Re: [PATCH] tracefs/eventfs: Use root and instance inodes as default ownership
From: Steven Rostedt
Date: Fri Jan 12 2024 - 09:22:59 EST
On Fri, 12 Jan 2024 08:53:44 -0500
Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> > // We managed to open the directory so we have permission to list
> > // directory entries in "xfs".
> > fd = open("/sys/kernel/tracing/events/xfs");
> >
> > // Remove ownership so we can't open the directory anymore
> > chown("/sys/kernel/tracing/events/xfs", 0, 0);
> >
> > // Or just remove exec bit for the group and restrict to owner
> > chmod("/sys/kernel/tracing/events/xfs", 700);
> >
> > // Drop caches to force an eventfs_root_lookup() on everything
> > write("/proc/sys/vm/drop_caches", "3", 1);
>
> This requires opening the directory, then having it's permissions
> change, and then immediately dropping the caches.
>
> >
> > // Returns 0 even though directory has a lot of entries and we should be
> > // able to list them
> > getdents64(fd, ...);
>
> And do we care?
Hmm, maybe the issue you have is with the inconsistency of the action?
For this to fail, it would require the admin to do both change the
permission and to flush caches. If you don't flush the caches then the
task with the dir open can still read it regardless. If the dentries
were already created.
In that case I'm fine if we change the creation of the dentries to not
check the permission.
But for now, it's just a weird side effect that I don't really see how
it would affect any user's workflow.
-- Steve