd
  Cc: linux-kernel, linux-clk, Geert Uytterhoeven

We don't want vendors to be enabling this part of the clk code and
shipping it to customers. Exposing the ability to change clk frequencies
and parents via debugfs is potentially damaging to the system if folks
don't know what they're doing. Emit a strong warning so that the message
is clear: don't enable this outside of development systems.

Fixes: 37215da5553e ("clk: Add support for setting clk_rate via debugfs")
Cc: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Stephen Boyd <sboyd@kernel.org>
---
 drivers/clk/clk.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/drivers/clk/clk.c b/drivers/clk/clk.c
index 8ccedec2cc9d..ecb2a732a20d 100644
--- a/drivers/clk/clk.c
+++ b/drivers/clk/clk.c
@@ -3383,6 +3383,24 @@ static int __init clk_debug_init(void)
 {
 	struct clk_core *core;
 
+#ifdef CLOCK_ALLOW_WRITE_DEBUGFS
+	pr_warn("\n");
+	pr_warn("********************************************************************\n");
+	pr_warn("**     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE           **\n");
+	pr_warn("**                                                                **\n");
+	pr_warn("**  WRITEABLE clk DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL **\n");
+	pr_warn("**                                                                **\n");
+	pr_warn("** This means that this kernel is built to expose clk operations  **\n");
+	pr_warn("** such as parent or rate setting, enabling, disabling, etc.      **\n");
+	pr_warn("** to userspace, which may compromise security on your system.    **\n");
+	pr_warn("**                                                                **\n");
+	pr_warn("** If you see this message and you are not debugging the          **\n");
+	pr_warn("** kernel, report this immediately to your vendor!                **\n");
+	pr_warn("**                                                                **\n");
+	pr_warn("**     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE           **\n");
+	pr_warn("********************************************************************\n");
+#endif
+
 	rootdir = debugfs_create_dir("clk", NULL);
 
 	debugfs_create_file("clk_summary", 0444, rootdir, &all_lists,

base-commit: fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf
prerequisite-patch-id: e0d3f8e3fa43b55e55d7c4cee7c4902ae06ea4e0
-- 
https://git.kernel.org/pub/scm/linux/kernel/git/clk/linux.git/
https://git.kernel.org/pub/scm/linux/kernel/git/sboyd/spmi.git


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] clk: Emit a stern warning with writable debugfs enabled
  2021-12-10  1:42 [PATCH] clk: Emit a stern warning with writable debugfs enabled Stephen Boyd
@ 2021-12-10  7:57 ` Geert Uytterhoeven
  2021-12-10 23:12   ` Stephen Boyd
  0 siblings, 1 reply; 3+ messages in thread
From: Geert Uytterhoeven @ 2021-12-10  7:57 UTC (permalink / raw)
  To: Stephen Boyd; +Cc: Michael Turquette, Linux Kernel Mailing List, linux-clk

Hi Stephen,

On Fri, Dec 10, 2021 at 2:42 AM Stephen Boyd <sboyd@kernel.org> wrote:
> We don't want vendors to be enabling this part of the clk code and
> shipping it to customers. Exposing the ability to change clk frequencies
> and parents via debugfs is potentially damaging to the system if folks
> don't know what they're doing. Emit a strong warning so that the message
> is clear: don't enable this outside of development systems.
>
> Fixes: 37215da5553e ("clk: Add support for setting clk_rate via debugfs")
> Cc: Geert Uytterhoeven <geert+renesas@glider.be>
> Signed-off-by: Stephen Boyd <sboyd@kernel.org>

Thanks for your patch!

> --- a/drivers/clk/clk.c
> +++ b/drivers/clk/clk.c
> @@ -3383,6 +3383,24 @@ static int __init clk_debug_init(void)
>  {
>         struct clk_core *core;
>
> +#ifdef CLOCK_ALLOW_WRITE_DEBUGFS
> +       pr_warn("\n");
> +       pr_warn("********************************************************************\n");
> +       pr_warn("**     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE           **\n");
> +       pr_warn("**                                                                **\n");
> +       pr_warn("**  WRITEABLE clk DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL **\n");
> +       pr_warn("**                                                                **\n");
> +       pr_warn("** This means that this kernel is built to expose clk operations  **\n");
> +       pr_warn("** such as parent or rate setting, enabling, disabling, etc.      **\n");
> +       pr_warn("** to userspace, which may compromise security on your system.    **\n");
> +       pr_warn("**                                                                **\n");
> +       pr_warn("** If you see this message and you are not debugging the          **\n");
> +       pr_warn("** kernel, report this immediately to your vendor!                **\n");
> +       pr_warn("**                                                                **\n");
> +       pr_warn("**     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE           **\n");
> +       pr_warn("********************************************************************\n");

So how many variants of such blocks do we have now in the kernel?

> +#endif
> +
>         rootdir = debugfs_create_dir("clk", NULL);
>
>         debugfs_create_file("clk_summary", 0444, rootdir, &all_lists,
>
> base-commit: fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf
> prerequisite-patch-id: e0d3f8e3fa43b55e55d7c4cee7c4902ae06ea4e0
> --
> https://git.kernel.org/pub/scm/linux/kernel/git/clk/linux.git/
> https://git.kernel.org/pub/scm/linux/kernel/git/sboyd/spmi.git

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] clk: Emit a stern warning with writable debugfs enabled
  2021-12-10  7:57 ` Geert Uytterhoeven
@ 2021-12-10 23:12   ` Stephen Boyd
  0 siblings, 0 replies; 3+ messages in thread
From: Stephen Boyd @ 2021-12-10 23:12 UTC (permalink / raw)
  To: Geert Uytterhoeven
  Cc: Michael Turquette, Linux Kernel Mailing List, linux-clk

Quoting Geert Uytterhoeven (2021-12-09 23:57:25)
> Hi Stephen,
> 
> On Fri, Dec 10, 2021 at 2:42 AM Stephen Boyd <sboyd@kernel.org> wrote:
> > We don't want vendors to be enabling this part of the clk code and
> > shipping it to customers. Exposing the ability to change clk frequencies
> > and parents via debugfs is potentially damaging to the system if folks
> > don't know what they're doing. Emit a strong warning so that the message
> > is clear: don't enable this outside of development systems.
> >
> > Fixes: 37215da5553e ("clk: Add support for setting clk_rate via debugfs")
> > Cc: Geert Uytterhoeven <geert+renesas@glider.be>
> > Signed-off-by: Stephen Boyd <sboyd@kernel.org>
> 
> Thanks for your patch!
> 
> > --- a/drivers/clk/clk.c
> > +++ b/drivers/clk/clk.c
> > @@ -3383,6 +3383,24 @@ static int __init clk_debug_init(void)
> >  {
> >         struct clk_core *core;
> >
> > +#ifdef CLOCK_ALLOW_WRITE_DEBUGFS
> > +       pr_warn("\n");
> > +       pr_warn("********************************************************************\n");
> > +       pr_warn("**     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE           **\n");
> > +       pr_warn("**                                                                **\n");
> > +       pr_warn("**  WRITEABLE clk DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL **\n");
> > +       pr_warn("**                                                                **\n");
> > +       pr_warn("** This means that this kernel is built to expose clk operations  **\n");
> > +       pr_warn("** such as parent or rate setting, enabling, disabling, etc.      **\n");
> > +       pr_warn("** to userspace, which may compromise security on your system.    **\n");
> > +       pr_warn("**                                                                **\n");
> > +       pr_warn("** If you see this message and you are not debugging the          **\n");
> > +       pr_warn("** kernel, report this immediately to your vendor!                **\n");
> > +       pr_warn("**                                                                **\n");
> > +       pr_warn("**     NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE           **\n");
> > +       pr_warn("********************************************************************\n");
> 
> So how many variants of such blocks do we have now in the kernel?
> 

Quite a few!

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-12-10 23:12 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-10  1:42 [PATCH] clk: Emit a stern warning with writable debugfs enabled Stephen Boyd
2021-12-10  7:57 ` Geert Uytterhoeven
2021-12-10 23:12   ` Stephen Boyd

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).