Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs... | netdev

[PATCH v15 0/9] ref_tracker: add ability to register a debugfs file for a ref_tracker_dir · Jeff Layton <jlayton@kernel.org> · 2025-06-18
[PATCH v15 1/9] ref_tracker: don't use %pK in pr_ostream() output · Jeff Layton <jlayton@kernel.org> · 2025-06-18
[PATCH v15 2/9] ref_tracker: add a top level debugfs directory for ref_tracker · Jeff Layton <jlayton@kernel.org> · 2025-06-18
[PATCH v15 3/9] ref_tracker: have callers pass output function to pr_ostream() · Jeff Layton <jlayton@kernel.org> · 2025-06-18
Re: [PATCH v15 3/9] ref_tracker: have callers pass output function to pr_ostream() · Krzysztof Karas <hidden> · 2025-06-23
[PATCH v15 4/9] ref_tracker: add a static classname string to each ref_tracker_dir · Jeff Layton <jlayton@kernel.org> · 2025-06-18
Re: [PATCH v15 4/9] ref_tracker: add a static classname string to each ref_tracker_dir · Krzysztof Karas <hidden> · 2025-06-23
[PATCH v15 5/9] ref_tracker: allow pr_ostream() to print directly to a seq_file · Jeff Layton <jlayton@kernel.org> · 2025-06-18
Re: [PATCH v15 5/9] ref_tracker: allow pr_ostream() to print directly to a seq_file · Krzysztof Karas <hidden> · 2025-06-23
Re: [PATCH v15 5/9] ref_tracker: allow pr_ostream() to print directly to a seq_file · Jeff Layton <jlayton@kernel.org> · 2025-06-23
Re: [PATCH v15 5/9] ref_tracker: allow pr_ostream() to print directly to a seq_file · Krzysztof Karas <hidden> · 2025-06-27
[PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir · Jeff Layton <jlayton@kernel.org> · 2025-06-18
Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir · Kees Cook <kees@kernel.org> · 2025-07-30
Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir · Jeff Layton <jlayton@kernel.org> · 2025-07-31
Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir · Kees Cook <kees@kernel.org> · 2025-07-31
[PATCH v15 7/9] ref_tracker: add a way to create a symlink to the ref_tracker_dir debugfs file · Jeff Layton <jlayton@kernel.org> · 2025-06-18
[PATCH v15 8/9] net: add symlinks to ref_tracker_dir for netns · Jeff Layton <jlayton@kernel.org> · 2025-06-18
[PATCH v15 9/9] ref_tracker: eliminate the ref_tracker_dir name field · Jeff Layton <jlayton@kernel.org> · 2025-06-18
Re: [PATCH v15 0/9] ref_tracker: add ability to register a debugfs file for a ref_tracker_dir · Jakub Kicinski <kuba@kernel.org> · 2025-06-20
Re: [PATCH v15 0/9] ref_tracker: add ability to register a debugfs file for a ref_tracker_dir · Eric Dumazet <edumazet@google.com> · 2025-06-21

Re: [PATCH v15 6/9] ref_tracker: automatically register a file in debugfs for a ref_tracker_dir

From: Kees Cook <kees@kernel.org>
Date: 2025-07-31 16:54:22
Also in: dri-devel, intel-gfx, lkml

On Thu, Jul 31, 2025 at 06:29:00AM -0400, Jeff Layton wrote:

"If you think you can justify it (in comments and commit log) well
enough to stand up to Linus’s scrutiny, maybe you can use “%px”, along
with making sure you have sensible permissions."

Is making it only accessible by root not sensible enough? What are
"sensible permissions" in this instance?

Yes, I should have been more clear (or probably should update the
document), but root (uid==0) isn't a sufficient permission check, as
address exposure is supposed to be bounded by capabilities. Putting a
filename into the tree exposes the address to anything that can get a
file listing, and DAC access control isn't granular enough.

(Thank you again for the fix patch I saw in the other thread!)

-- 
Kees Cook

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help