From d616f56d34e2a30a4c9d6574c70b15a6082c0edc Mon Sep 17 00:00:00 2001 From: Wolfram Sang Date: Tue, 4 May 2021 15:13:49 +0200 Subject: debugfs: only accept read attributes for blobs Blobs can only be read. So, keep only 'read' file attributes because the others will not work and only confuse users. Signed-off-by: Wolfram Sang Link: https://lore.kernel.org/r/20210504131350.46586-1-wsa+renesas@sang-engineering.com Signed-off-by: Greg Kroah-Hartman --- fs/debugfs/file.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'fs/debugfs/file.c') diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index e813acfaa6e8..54f827339c38 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -980,7 +980,8 @@ static const struct file_operations fops_blob = { /** * debugfs_create_blob - create a debugfs file that is used to read a binary blob * @name: a pointer to a string containing the name of the file to create. - * @mode: the permission that the file should have + * @mode: the read permission that the file should have (other permissions are + * masked out) * @parent: a pointer to the parent dentry for this file. This should be a * directory dentry if set. If this parameter is %NULL, then the * file will be created in the root of the debugfs filesystem. @@ -1004,7 +1005,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode, struct dentry *parent, struct debugfs_blob_wrapper *blob) { - return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob); + return debugfs_create_file_unsafe(name, mode & 0444, parent, blob, &fops_blob); } EXPORT_SYMBOL_GPL(debugfs_create_blob); -- cgit v1.2.3