On Tue, Oct 05, 2021 at 01:57:00PM -0700, Kees Cook wrote: > On Mon, Sep 27, 2021 at 09:38:05AM -0700, Luis Chamberlain wrote: > > The ATTRIBUTE_GROUPS is typically used to avoid boiler plate > > code which is used in many drivers. Embracing ATTRIBUTE_GROUPS was > > long due on the zram driver, however a recent fix for sysfs allows > > users of ATTRIBUTE_GROUPS to also associate a module to the group > > attribute. > > Does this mean that other modules using sysfs but _not_ > ATTRIBUTE_GROUPS() are still vulnerable to potential use-after-free of > the kernfs fops? The issue is not UAF, its the possible deadlock, but in that sense, yes. If they don't use ATTRIBUTE_GROUPS() then there is no information being provided to sysfs about the module owner. Luis
