Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir

From: Kees Cook
Date: Thu Jul 31 2025 - 12:54:33 EST

Next message: Xin Li: "Re: [PATCH v1 3/4] KVM: VMX: Handle the immediate form of MSR instructions"
Previous message: Jason Gunthorpe: "Re: [RFC PATCH v1 34/38] coco: guest: arm64: Validate mmio range found in the interface report"
In reply to: Jeff Layton: "Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 31, 2025 at 06:29:00AM -0400, Jeff Layton wrote:
> "If you think you can justify it (in comments and commit log) well
> enough to stand up to Linus’s scrutiny, maybe you can use “%px”, along
> with making sure you have sensible permissions."
>
> Is making it only accessible by root not sensible enough? What are
> "sensible permissions" in this instance?

Yes, I should have been more clear (or probably should update the
document), but root (uid==0) isn't a sufficient permission check, as
address exposure is supposed to be bounded by capabilities. Putting a
filename into the tree exposes the address to anything that can get a
file listing, and DAC access control isn't granular enough.

(Thank you again for the fix patch I saw in the other thread!)

--
Kees Cook

Next message: Xin Li: "Re: [PATCH v1 3/4] KVM: VMX: Handle the immediate form of MSR instructions"
Previous message: Jason Gunthorpe: "Re: [RFC PATCH v1 34/38] coco: guest: arm64: Validate mmio range found in the interface report"
In reply to: Jeff Layton: "Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]