On Mon, Jun 12, 2023 at 09:51:38PM +0000, Avadhut Naik wrote:
> /**
> - * debugfs_create_blob - create a debugfs file that is used to read a binary blob
> + * debugfs_create_blob - create a debugfs file that is used to read and write
> + * a binary blob
> * @name: a pointer to a string containing the name of the file to create.
> - * @mode: the read permission that the file should have (other permissions are
> - * masked out)
> + * @mode: the permission that the file should have
> * @parent: a pointer to the parent dentry for this file. This should be a
> * directory dentry if set. If this parameter is %NULL, then the
> * file will be created in the root of the debugfs filesystem.
> @@ -992,7 +1010,7 @@ static const struct file_operations fops_blob = {
> *
> * This function creates a file in debugfs with the given name that exports
> * @blob->data as a binary blob. If the @mode variable is so set it can be
> - * read from. Writing is not supported.
> + * read from and written to.
> *
> * This function will return a pointer to a dentry if it succeeds. This
> * pointer must be passed to the debugfs_remove() function when the file is
> @@ -1007,7 +1025,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode,
> struct dentry *parent,
> struct debugfs_blob_wrapper *blob)
> {
> - return debugfs_create_file_unsafe(name, mode & 0444, parent, blob, &fops_blob);
> + return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob);
Have you audited all calls to this function to verify that you haven't
just turned on write access to some debugfs files?
Why not rename this to debugfs_create_blob_wo() and then make a new
debugfs_create_blob_rw() call to ensure that it all is ok?
thanks,
greg k-h
